Add zero padding
diff --git a/include/polarssl/cipher.h b/include/polarssl/cipher.h
index b520d92..cf149f6 100644
--- a/include/polarssl/cipher.h
+++ b/include/polarssl/cipher.h
@@ -105,9 +105,10 @@
} cipher_mode_t;
typedef enum {
- POLARSSL_PADDING_PKCS7 = 0, /**< PKCS7 padding (default) */
- POLARSSL_PADDING_ONE_AND_ZEROS, /**< ISO/IEC 7816-4 padding */
- POLARSSL_PADDING_ZEROS_AND_LEN, /**< ANSI X.923 padding */
+ POLARSSL_PADDING_PKCS7 = 0, /**< PKCS7 padding (default) */
+ POLARSSL_PADDING_ONE_AND_ZEROS, /**< ISO/IEC 7816-4 padding */
+ POLARSSL_PADDING_ZEROS_AND_LEN, /**< ANSI X.923 padding */
+ POLARSSL_PADDING_ZEROS, /**< zero padding (not reversible!) */
} cipher_padding_t;
typedef enum {
diff --git a/library/cipher.c b/library/cipher.c
index 1abc47d..bbde944 100644
--- a/library/cipher.c
+++ b/library/cipher.c
@@ -630,6 +630,33 @@
return 0;
}
+/*
+ * Zero padding: fill with 00 ... 00
+ */
+static void add_zeros_padding( unsigned char *output,
+ size_t output_len, size_t data_len )
+{
+ unsigned char i;
+
+ for( i = data_len; i < output_len; i++ )
+ output[i] = 0x00;
+}
+
+static int get_zeros_padding( unsigned char *input, size_t input_len,
+ size_t *data_len )
+{
+ unsigned char *p = input + input_len - 1;
+ if( NULL == input || NULL == data_len )
+ return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
+
+ while( *p == 0x00 && p > input )
+ --p;
+
+ *data_len = *p == 0x00 ? 0 : p - input + 1;
+
+ return 0;
+}
+
int cipher_finish( cipher_context_t *ctx, unsigned char *output, size_t *olen)
{
int ret = 0;
@@ -709,6 +736,13 @@
return 0;
}
+ if( POLARSSL_PADDING_ZEROS == mode )
+ {
+ ctx->add_padding = add_zeros_padding;
+ ctx->get_padding = get_zeros_padding;
+ return 0;
+ }
+
return POLARSSL_ERR_CIPHER_BAD_INPUT_DATA;
}
diff --git a/tests/suites/test_suite_cipher.aes.data b/tests/suites/test_suite_cipher.aes.data
index 0ec541a..92e4567 100644
--- a/tests/suites/test_suite_cipher.aes.data
+++ b/tests/suites/test_suite_cipher.aes.data
@@ -185,6 +185,66 @@
depends_on:POLARSSL_AES_C
enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:49:POLARSSL_PADDING_ZEROS_AND_LEN
+AES Encrypt and decrypt 0 bytes with zeros padding
+depends_on:POLARSSL_AES_C
+enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:0:POLARSSL_PADDING_ZEROS
+
+AES Encrypt and decrypt 1 byte with zeros padding
+depends_on:POLARSSL_AES_C
+enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:1:POLARSSL_PADDING_ZEROS
+
+AES Encrypt and decrypt 2 bytes with zeros padding
+depends_on:POLARSSL_AES_C
+enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:2:POLARSSL_PADDING_ZEROS
+
+AES Encrypt and decrypt 7 bytes with zeros padding
+depends_on:POLARSSL_AES_C
+enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:7:POLARSSL_PADDING_ZEROS
+
+AES Encrypt and decrypt 8 bytes with zeros padding
+depends_on:POLARSSL_AES_C
+enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:8:POLARSSL_PADDING_ZEROS
+
+AES Encrypt and decrypt 9 bytes with zeros padding
+depends_on:POLARSSL_AES_C
+enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:9:POLARSSL_PADDING_ZEROS
+
+AES Encrypt and decrypt 15 bytes with zeros padding
+depends_on:POLARSSL_AES_C
+enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:15:POLARSSL_PADDING_ZEROS
+
+AES Encrypt and decrypt 16 bytes with zeros padding
+depends_on:POLARSSL_AES_C
+enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:16:POLARSSL_PADDING_ZEROS
+
+AES Encrypt and decrypt 17 bytes with zeros padding
+depends_on:POLARSSL_AES_C
+enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:17:POLARSSL_PADDING_ZEROS
+
+AES Encrypt and decrypt 31 bytes with zeros padding
+depends_on:POLARSSL_AES_C
+enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:31:POLARSSL_PADDING_ZEROS
+
+AES Encrypt and decrypt 32 bytes with zeros padding
+depends_on:POLARSSL_AES_C
+enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:32:POLARSSL_PADDING_ZEROS
+
+AES Encrypt and decrypt 33 bytes with zeros padding
+depends_on:POLARSSL_AES_C
+enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:33:POLARSSL_PADDING_ZEROS
+
+AES Encrypt and decrypt 47 bytes with zeros padding
+depends_on:POLARSSL_AES_C
+enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:47:POLARSSL_PADDING_ZEROS
+
+AES Encrypt and decrypt 48 bytes with zeros padding
+depends_on:POLARSSL_AES_C
+enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:48:POLARSSL_PADDING_ZEROS
+
+AES Encrypt and decrypt 49 bytes with zeros padding
+depends_on:POLARSSL_AES_C
+enc_dec_buf:POLARSSL_CIPHER_AES_128_CBC:AES-128-CBC:128:49:POLARSSL_PADDING_ZEROS
+
AES Encrypt and decrypt 0 bytes in multiple parts
depends_on:POLARSSL_AES_C
enc_dec_buf_multipart:POLARSSL_CIPHER_AES_128_CBC:128:0:0:
diff --git a/tests/suites/test_suite_cipher.blowfish.data b/tests/suites/test_suite_cipher.blowfish.data
index 9d09611..86a5af8 100644
--- a/tests/suites/test_suite_cipher.blowfish.data
+++ b/tests/suites/test_suite_cipher.blowfish.data
@@ -185,6 +185,66 @@
depends_on:POLARSSL_BLOWFISH_C
enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:49:POLARSSL_PADDING_ZEROS_AND_LEN
+BLOWFISH Encrypt and decrypt 0 bytes with zeros padding
+depends_on:POLARSSL_BLOWFISH_C
+enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:0:POLARSSL_PADDING_ZEROS
+
+BLOWFISH Encrypt and decrypt 1 byte with zeros padding
+depends_on:POLARSSL_BLOWFISH_C
+enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:1:POLARSSL_PADDING_ZEROS
+
+BLOWFISH Encrypt and decrypt 2 bytes with zeros padding
+depends_on:POLARSSL_BLOWFISH_C
+enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:2:POLARSSL_PADDING_ZEROS
+
+BLOWFISH Encrypt and decrypt 7 bytes with zeros padding
+depends_on:POLARSSL_BLOWFISH_C
+enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:7:POLARSSL_PADDING_ZEROS
+
+BLOWFISH Encrypt and decrypt 8 bytes with zeros padding
+depends_on:POLARSSL_BLOWFISH_C
+enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:8:POLARSSL_PADDING_ZEROS
+
+BLOWFISH Encrypt and decrypt 9 bytes with zeros padding
+depends_on:POLARSSL_BLOWFISH_C
+enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:9:POLARSSL_PADDING_ZEROS
+
+BLOWFISH Encrypt and decrypt 15 bytes with zeros padding
+depends_on:POLARSSL_BLOWFISH_C
+enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:15:POLARSSL_PADDING_ZEROS
+
+BLOWFISH Encrypt and decrypt 16 bytes with zeros padding
+depends_on:POLARSSL_BLOWFISH_C
+enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:16:POLARSSL_PADDING_ZEROS
+
+BLOWFISH Encrypt and decrypt 17 bytes with zeros padding
+depends_on:POLARSSL_BLOWFISH_C
+enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:17:POLARSSL_PADDING_ZEROS
+
+BLOWFISH Encrypt and decrypt 31 bytes with zeros padding
+depends_on:POLARSSL_BLOWFISH_C
+enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:31:POLARSSL_PADDING_ZEROS
+
+BLOWFISH Encrypt and decrypt 32 bytes with zeros padding
+depends_on:POLARSSL_BLOWFISH_C
+enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:32:POLARSSL_PADDING_ZEROS
+
+BLOWFISH Encrypt and decrypt 32 bytes with zeros padding
+depends_on:POLARSSL_BLOWFISH_C
+enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:33:POLARSSL_PADDING_ZEROS
+
+BLOWFISH Encrypt and decrypt 47 bytes with zeros padding
+depends_on:POLARSSL_BLOWFISH_C
+enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:47:POLARSSL_PADDING_ZEROS
+
+BLOWFISH Encrypt and decrypt 48 bytes with zeros padding
+depends_on:POLARSSL_BLOWFISH_C
+enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:48:POLARSSL_PADDING_ZEROS
+
+BLOWFISH Encrypt and decrypt 49 bytes with zeros padding
+depends_on:POLARSSL_BLOWFISH_C
+enc_dec_buf:POLARSSL_CIPHER_BLOWFISH_CBC:BLOWFISH-CBC:128:49:POLARSSL_PADDING_ZEROS
+
BLOWFISH Encrypt and decrypt 0 bytes in multiple parts
depends_on:POLARSSL_BLOWFISH_C
enc_dec_buf_multipart:POLARSSL_CIPHER_BLOWFISH_CBC:128:0:0:
diff --git a/tests/suites/test_suite_cipher.camellia.data b/tests/suites/test_suite_cipher.camellia.data
index eadd9eb..cff5679 100644
--- a/tests/suites/test_suite_cipher.camellia.data
+++ b/tests/suites/test_suite_cipher.camellia.data
@@ -185,6 +185,66 @@
depends_on:POLARSSL_CAMELLIA_C
enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:49:POLARSSL_PADDING_ZEROS_AND_LEN
+CAMELLIA Encrypt and decrypt 0 bytes with zeros padding
+depends_on:POLARSSL_CAMELLIA_C
+enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:0:POLARSSL_PADDING_ZEROS
+
+CAMELLIA Encrypt and decrypt 1 byte with zeros padding
+depends_on:POLARSSL_CAMELLIA_C
+enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:1:POLARSSL_PADDING_ZEROS
+
+CAMELLIA Encrypt and decrypt 2 bytes with zeros padding
+depends_on:POLARSSL_CAMELLIA_C
+enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:2:POLARSSL_PADDING_ZEROS
+
+CAMELLIA Encrypt and decrypt 7 bytes with zeros padding
+depends_on:POLARSSL_CAMELLIA_C
+enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:7:POLARSSL_PADDING_ZEROS
+
+CAMELLIA Encrypt and decrypt 8 bytes with zeros padding
+depends_on:POLARSSL_CAMELLIA_C
+enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:8:POLARSSL_PADDING_ZEROS
+
+CAMELLIA Encrypt and decrypt 9 bytes with zeros padding
+depends_on:POLARSSL_CAMELLIA_C
+enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:9:POLARSSL_PADDING_ZEROS
+
+CAMELLIA Encrypt and decrypt 15 bytes with zeros padding
+depends_on:POLARSSL_CAMELLIA_C
+enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:15:POLARSSL_PADDING_ZEROS
+
+CAMELLIA Encrypt and decrypt 16 bytes with zeros padding
+depends_on:POLARSSL_CAMELLIA_C
+enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:16:POLARSSL_PADDING_ZEROS
+
+CAMELLIA Encrypt and decrypt 17 bytes with zeros padding
+depends_on:POLARSSL_CAMELLIA_C
+enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:17:POLARSSL_PADDING_ZEROS
+
+CAMELLIA Encrypt and decrypt 31 bytes with zeros padding
+depends_on:POLARSSL_CAMELLIA_C
+enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:31:POLARSSL_PADDING_ZEROS
+
+CAMELLIA Encrypt and decrypt 32 bytes with zeros padding
+depends_on:POLARSSL_CAMELLIA_C
+enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:32:POLARSSL_PADDING_ZEROS
+
+CAMELLIA Encrypt and decrypt 32 bytes with zeros padding
+depends_on:POLARSSL_CAMELLIA_C
+enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:33:POLARSSL_PADDING_ZEROS
+
+CAMELLIA Encrypt and decrypt 47 bytes with zeros padding
+depends_on:POLARSSL_CAMELLIA_C
+enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:47:POLARSSL_PADDING_ZEROS
+
+CAMELLIA Encrypt and decrypt 48 bytes with zeros padding
+depends_on:POLARSSL_CAMELLIA_C
+enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:48:POLARSSL_PADDING_ZEROS
+
+CAMELLIA Encrypt and decrypt 49 bytes with zeros padding
+depends_on:POLARSSL_CAMELLIA_C
+enc_dec_buf:POLARSSL_CIPHER_CAMELLIA_128_CBC:CAMELLIA-128-CBC:128:49:POLARSSL_PADDING_ZEROS
+
CAMELLIA Encrypt and decrypt 0 bytes in multiple parts
depends_on:POLARSSL_CAMELLIA_C
enc_dec_buf_multipart:POLARSSL_CIPHER_CAMELLIA_128_CBC:128:0:0:
diff --git a/tests/suites/test_suite_cipher.des.data b/tests/suites/test_suite_cipher.des.data
index 5bcf603..623fbc7 100644
--- a/tests/suites/test_suite_cipher.des.data
+++ b/tests/suites/test_suite_cipher.des.data
@@ -185,6 +185,66 @@
depends_on:POLARSSL_DES_C
enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:49:POLARSSL_PADDING_ZEROS_AND_LEN
+DES Encrypt and decrypt 0 bytes with zeros padding
+depends_on:POLARSSL_DES_C
+enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:0:POLARSSL_PADDING_ZEROS
+
+DES Encrypt and decrypt 1 byte with zeros padding
+depends_on:POLARSSL_DES_C
+enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:1:POLARSSL_PADDING_ZEROS
+
+DES Encrypt and decrypt 2 bytes with zeros padding
+depends_on:POLARSSL_DES_C
+enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:2:POLARSSL_PADDING_ZEROS
+
+DES Encrypt and decrypt 7 bytes with zeros padding
+depends_on:POLARSSL_DES_C
+enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:7:POLARSSL_PADDING_ZEROS
+
+DES Encrypt and decrypt 8 bytes with zeros padding
+depends_on:POLARSSL_DES_C
+enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:8:POLARSSL_PADDING_ZEROS
+
+DES Encrypt and decrypt 9 bytes with zeros padding
+depends_on:POLARSSL_DES_C
+enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:9:POLARSSL_PADDING_ZEROS
+
+DES Encrypt and decrypt 15 bytes with zeros padding
+depends_on:POLARSSL_DES_C
+enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:15:POLARSSL_PADDING_ZEROS
+
+DES Encrypt and decrypt 16 bytes with zeros padding
+depends_on:POLARSSL_DES_C
+enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:16:POLARSSL_PADDING_ZEROS
+
+DES Encrypt and decrypt 17 bytes with zeros padding
+depends_on:POLARSSL_DES_C
+enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:17:POLARSSL_PADDING_ZEROS
+
+DES Encrypt and decrypt 31 bytes with zeros padding
+depends_on:POLARSSL_DES_C
+enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:31:POLARSSL_PADDING_ZEROS
+
+DES Encrypt and decrypt 32 bytes with zeros padding
+depends_on:POLARSSL_DES_C
+enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:32:POLARSSL_PADDING_ZEROS
+
+DES Encrypt and decrypt 32 bytes with zeros padding
+depends_on:POLARSSL_DES_C
+enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:33:POLARSSL_PADDING_ZEROS
+
+DES Encrypt and decrypt 47 bytes with zeros padding
+depends_on:POLARSSL_DES_C
+enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:47:POLARSSL_PADDING_ZEROS
+
+DES Encrypt and decrypt 48 bytes with zeros padding
+depends_on:POLARSSL_DES_C
+enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:48:POLARSSL_PADDING_ZEROS
+
+DES Encrypt and decrypt 49 bytes with zeros padding
+depends_on:POLARSSL_DES_C
+enc_dec_buf:POLARSSL_CIPHER_DES_CBC:DES-CBC:56:49:POLARSSL_PADDING_ZEROS
+
DES Encrypt and decrypt 0 bytes in multiple parts
depends_on:POLARSSL_DES_C
enc_dec_buf_multipart:POLARSSL_CIPHER_DES_CBC:56:0:0:
diff --git a/tests/suites/test_suite_cipher.padding.data b/tests/suites/test_suite_cipher.padding.data
index 51bc222..b37fa3c 100644
--- a/tests/suites/test_suite_cipher.padding.data
+++ b/tests/suites/test_suite_cipher.padding.data
@@ -120,3 +120,24 @@
Check zeros and len padding #6 (not enough zeros)
check_padding:POLARSSL_PADDING_ZEROS_AND_LEN:"DABBAD000004":POLARSSL_ERR_CIPHER_INVALID_PADDING:0
+
+Check zeros padding #1 (correct)
+check_padding:POLARSSL_PADDING_ZEROS:"DABBAD00":0:3
+
+Check zeros padding #2 (correct)
+check_padding:POLARSSL_PADDING_ZEROS:"DABBAD0000":0:3
+
+Check zeros padding #3 (correct)
+check_padding:POLARSSL_PADDING_ZEROS:"DABBAD":0:3
+
+Check zeros padding #4 (correct)
+check_padding:POLARSSL_PADDING_ZEROS:"000000":0:0
+
+Check no padding #1 (correct by definition)
+check_padding:POLARSSL_PADDING_NONE:"DABBAD00":0:4
+
+Check no padding #2 (correct by definition)
+check_padding:POLARSSL_PADDING_NONE:"DABBAD0001":0:5
+
+Check no padding #3 (correct by definition)
+check_padding:POLARSSL_PADDING_NONE:"":0:0