Rewrote bc unpad functions as const time operations.

The unpad functions return the blocksize as padding position, if the padding is invalid. .
author: Never <[email protected]> 2016-12-09 13:51:55 +0100
committer: Never <[email protected]> 2016-12-09 14:00:07 +0100
commit: 2e37f7601380a09ac635941581387d4ac6b54f12 (patch)
tree: e1d16dee2c5df92b4197b2827bdddd9e4124a0ea /src/lib/modes/cbc
parent: 41e7cade5889d238ca695806451db227b9792cd9 (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/src/lib/modes/cbc/cbc.cpp b/src/lib/modes/cbc/cbc.cpp
index 592ff95e9..9fbb7023f 100644
--- a/src/lib/modes/cbc/cbc.cpp
+++ b/src/lib/modes/cbc/cbc.cpp
@@ -19,8 +19,8 @@ CBC_Mode::CBC_Mode(BlockCipher* cipher, BlockCipherModePaddingMethod* padding) :
    {
    if(m_padding && !m_padding->valid_blocksize(cipher->block_size()))
       throw Invalid_Argument("Padding " + m_padding->name() +
-                                  " cannot be used with " +
-                                  cipher->name() + "/CBC");
+                             " cannot be used with " +
+                             cipher->name() + "/CBC");
    }
 
 void CBC_Mode::clear()
@@ -243,6 +243,10 @@ void CBC_Decryption::finish(secure_vector<byte>& buffer, size_t offset)
 
    const size_t pad_bytes = BS - padding().unpad(&buffer[buffer.size()-BS], BS);
    buffer.resize(buffer.size() - pad_bytes); // remove padding
+   if(pad_bytes == 0 && padding().name() != "NoPadding")
+      {
+      throw Decoding_Error(name());
+      }
    }
 
 void CBC_Decryption::reset()
author	Never <[email protected]>	2016-12-09 13:51:55 +0100
committer	Never <[email protected]>	2016-12-09 14:00:07 +0100
commit	2e37f7601380a09ac635941581387d4ac6b54f12 (patch)
tree	e1d16dee2c5df92b4197b2827bdddd9e4124a0ea /src/lib/modes/cbc
parent	41e7cade5889d238ca695806451db227b9792cd9 (diff)