Changeset 36 for trunk


Ignore:
Timestamp:
02/12/13 15:47:25 (11 years ago)
Author:
tmorgan
Message:

added option for logging PKCS7 stripping/sanity checking

Location:
trunk/lib/bletchley
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/lib/bletchley/CBC/__init__.py

    r35 r36  
    284284            decrypted = self.decrypt_block(self._iv, blocks[0]) + decrypted
    285285           
    286         return buffertools.stripPKCS7Pad(decrypted, self.block_size)
     286        return buffertools.stripPKCS7Pad(decrypted, self.block_size, self.log_fh)
    287287
    288288

  • trunk/lib/bletchley/buffertools.py

    r18 r36  
    122122        return chr(length) * length
    123123
    124 def stripPKCS7Pad(decrypted, block_size=16):
     124def stripPKCS7Pad(decrypted, block_size=16, log_file=None):
    125125    '''
    126126    Validates a plaintext containing a PKCS5/7 pad, then returns the plaintext
     
    128128    '''
    129129    if len(decrypted) % block_size != 0:
     130        if log_file:
     131            log_file.write("Can't strip PKCS7 pad.  Plaintext not correct length\n")
    130132        return None
    131133
    132134    length = ord(decrypted[-1])
    133135    if length > block_size:
     136        if log_file:
     137            log_file.write("Can't strip PKCS7 pad.  Final byte length (%d) too large.\n" % length)
    134138        return None
    135139
    136     if decrypted[0-length:] != pkcs7Pad(length):
     140    pad = decrypted[0-length:]
     141    if pad != pkcs7Pad(length):
     142        if log_file:
     143            log_file.write("Can't strip PKCS7 pad.  Pads don't match. (%s != %s)\n" % (repr(pad), repr(pkcs7Pad(length))))
    137144        return None
    138145
Note: See TracChangeset for help on using the changeset viewer.