search

named-data-iot / ndn-lite

A lightweight NDN protocol stack with high-level application support including security bootstrapping, access control, trust management, etc.
https://ndn-lite.named-data.net
GNU Lesser General Public License v3.0
44 stars 16 forks source link

_pkcs7_padding incorrect logic #78

Closed yoursunny closed 4 years ago

yoursunny commented 4 years ago

According to PKCS Padding Method:

The rules for PKCS padding are very simple:

  • Padding bytes are always added to the clear text before it is encrypted.
  • Each padding byte has a value equal to the total number of padding bytes that are added. For example, if 6 padding bytes must be added, each of those bytes will have the value 0x06.
  • The total number of padding bytes is at least one, and is the number that is required in order to bring the data length up to a multiple of the cipher algorithm block size.

The currently implementation is incorrect: it does not fulfill the first rule.

https://github.com/named-data-iot/ndn-lite/blob/d60a114a4c4e8422577ab8ae3817f79eed948254/security/default-backend/ndn-lite-default-aes-impl.c#L26-L41

tianyuan129 commented 4 years ago

I tested this piece of code with input array 04 04 04 04 04 04 and got 04 04 04 04 04 04 0A 0A 0A 0A 0A 0A 0A 0A 0A 0A . It seems fulfill the requirement. Wonder what's wrong with it?

yoursunny commented 4 years ago

Try an input length that is a multiple of 16 octets. Compare to the results at https://play.golang.org/p/hxyB-O8ARk-