1-- | 2-- Module : Crypto.Data.Padding 3-- License : BSD-style 4-- Maintainer : Vincent Hanquez <vincent@snarc.org> 5-- Stability : experimental 6-- Portability : unknown 7-- 8-- Various cryptographic padding commonly used for block ciphers 9-- or asymmetric systems. 10-- 11module Crypto.Data.Padding 12 ( Format(..) 13 , pad 14 , unpad 15 ) where 16 17import Data.ByteArray (ByteArray, Bytes) 18import qualified Data.ByteArray as B 19 20-- | Format of padding 21data Format = 22 PKCS5 -- ^ PKCS5: PKCS7 with hardcoded size of 8 23 | PKCS7 Int -- ^ PKCS7 with padding size between 1 and 255 24 | ZERO Int -- ^ zero padding with block size 25 deriving (Show, Eq) 26 27-- | Apply some pad to a bytearray 28pad :: ByteArray byteArray => Format -> byteArray -> byteArray 29pad PKCS5 bin = pad (PKCS7 8) bin 30pad (PKCS7 sz) bin = bin `B.append` paddingString 31 where 32 paddingString = B.replicate paddingByte (fromIntegral paddingByte) 33 paddingByte = sz - (B.length bin `mod` sz) 34pad (ZERO sz) bin = bin `B.append` paddingString 35 where 36 paddingString = B.replicate paddingSz 0 37 paddingSz 38 | len == 0 = sz 39 | m == 0 = 0 40 | otherwise = sz - m 41 m = len `mod` sz 42 len = B.length bin 43 44-- | Try to remove some padding from a bytearray. 45unpad :: ByteArray byteArray => Format -> byteArray -> Maybe byteArray 46unpad PKCS5 bin = unpad (PKCS7 8) bin 47unpad (PKCS7 sz) bin 48 | len == 0 = Nothing 49 | (len `mod` sz) /= 0 = Nothing 50 | paddingSz < 1 || paddingSz > len = Nothing 51 | paddingWitness `B.constEq` padding = Just content 52 | otherwise = Nothing 53 where 54 len = B.length bin 55 paddingByte = B.index bin (len - 1) 56 paddingSz = fromIntegral paddingByte 57 (content, padding) = B.splitAt (len - paddingSz) bin 58 paddingWitness = B.replicate paddingSz paddingByte :: Bytes 59unpad (ZERO sz) bin 60 | len == 0 = Nothing 61 | (len `mod` sz) /= 0 = Nothing 62 | B.index bin (len - 1) /= 0 = Just bin 63 | otherwise = Nothing 64 where 65 len = B.length bin 66