[Botan-devel] AES, CBC with ISO10126 padding handling

Jack Lloyd lloyd at randombit.net
Sat Dec 6 08:26:52 EST 2008


On Sat, Dec 06, 2008 at 11:49:24AM +0000, Daniel Tallentire wrote:

Hi Daniel,

> I have written a small class to handle this incoming padding (I
> don't need to generate the padding, only to handle it - the current
> PKCS7 would be fine if it didn't check that the remaining bytes were
> set to the same digit), and I can easily recompile Botan with this
> modification in place - however, I was wondering if it is possible
> to add a padding method without compiling Botan?  The existing
> library for Ubuntu etc work straight away for me, and this is the
> only change I need to make.

Yes. However it is somewhat the case of good/bad/ugly. In 1.6 (the
version shipped with most distros) you need to create and register a
new engine, which will then provide this padding scheme without having
to modify the lib itself. I've attached an example.

This engine stuff works with 1.6, but not with 1.8 (which is the new
stable version being released next Monday). However, that is
ultimately good because instead, in 1.8 you can simply say
  new CBC_Decryption(new AES_128, new ISO10126_Padding)
and avoid the mess.

[...]
> If it isn't possible to do it without compiling botan, what is the best place to override?  
> 
> get_bc_pad in algolist.cpp would seem to be the most sensible, just adding the line
> HANDLE_TYPE_NO_ARGS("ISO10126", ISO10126_Padding);  
> 
> would do the trick?

This would do it as well.

-Jack
-------------- next part --------------
A non-text attachment was scrubbed...
Name: iso10126.cpp
Type: text/x-c++src
Size: 1644 bytes
Desc: not available
URL: <http://lists.randombit.net/pipermail/botan-devel/attachments/20081206/15e0ae28/attachment.bin>


More information about the botan-devel mailing list