[Botan-devel] AES, CBC with ISO10126 padding handling

Daniel Tallentire daniel at parker-software.com
Mon Dec 8 11:49:53 EST 2008

Hi Jack,

Awesome - thanks, works perfectly!

Is there any documentation on which objects I should / shouldn't delete? It looks like the Pipe destructor will destroy the Filter etc that are contained inside it?



-----Original Message-----
From: botan-devel-bounces at randombit.net [mailto:botan-devel-bounces at randombit.net] On Behalf Of Jack Lloyd
Sent: 06 December 2008 13:27
To: Botan development list
Subject: Re: [Botan-devel] AES, CBC with ISO10126 padding handling

On Sat, Dec 06, 2008 at 11:49:24AM +0000, Daniel Tallentire wrote:

Hi Daniel,

> I have written a small class to handle this incoming padding (I don't 
> need to generate the padding, only to handle it - the current
> PKCS7 would be fine if it didn't check that the remaining bytes were 
> set to the same digit), and I can easily recompile Botan with this 
> modification in place - however, I was wondering if it is possible to 
> add a padding method without compiling Botan?  The existing library 
> for Ubuntu etc work straight away for me, and this is the only change 
> I need to make.

Yes. However it is somewhat the case of good/bad/ugly. In 1.6 (the version shipped with most distros) you need to create and register a new engine, which will then provide this padding scheme without having to modify the lib itself. I've attached an example.

This engine stuff works with 1.6, but not with 1.8 (which is the new stable version being released next Monday). However, that is ultimately good because instead, in 1.8 you can simply say
  new CBC_Decryption(new AES_128, new ISO10126_Padding) and avoid the mess.

> If it isn't possible to do it without compiling botan, what is the best place to override?  
> get_bc_pad in algolist.cpp would seem to be the most sensible, just 
> adding the line HANDLE_TYPE_NO_ARGS("ISO10126", ISO10126_Padding);
> would do the trick?

This would do it as well.


More information about the botan-devel mailing list