From 1cc57e574a498f8d0ff09abe0fb696862cc3ec75 Mon Sep 17 00:00:00 2001
From: Dariusz Michaluk <d.michaluk@samsung.com>
Date: Mon, 1 Aug 2016 14:35:06 +0200
Subject: [PATCH] Add possibility to disabling encrypt/decrypt padding.

Change-Id: I42bbd36013b6d39917f6946f35d533dc4f0dbd8e
---
 api/yaca/yaca_simple.h |  3 ++-
 api/yaca/yaca_types.h  | 14 ++++++++++++--
 src/debug.c            |  2 ++
 src/encrypt.c          | 18 +++++++++++++-----
 4 files changed, 29 insertions(+), 8 deletions(-)

diff --git a/api/yaca/yaca_simple.h b/api/yaca/yaca_simple.h
index 34a238c..e151397 100755
--- a/api/yaca/yaca_simple.h
+++ b/api/yaca/yaca_simple.h
@@ -25,6 +25,7 @@
  *           - All operations are single-shot (no streaming possible)
  *           - Context is not used
  *           - For now only digest and symmetric ciphers are supported
+ *           - Disabling PKCS#5 padding for ECB and CBC chaining is not supported.
  *           - GCM and CCM chaining is not supported
  *           - All outputs are allocated by the library
  */
@@ -82,7 +83,7 @@ int yaca_simple_calculate_digest(yaca_digest_algorithm_e algo,
  *
  * @param[in]  algo            Encryption algorithm (select #YACA_ENCRYPT_AES if unsure)
  * @param[in]  bcm             Chaining mode (select #YACA_BCM_CBC if unsure)
- * @param[in]  sym_key         Symmetric encryption key (see key.h for key generation functions)
+ * @param[in]  sym_key         Symmetric encryption key (see yaca_key.h for key generation functions)
  * @param[in]  iv              Initialization vector
  * @param[in]  plaintext       Plaintext to be encrypted
  * @param[in]  plaintext_len   Length of the plaintext
diff --git a/api/yaca/yaca_types.h b/api/yaca/yaca_types.h
index 81fcf92..8a3b1b9 100755
--- a/api/yaca/yaca_types.h
+++ b/api/yaca/yaca_types.h
@@ -441,7 +441,12 @@ typedef enum {
 
 	/**
 	 * ECB block cipher mode.
-	 * Encrypts 64 bit at a time. No IV is used.
+	 * No IV is used.
+	 *
+	 * By default the input data is padded using standard block padding (aka PKCS#5 padding).
+	 * Padding can be disabled using yaca_context_set_property() and #YACA_PROPERTY_PADDING, #YACA_PADDING_NONE,
+	 * then the total length of data passed until *_finalize() MUST be a multiple of block size.
+	 * #YACA_PROPERTY_PADDING can be set at the latest before the *_finalize() call.
 	 */
 	YACA_BCM_ECB,
 
@@ -454,6 +459,11 @@ typedef enum {
 	/**
 	 * CBC block cipher mode.
 	 * 16-byte initialization vector is mandatory.
+	 *
+	 * By default the input data is padded using standard block padding (aka PKCS#5 padding).
+	 * Padding can be disabled using yaca_context_set_property() and #YACA_PROPERTY_PADDING, #YACA_PADDING_NONE,
+	 * then the total length of data passed until *_finalize() MUST be a multiple of block size.
+	 * #YACA_PROPERTY_PADDING can be set at the latest before the *_finalize() call.
 	 */
 	YACA_BCM_CBC,
 
@@ -575,7 +585,7 @@ typedef enum {
  */
 typedef enum {
 	/**
-	 * Padding for the sign/verify operation. Property type is #yaca_padding_e.
+	 * Padding for the encrypt/decrypt or sign/verify operation. Property type is #yaca_padding_e.
 	 *
 	 * This property can be set at the latest before the *_finalize() call.
 	 */
diff --git a/src/debug.c b/src/debug.c
index 9e5164b..7f9d470 100644
--- a/src/debug.c
+++ b/src/debug.c
@@ -127,6 +127,8 @@ int error_handle(const char *file, int line, const char *function)
 	case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED):
 	case ERR_PACK(ERR_LIB_PEM, PEM_F_PEM_READ_BIO, PEM_R_NO_START_LINE):
 	case ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_NOT_ENOUGH_DATA):
+	case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_ENCRYPTFINAL_EX, EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH):
+	case ERR_PACK(ERR_LIB_EVP, EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH):
 		ret = YACA_ERROR_INVALID_PARAMETER;
 		break;
 	case ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_GET_OBJECT, ASN1_R_TOO_LONG):
diff --git a/src/encrypt.c b/src/encrypt.c
index 4fa6965..d1c756c 100644
--- a/src/encrypt.c
+++ b/src/encrypt.c
@@ -494,6 +494,17 @@ int set_encrypt_property(yaca_context_h ctx,
 
 		ret = encrypt_ctx_set_ccm_tag_len(c, *(size_t*)value);
 		break;
+	case YACA_PROPERTY_PADDING:
+		if ((mode != EVP_CIPH_ECB_MODE && mode != EVP_CIPH_CBC_MODE) ||
+		    value_len != sizeof(yaca_padding_e) ||
+		    *(yaca_padding_e*)value != YACA_PADDING_NONE)
+			return YACA_ERROR_INVALID_PARAMETER;
+
+		if (EVP_CIPHER_CTX_set_padding(c->cipher_ctx, 0) != 1) {
+			ERROR_DUMP(YACA_ERROR_INTERNAL);
+			return YACA_ERROR_INTERNAL;
+		}
+		break;
 	default:
 		return YACA_ERROR_INVALID_PARAMETER;
 	}
@@ -828,11 +839,8 @@ int encrypt_finalize(yaca_context_h ctx,
 
 	if (EVP_CIPHER_CTX_mode(c->cipher_ctx) != EVP_CIPH_WRAP_MODE) {
 		ret = EVP_CipherFinal(c->cipher_ctx, output, &loutput_len);
-		if (ret != 1 || loutput_len < 0) {
-			ret = YACA_ERROR_INTERNAL;
-			ERROR_DUMP(ret);
-			return ret;
-		}
+		if (ret != 1 || loutput_len < 0)
+			return ERROR_HANDLE();
 	}
 
 	*output_len = loutput_len;
-- 
2.7.4