summaryrefslogtreecommitdiffstats
path: root/bcprov/src/main/java/org/bouncycastle/crypto/paddings/PKCS7Padding.java
diff options
context:
space:
mode:
Diffstat (limited to 'bcprov/src/main/java/org/bouncycastle/crypto/paddings/PKCS7Padding.java')
-rw-r--r--bcprov/src/main/java/org/bouncycastle/crypto/paddings/PKCS7Padding.java17
1 files changed, 9 insertions, 8 deletions
diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/paddings/PKCS7Padding.java b/bcprov/src/main/java/org/bouncycastle/crypto/paddings/PKCS7Padding.java
index 93b149f..8b30398 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/paddings/PKCS7Padding.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/paddings/PKCS7Padding.java
@@ -57,18 +57,19 @@ public class PKCS7Padding
throws InvalidCipherTextException
{
int count = in[in.length - 1] & 0xff;
+ byte countAsbyte = (byte)count;
- if (count > in.length || count == 0)
+ // constant time version
+ boolean failed = (count > in.length | count == 0);
+
+ for (int i = 0; i < in.length; i++)
{
- throw new InvalidCipherTextException("pad block corrupted");
+ failed |= (in.length - i <= count) & (in[i] != countAsbyte);
}
-
- for (int i = 1; i <= count; i++)
+
+ if (failed)
{
- if (in[in.length - i] != count)
- {
- throw new InvalidCipherTextException("pad block corrupted");
- }
+ throw new InvalidCipherTextException("pad block corrupted");
}
return count;
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-21 11:20:45 +0000