Padding
A padding scheme is merely a standard method of ensuring that the input
to be encrypted is a multiple of the cipher's block size. The padding
schemes of GNU Crypto are in package gnu.crypto.pad and include:
- PKCS #7. PKCS #7 (referred to as "PKCS7" in GNU Crypto) pads the
input P with the quantity w = b - (|P| \bmod b), where
b is the cipher's block size, encoded as w bytes. That is,
if the input is 5 bytes shorter than the required length, then the input
is padded with the byte equal to 5 five times. This padding scheme
supports block sizes of 2 \leq b \leq 256 bytes.
- Trailing bit complement. The "TBC" pad appends the complement of
the last bit in the input until the input is the desired length. That
is, if the last bit is
1, then the input is padded with 0,
and if the last bit is 0, then the input is padded with 1.
This padding scheme supports block sizes up to 256 bytes.