Padding
A padding scheme is merely a standard method of ensuring that the input
to be encrypted is a multiple of the cipher's block size. The padding
schemes of GNU Crypto are in package gnu.crypto.pad
and include:
- PKCS #7. PKCS #7 (referred to as "PKCS7" in GNU Crypto) pads the
input P with the quantity w = b - (|P| \bmod b), where
b is the cipher's block size, encoded as w bytes. That is,
if the input is 5 bytes shorter than the required length, then the input
is padded with the byte equal to 5 five times. This padding scheme
supports block sizes of 2 \leq b \leq 256 bytes.
- Trailing bit complement. The "TBC" pad appends the complement of
the last bit in the input until the input is the desired length. That
is, if the last bit is
1
, then the input is padded with 0
,
and if the last bit is 0
, then the input is padded with 1
.
This padding scheme supports block sizes up to 256 bytes.