add:aes ecb加入zero padding支持

openLuat · Jan 22, 2024 · ac0848f · ac0848f
1 parent 2b53b0a
commit ac0848f
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 2 deletions.
diff --git a/components/crypto/luat_crypto_mbedtls.c b/components/crypto/luat_crypto_mbedtls.c
@@ -119,15 +119,23 @@ int luat_crypto_cipher_xxx(luat_crypto_cipher_ctx_t* cctx) {
     cipher_mode = _cipher->mode;
     #endif
 
-    if ((cipher_mode == MBEDTLS_MODE_ECB) && !strcmp("PKCS7", cctx->pad) && (cctx->flags & 0x1)) {
+    if ((cipher_mode == MBEDTLS_MODE_ECB) && (!strcmp("PKCS7", cctx->pad) || !strcmp("ZERO", cctx->pad)) && (cctx->flags & 0x1)) {
     	uint32_t new_len  = ((cctx->str_size / block_size) + 1) * block_size;
     	temp = luat_heap_malloc(new_len);
         if (temp == NULL) {
             LLOGE("out of memory when malloc cipher buffer");
             goto _exit;
         }
+        memset(temp, 0, new_len);
     	memcpy(temp, cctx->str, cctx->str_size);
-    	add_pkcs_padding(temp + cctx->str_size - cctx->str_size % block_size, block_size, cctx->str_size % block_size);
+    	if (!strcmp("PKCS7", cctx->pad))
+    	{
+    		add_pkcs_padding(temp + cctx->str_size - cctx->str_size % block_size, block_size, cctx->str_size % block_size);
+    	}
+    	else
+    	{
+    		LLOGD("zero padding");
+    	}
     	cctx->str_size = new_len;
     	cctx->str = (const char*)temp;
     }

diff --git a/demo/crypto/main.lua b/demo/crypto/main.lua
@@ -39,6 +39,11 @@ sys.taskInit(function()
     -- SHA512,输出结果已经hex编码
     log.info("sha512", crypto.sha512("abc"))
     log.info("hmac_sha512", crypto.hmac_sha512("abc", "1234567890"))
+
+	local data_encrypt = crypto.cipher_encrypt("AES-128-ECB", "ZERO", "023001", "HZBIT@WLW/YSBKEY")
+	log.info("AES", "aes-128-ecb", data_encrypt:toHex())
+	local data_decrypt = crypto.cipher_decrypt("AES-128-ECB", "ZERO", data_encrypt, "HZBIT@WLW/YSBKEY")
+	log.info("AES", "aes-128-ecb", data_decrypt)
 
     -- AES加密, 未经Hex编码. AES-128-ECB 算法,待加密字符串如果超过32字节会报错,待查. by wendal 20200812
     local data_encrypt = crypto.cipher_encrypt("AES-128-ECB", "PKCS7", "12345678901234 > 123456", "1234567890123456")