From cc71dfea863cce0a1f497a8524141e76cad824e2 Mon Sep 17 00:00:00 2001
From: ThomasV <thomasv@gitorious>
Date: Mon, 1 Sep 2014 15:37:38 +0200
Subject: [PATCH] check all bytes in strip_pkcs7_padding

---
 lib/bitcoin.py | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/lib/bitcoin.py b/lib/bitcoin.py
index 3e4e16a9..7711672a 100644
--- a/lib/bitcoin.py
+++ b/lib/bitcoin.py
@@ -45,6 +45,17 @@ MIN_RELAY_TX_FEE = 1000
 EncodeAES = lambda secret, s: base64.b64encode(aes.encryptData(secret,s))
 DecodeAES = lambda secret, e: aes.decryptData(secret, base64.b64decode(e))
 
+def strip_PKCS7_padding(s):
+    """return s stripped of PKCS7 padding"""
+    if len(s)%16 or not s:
+        raise ValueError("String of len %d can't be PCKS7-padded" % len(s))
+    numpads = ord(s[-1])
+    if numpads > 16:
+        raise ValueError("String ending with %r can't be PCKS7-padded" % s[-1])
+    if s[-numpads:] != numpads*chr(numpads):
+        raise ValueError("Invalid PKCS7 padding")
+    return s[:-numpads]
+
 
 def aes_encrypt_with_iv(key, iv, data):
     mode = aes.AESModeOfOperation.modeOfOperation["CBC"]
@@ -66,7 +77,7 @@ def aes_decrypt_with_iv(key, iv, data):
     data = map(ord, data)
     moo = aes.AESModeOfOperation()
     decr = moo.decrypt(data, None, mode, key, keysize, iv)
-    decr = aes.strip_PKCS7_padding(decr)
+    decr = strip_PKCS7_padding(decr)
     return decr