Appends PKCS#7 padding to data.
If the input is already aligned, a full block of padding is added.
@eryx/crypto/hazmat/pkcs7 Module
PKCS#7 padding helpers for block ciphers.
This module is intended to pair with the raw block-cipher APIs in
@eryx/crypto/hazmat/*. It pads arbitrary-length data up to a block
boundary and validates/removes PKCS#7 padding explicitly.
local aes = require("@eryx/crypto/hazmat/aes")
local pkcs7 = require("@eryx/crypto/hazmat/pkcs7")
local key = buffer.create(16)
local iv = buffer.create(16)
local padded = pkcs7.pad(buffer.fromstring("hello"), 16)
local encrypt = aes.new(key, "cbc", "encrypt", iv)
local ct = buffer.concat({ encrypt:update(padded), encrypt:final() })
local decrypt = aes.new(key, "cbc", "decrypt", iv)
local pt = pkcs7.unpad(buffer.concat({ decrypt:update(ct), decrypt:final() }), 16)
Summary
Functions
API Reference
Functions
pkcs7.pad
Parameters
data: buffer
Raw input bytes.
Block size in bytes, typically 8 or 16.
Returns
buffer
New buffer containing the padded data.
pkcs7.unpad
Validates and removes PKCS#7 padding from data.
The input length must be non-zero and a multiple of blockSize.
Parameters
data: buffer
Padded input bytes.
Block size in bytes, typically 8 or 16.
Returns
buffer
New buffer containing the unpadded data.