Remove-Pkcs7Padding.ps1

# Copyright: (c) 2018, Jordan Borean (@jborean93) <jborean93@gmail.com>
# MIT License (see LICENSE or https://opensource.org/licenses/MIT)

Function Remove-Pkcs7Padding {
    <#
    .SYNOPSIS
    Removes PKCS7 padding on a paddded byte array.

    .DESCRIPTION
    Will remove any PKCS7 padding on a byte array. This can be run multiple
    times and the result will always be the same.

    .PARAMETER Value
    [byte[]] The bytes to add the remove from.

    .PARAMETER BlockSize
    [int] The size of the block in bits.

    .OUTPUTS
    [byte[]] The input byte array that has been unpadded.

    .EXAMPLE
    Remove-Pkcs7Padding -Bytes [byte[]]@(1, 2, 3, 5, 5, 5, 5 ,5) -BlockSize 64

    .NOTES
    Usually this is done as part of a crypto provider but because we use
    Invoke-AESCTRCycle (AES in CTR mode/stream cipher) we need to manually
    unpad the bytes as this is done in the Ansible Vault implementation.
    #>
    [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessForStateChangingFunctions", "", Justification="Does not adjust system state, removes the padding in a byte array")]
    [CmdletBinding()]
    [OutputType([byte[]])]
    param(
        [Parameter(Mandatory=$true)] [byte[]]$Value,
        [Parameter(Mandatory=$true)] [int]$BlockSize
    )

    $last_byte = [int]$Value[$Value.Length - 1]
    if ($last_byte -gt ($BlockSize / 8)) {
        return $Value
    } elseif ($Value.Length -eq 1) {
        return $Value
    }

    for ($i = $Value.Length - 1; $i -ge $Value.Length - $last_byte; $i--) {
        if ([int]$Value[$i] -ne $last_byte) {
            return $Value
        }
    }

    $unpadded_size = $Value.Length - $last_byte
    $unpadded_bytes = New-Object -TypeName byte[] -ArgumentList $unpadded_size
    [System.Buffer]::BlockCopy($Value, 0, $unpadded_bytes, 0, $unpadded_size)
    return [byte[]]$unpadded_bytes
}
	# Copyright: (c) 2018, Jordan Borean (@jborean93) <jborean93@gmail.com>
	# MIT License (see LICENSE or https://opensource.org/licenses/MIT)

	Function Remove-Pkcs7Padding {
	<#
	.SYNOPSIS
	Removes PKCS7 padding on a paddded byte array.

	.DESCRIPTION
	Will remove any PKCS7 padding on a byte array. This can be run multiple
	times and the result will always be the same.

	.PARAMETER Value
	[byte[]] The bytes to add the remove from.

	.PARAMETER BlockSize
	[int] The size of the block in bits.

	.OUTPUTS
	[byte[]] The input byte array that has been unpadded.

	.EXAMPLE
	Remove-Pkcs7Padding -Bytes [byte[]]@(1, 2, 3, 5, 5, 5, 5 ,5) -BlockSize 64

	.NOTES
	Usually this is done as part of a crypto provider but because we use
	Invoke-AESCTRCycle (AES in CTR mode/stream cipher) we need to manually
	unpad the bytes as this is done in the Ansible Vault implementation.
	#>
	[Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseShouldProcessForStateChangingFunctions", "", Justification="Does not adjust system state, removes the padding in a byte array")]
	[CmdletBinding()]
	[OutputType([byte[]])]
	param(
	[Parameter(Mandatory=$true)] [byte[]]$Value,
	[Parameter(Mandatory=$true)] [int]$BlockSize
	)

	$last_byte = [int]$Value[$Value.Length - 1]
	if ($last_byte -gt ($BlockSize / 8)) {
	return $Value
	} elseif ($Value.Length -eq 1) {
	return $Value
	}

	for ($i = $Value.Length - 1; $i -ge $Value.Length - $last_byte; $i--) {
	if ([int]$Value[$i] -ne $last_byte) {
	return $Value
	}
	}

	$unpadded_size = $Value.Length - $last_byte
	$unpadded_bytes = New-Object -TypeName byte[] -ArgumentList $unpadded_size
	[System.Buffer]::BlockCopy($Value, 0, $unpadded_bytes, 0, $unpadded_size)
	return [byte[]]$unpadded_bytes
	}