Borrow PadCount method from BouncyCastle

Author: scott-xu

src/Renci.SshNet/Security/Cryptography/BlockCipher.cs

@@ -1,11 +1,8 @@
 using System;
 
-using Org.BouncyCastle.Crypto.Paddings;
-
 using Renci.SshNet.Common;
 using Renci.SshNet.Security.Cryptography.Ciphers;
 using Renci.SshNet.Security.Cryptography.Ciphers.Modes;
-using Renci.SshNet.Security.Cryptography.Ciphers.Paddings;
 
 namespace Renci.SshNet.Security.Cryptography
 {
@@ -180,9 +177,9 @@ public override byte[] Decrypt(byte[] input, int offset, int length)
                 throw new InvalidOperationException("Encryption error.");
             }
 
-            if (_padding is PKCS7Padding)
+            if (_padding is not null)
             {
-                paddingLength = new Pkcs7Padding().PadCount(output);
+                paddingLength = _padding.PadCount(output);
             }
 
             if (paddingLength > 0)

src/Renci.SshNet/Security/Cryptography/Ciphers/CipherPadding.cs

@@ -54,5 +54,12 @@ public byte[] Pad(byte[] input, int paddinglength)
         /// The padded data array.
         /// </returns>
         public abstract byte[] Pad(byte[] input, int offset, int length, int paddinglength);
+
+        /// <summary>
+        /// Gets the padd count from the specified input.
+        /// </summary>
+        /// <param name="input">The input.</param>
+        /// <returns>The padd count.</returns>
+        public abstract int PadCount(byte[] input);
     }
 }

src/Renci.SshNet/Security/Cryptography/Ciphers/Paddings/PKCS7Padding.cs

@@ -1,5 +1,7 @@
 using System;
 
+using Renci.SshNet.Common;
+
 namespace Renci.SshNet.Security.Cryptography.Ciphers.Paddings
 {
     /// <summary>
@@ -45,5 +47,26 @@ public override byte[] Pad(byte[] input, int offset, int length, int paddingleng
 
             return output;
         }
+
+        /// <inheritdoc/>
+        public override int PadCount(byte[] input)
+        {
+            var padValue = input[input.Length - 1];
+            int count = padValue;
+            var position = input.Length - count;
+
+            var failed = (position | (count - 1)) >> 31;
+            for (var i = 0; i < input.Length; ++i)
+            {
+                failed |= (input[i] ^ padValue) & ~((i - position) >> 31);
+            }
+
+            if (failed != 0)
+            {
+                throw new SshException("pad block corrupted");
+            }
+
+            return count;
+        }
     }
 }