mirror of
https://github.com/borgbackup/borg.git
synced 2024-12-24 08:45:13 +00:00
crypto.pyx: adapt to strange requirements found in the openssl docs
https://www.openssl.org/docs/crypto/EVP_aes_256_cbc.html EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer out passed to EVP_DecryptUpdate() should have sufficient room for (inl + cipher_block_size) bytes unless the cipher block size is 1 in which case inl bytes is sufficient. I doubt this is correct, but let's rather be defensive here.
This commit is contained in:
parent
550320535c
commit
1f4077d870
1 changed files with 4 additions and 1 deletions
|
@ -152,7 +152,10 @@ cdef class AES:
|
||||||
cdef int inl = len(data)
|
cdef int inl = len(data)
|
||||||
cdef int ptl = 0
|
cdef int ptl = 0
|
||||||
cdef int outl = 0
|
cdef int outl = 0
|
||||||
cdef unsigned char *out = <unsigned char *>malloc(inl)
|
# note: modes that use padding, need up to one extra AES block (16b).
|
||||||
|
# This is what the openssl docs say. I am not sure this is correct,
|
||||||
|
# but OTOH it will not cause any harm if our buffer is a little bigger.
|
||||||
|
cdef unsigned char *out = <unsigned char *>malloc(inl+16)
|
||||||
if not out:
|
if not out:
|
||||||
raise MemoryError
|
raise MemoryError
|
||||||
try:
|
try:
|
||||||
|
|
Loading…
Reference in a new issue