1
0
Fork 0
mirror of https://github.com/borgbackup/borg.git synced 2024-12-23 16:26:29 +00:00

crypto.pyx: adapt to strange requirements found in the openssl docs

https://www.openssl.org/docs/crypto/EVP_aes_256_cbc.html

EVP_DecryptInit_ex(), EVP_DecryptUpdate() and EVP_DecryptFinal_ex() are the corresponding decryption operations. EVP_DecryptFinal() will return an error code if padding is enabled and the final block is not correctly formatted. The parameters and restrictions are identical to the encryption operations except that if padding is enabled the decrypted data buffer out passed to EVP_DecryptUpdate() should have sufficient room for (inl + cipher_block_size) bytes unless the cipher block size is 1 in which case inl bytes is sufficient.

I doubt this is correct, but let's rather be defensive here.
This commit is contained in:
Thomas Waldmann 2015-03-03 20:18:28 +01:00
parent 550320535c
commit 1f4077d870

View file

@ -152,7 +152,10 @@ cdef class AES:
cdef int inl = len(data) cdef int inl = len(data)
cdef int ptl = 0 cdef int ptl = 0
cdef int outl = 0 cdef int outl = 0
cdef unsigned char *out = <unsigned char *>malloc(inl) # note: modes that use padding, need up to one extra AES block (16b).
# This is what the openssl docs say. I am not sure this is correct,
# but OTOH it will not cause any harm if our buffer is a little bigger.
cdef unsigned char *out = <unsigned char *>malloc(inl+16)
if not out: if not out:
raise MemoryError raise MemoryError
try: try: