mirror of
https://github.com/borgbackup/borg.git
synced 2024-12-24 08:45:13 +00:00
crypto.pyx: cosmetic changes, added comments
This commit is contained in:
parent
6c7c2e2e40
commit
550320535c
1 changed files with 15 additions and 13 deletions
|
@ -8,7 +8,7 @@ from libc.stdlib cimport malloc, free
|
||||||
API_VERSION = 2
|
API_VERSION = 2
|
||||||
|
|
||||||
cdef extern from "openssl/rand.h":
|
cdef extern from "openssl/rand.h":
|
||||||
int RAND_bytes(unsigned char *buf,int num)
|
int RAND_bytes(unsigned char *buf, int num)
|
||||||
|
|
||||||
|
|
||||||
cdef extern from "openssl/evp.h":
|
cdef extern from "openssl/evp.h":
|
||||||
|
@ -26,18 +26,16 @@ cdef extern from "openssl/evp.h":
|
||||||
void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a)
|
void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a)
|
||||||
void EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a)
|
void EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a)
|
||||||
|
|
||||||
int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
|
int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
|
||||||
const unsigned char *key, const unsigned char *iv)
|
const unsigned char *key, const unsigned char *iv)
|
||||||
int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
|
int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
|
||||||
const unsigned char *key, const unsigned char *iv)
|
const unsigned char *key, const unsigned char *iv)
|
||||||
int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
|
||||||
int *outl, const unsigned char *in_, int inl)
|
const unsigned char *in_, int inl)
|
||||||
int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
|
||||||
int *outl, const unsigned char *in_, int inl)
|
const unsigned char *in_, int inl)
|
||||||
int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
|
||||||
int *outl)
|
int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
|
||||||
int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|
||||||
int *outl)
|
|
||||||
|
|
||||||
int PKCS5_PBKDF2_HMAC(const char *password, int passwordlen,
|
int PKCS5_PBKDF2_HMAC(const char *password, int passwordlen,
|
||||||
const unsigned char *salt, int saltlen, int iter,
|
const unsigned char *salt, int saltlen, int iter,
|
||||||
|
@ -55,7 +53,8 @@ long_to_bytes = lambda x: _long.pack(x)
|
||||||
|
|
||||||
|
|
||||||
def num_aes_blocks(length):
|
def num_aes_blocks(length):
|
||||||
"""Return the number of AES blocks required to encrypt/decrypt *length* bytes of data
|
"""Return the number of AES blocks required to encrypt/decrypt *length* bytes of data.
|
||||||
|
Note: this is only correct for modes without padding, like AES-CTR.
|
||||||
"""
|
"""
|
||||||
return (length + 15) // 16
|
return (length + 15) // 16
|
||||||
|
|
||||||
|
@ -160,7 +159,10 @@ cdef class AES:
|
||||||
if not EVP_DecryptUpdate(&self.ctx, out, &outl, data, inl):
|
if not EVP_DecryptUpdate(&self.ctx, out, &outl, data, inl):
|
||||||
raise Exception('EVP_DecryptUpdate failed')
|
raise Exception('EVP_DecryptUpdate failed')
|
||||||
ptl = outl
|
ptl = outl
|
||||||
if EVP_DecryptFinal_ex(&self.ctx, out+outl, &outl) <= 0:
|
if EVP_DecryptFinal_ex(&self.ctx, out+ptl, &outl) <= 0:
|
||||||
|
# this error check is very important for modes with padding or
|
||||||
|
# authentication. for them, a failure here means corrupted data.
|
||||||
|
# CTR mode does not use padding nor authentication.
|
||||||
raise Exception('EVP_DecryptFinal failed')
|
raise Exception('EVP_DecryptFinal failed')
|
||||||
ptl += outl
|
ptl += outl
|
||||||
return out[:ptl]
|
return out[:ptl]
|
||||||
|
|
Loading…
Reference in a new issue