mirror of
https://github.com/borgbackup/borg.git
synced 2024-12-27 02:08:54 +00:00
generalize next_iv comment
This commit is contained in:
parent
ce5c5781aa
commit
ca4fc2a222
1 changed files with 3 additions and 2 deletions
|
@ -476,11 +476,12 @@ cdef class _AEAD_BASE:
|
||||||
self.iv[i] = iv[i]
|
self.iv[i] = iv[i]
|
||||||
|
|
||||||
def next_iv(self):
|
def next_iv(self):
|
||||||
|
# AES-GCM, AES-OCB, CHACHA20 ciphers all add a internal 32bit counter to the 96bit
|
||||||
|
# (12 byte) IV we provide, thus we only need to increment the IV by 1 (and we must
|
||||||
|
# not encrypt more than 2^32 cipher blocks with same IV):
|
||||||
assert self.blocks < 2**32
|
assert self.blocks < 2**32
|
||||||
# we need 16 bytes for increment_iv:
|
# we need 16 bytes for increment_iv:
|
||||||
last_iv = b'\0' * (16 - self.iv_len) + self.iv[:self.iv_len]
|
last_iv = b'\0' * (16 - self.iv_len) + self.iv[:self.iv_len]
|
||||||
# gcm mode is special: it appends a internal 32bit counter to the 96bit (12 byte) we provide, thus we only
|
|
||||||
# need to increment the 96bit counter by 1 (and we must not encrypt more than 2^32 AES blocks with same IV):
|
|
||||||
next_iv = increment_iv(last_iv, 1)
|
next_iv = increment_iv(last_iv, 1)
|
||||||
return next_iv[-self.iv_len:]
|
return next_iv[-self.iv_len:]
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue