1
0
Fork 0
mirror of https://github.com/borgbackup/borg.git synced 2024-12-27 02:08:54 +00:00

generalize next_iv comment

This commit is contained in:
Thomas Waldmann 2016-08-29 19:18:46 +02:00
parent ce5c5781aa
commit ca4fc2a222

View file

@ -476,11 +476,12 @@ cdef class _AEAD_BASE:
self.iv[i] = iv[i] self.iv[i] = iv[i]
def next_iv(self): def next_iv(self):
# AES-GCM, AES-OCB, CHACHA20 ciphers all add a internal 32bit counter to the 96bit
# (12 byte) IV we provide, thus we only need to increment the IV by 1 (and we must
# not encrypt more than 2^32 cipher blocks with same IV):
assert self.blocks < 2**32 assert self.blocks < 2**32
# we need 16 bytes for increment_iv: # we need 16 bytes for increment_iv:
last_iv = b'\0' * (16 - self.iv_len) + self.iv[:self.iv_len] last_iv = b'\0' * (16 - self.iv_len) + self.iv[:self.iv_len]
# gcm mode is special: it appends a internal 32bit counter to the 96bit (12 byte) we provide, thus we only
# need to increment the 96bit counter by 1 (and we must not encrypt more than 2^32 AES blocks with same IV):
next_iv = increment_iv(last_iv, 1) next_iv = increment_iv(last_iv, 1)
return next_iv[-self.iv_len:] return next_iv[-self.iv_len:]