mirror of https://github.com/borgbackup/borg.git
crypto: add IV overflow check
will never happen, but better play safe.
This commit is contained in:
parent
900a812e9c
commit
e4b65dea76
|
@ -732,11 +732,15 @@ class AEADKeyBase(KeyBase):
|
||||||
|
|
||||||
logically_encrypted = True
|
logically_encrypted = True
|
||||||
|
|
||||||
|
MAX_IV = 2 ** 48 - 1
|
||||||
|
|
||||||
def encrypt(self, id, data):
|
def encrypt(self, id, data):
|
||||||
# to encrypt new data in this session we use always self.cipher and self.sessionid
|
# to encrypt new data in this session we use always self.cipher and self.sessionid
|
||||||
data = self.compressor.compress(data)
|
data = self.compressor.compress(data)
|
||||||
reserved = b'\0'
|
reserved = b'\0'
|
||||||
iv = self.cipher.next_iv()
|
iv = self.cipher.next_iv()
|
||||||
|
if iv > self.MAX_IV: # see the data-structures docs about why the IV range is enough
|
||||||
|
raise IntegrityError("IV overflow, should never happen.")
|
||||||
iv_48bit = iv.to_bytes(6, 'big')
|
iv_48bit = iv.to_bytes(6, 'big')
|
||||||
header = self.TYPE_STR + reserved + iv_48bit + self.sessionid
|
header = self.TYPE_STR + reserved + iv_48bit + self.sessionid
|
||||||
return self.cipher.encrypt(data, header=header, iv=iv, aad=id)
|
return self.cipher.encrypt(data, header=header, iv=iv, aad=id)
|
||||||
|
|
Loading…
Reference in New Issue