mirror
/
borg
mirror of https://github.com/borgbackup/borg.git
1
0
Fork 0
Code Issues Releases Wiki Activity

crypto: add IV overflow check 

will never happen, but better play safe.
This commit is contained in:
Thomas Waldmann 2022-03-22 02:26:16 +01:00
parent 900a812e9c
commit e4b65dea76
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/borg/crypto/key.py
View File

@ -732,11 +732,15 @@ class AEADKeyBase(KeyBase):
logically_encrypted = True
MAX_IV = 2 ** 48 - 1
def encrypt(self, id, data):
# to encrypt new data in this session we use always self.cipher and self.sessionid
data = self.compressor.compress(data)
reserved = b'\0'
iv = self.cipher.next_iv()
if iv > self.MAX_IV: # see the data-structures docs about why the IV range is enough
raise IntegrityError("IV overflow, should never happen.")
iv_48bit = iv.to_bytes(6, 'big')
header = self.TYPE_STR + reserved + iv_48bit + self.sessionid
return self.cipher.encrypt(data, header=header, iv=iv, aad=id)