Home Explore Help
Sign In
mirrors
/
borg
mirror of https://github.com/borgbackup/borg
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

crypto.pyx: cosmetic changes, added comments

Thomas Waldmann 10 years ago
parent
6c7c2e2e40
commit
550320535c
1 changed files with 15 additions and 13 deletions
Split View Show Diff Stats
  1. 15 13
      attic/crypto.pyx

+ 15 - 13
attic/crypto.pyx
View File 

@@ -8,7 +8,7 @@ from libc.stdlib cimport malloc, free
 
 API_VERSION = 2
 
 
 cdef extern from "openssl/rand.h":
 
-    int  RAND_bytes(unsigned char *buf,int num)
 
+    int  RAND_bytes(unsigned char *buf, int num)
 
 
 
 cdef extern from "openssl/evp.h":
 
@@ -26,18 +26,16 @@ cdef extern from "openssl/evp.h":
 
     void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a)
 
     void EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a)
 
 
-    int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
 
+    int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
 
                            const unsigned char *key, const unsigned char *iv)
 
-    int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,
 
+    int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
 
                            const unsigned char *key, const unsigned char *iv)
 
-    int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
 
-                          int *outl, const unsigned char *in_, int inl)
 
-    int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
 
-                          int *outl, const unsigned char *in_, int inl)
 
-    int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out,
 
-                            int *outl)
 
-    int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out,
 
-                            int *outl)
 
+    int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
 
+                          const unsigned char *in_, int inl)
 
+    int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
 
+                          const unsigned char *in_, int inl)
 
+    int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 
+    int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
 
 
     int PKCS5_PBKDF2_HMAC(const char *password, int passwordlen,
 
                           const unsigned char *salt, int saltlen, int iter,
 
@@ -55,7 +53,8 @@ long_to_bytes = lambda x: _long.pack(x)
 
 
 
 def num_aes_blocks(length):
 
-    """Return the number of AES blocks required to encrypt/decrypt *length* bytes of data
 
+    """Return the number of AES blocks required to encrypt/decrypt *length* bytes of data.
 
+       Note: this is only correct for modes without padding, like AES-CTR.
 
     """
 
     return (length + 15) // 16
 
 
@@ -160,7 +159,10 @@ cdef class AES:
 
             if not EVP_DecryptUpdate(&self.ctx, out, &outl, data, inl):
 
                 raise Exception('EVP_DecryptUpdate failed')
 
             ptl = outl
 
-            if EVP_DecryptFinal_ex(&self.ctx, out+outl, &outl) <= 0:
 
+            if EVP_DecryptFinal_ex(&self.ctx, out+ptl, &outl) <= 0:
 
+                # this error check is very important for modes with padding or
 
+                # authentication. for them, a failure here means corrupted data.
 
+                # CTR mode does not use padding nor authentication.
 
                 raise Exception('EVP_DecryptFinal failed')
 
             ptl += outl
 
             return out[:ptl]