create crypto header in .next()

Saves us from exposing the IV to the stream.

diff --git a/deltatar/crypto.py b/deltatar/crypto.py
index 2d84ccc..b389ef6 100755 (executable)
--- a/deltatar/crypto.py
+++ b/deltatar/crypto.py
@@ -273,6 +273,7 @@ class Crypto (object):
     key  = None
     pfx  = None # 64 bit fixed parts of IV
     cnt  = None
+    iv   = None
 
     def __init__ (self, *al, **akv):
         self.cnt  = 1
@@ -330,17 +331,21 @@ class Encrypt (Crypto):
         return struct.pack("<8sL", self.pfx, self.cnt % 0xffFFffFF)
 
 
-    def next (self, filename):
+    def next (self, filename, version, paramversion, nacl, ctsize=None):
+        iv = self.iv_make()
+        ok, hdr = hdr_from_params (version, paramversion, nacl, iv, ctsize)
+        if ok is False:
+            return None
         self.cnt += 1
         aad = "%s" % filename
-        iv = self.iv_make()
         self.aes = Cipher \
                         ( algorithms.AES (self.key)
                         , modes.GCM (iv)
                         , backend = default_backend ()) \
                         .encryptor ()
+        return hdr
 
-        return self.aes.authenticate_additional_data (aad)
+        return self.aes.authenticate_additional_data (str.encode (aad))
 
 
     def done (self):
@@ -358,6 +363,7 @@ class Decrypt (Crypto):
     def next (self, hdr):
         self.cnt += 1
         print("I2N: got header “%s”" % crypto.hdr_fmt (hdr))
+        iv = hdr ["iv"]
         self.aes = Cipher \
                         ( algorithms.AES (key)
                         , modes.GCM (hdr["iv"])
@@ -375,7 +381,7 @@ class Decrypt (Crypto):
 
     def done (self, filename, tag):
         aad = "%s" % filename
-        self.aes.authenticate_additional_data (aad)
+        self.aes.authenticate_additional_data (str.encode (aad))
         return self.aes.finalize_with_tag (tag)