self.curobj = (filename, version, paramversion, nacl)
self.cnt += 1
self.ctsize = 0
- aad = "%s" % filename
self.aes = Cipher \
( algorithms.AES (self.key)
, modes.GCM (self.iv)
, backend = default_backend ()) \
.encryptor ()
- self.aes.authenticate_additional_data (str.encode (aad))
+ # XXX figure out what we want for AAD. Filename (not known to stream)?
+ # Size?
+ #aad = "%s" % filename
+ #self.aes.authenticate_additional_data (str.encode (aad))
+
self.hdrdum = hdr_make_dummy (filename)
return self.hdrdum
pfx = None
password = None
+ tag = None # GCM tag, part of header
def __init__ (self, password, paramversion=None, nacl=None):
if paramversion is not None \
del self.password # XXX find a way to zero out the buffer instead
self.cnt += 1
iv = hdr ["iv"]
+ self.tag = hdr ["tag"]
self.aes = Cipher \
( algorithms.AES (key)
, modes.GCM (hdr["iv"])
, backend = default_backend ()) \
. decryptor ()
+ # XXX figure out what we want for AAD. Filename (not known to stream)?
+ # Size?
+ #self.aes.authenticate_additional_data (str.encode (aad))
def next_in_source (self, tarinfo, source):
return self.next(hdr)
- def done (self, filename, tag):
- aad = "%s" % filename
- self.aes.authenticate_additional_data (str.encode (aad))
- return self.aes.finalize_with_tag (tag)
+ def done (self, tag):
+ return self.aes.finalize_with_tag (self.tag)
###############################################################################
git://developer.intra2net.com / python-delta-tar / commitdiff