From: Philipp Gesang <philipp.gesang@intra2net.com>
Date: Thu, 6 Apr 2017 15:06:05 +0000 (+0200)
Subject: fix IV fixed part validation on decryption
X-Git-Url: http://developer.intra2net.com/git/?a=commitdiff_plain;h=b9ddb8feee7ad0be2bdaa155e76c3a319db9c180;p=python-delta-tar

fix IV fixed part validation on decryption
---

diff --git a/deltatar/crypto.py b/deltatar/crypto.py
index 0226a48..56b0e61 100755
--- a/deltatar/crypto.py
+++ b/deltatar/crypto.py
@@ -71,6 +71,10 @@ class InvalidHeader (Exception):
     """Header not valid."""
     pass
 
+class InvalidIVFixedPart (Exception):
+    """IV fixed part not in supplied list."""
+    pass
+
 class DecryptionError (Exception):
     """Error during decryption."""
     pass
@@ -518,8 +522,7 @@ class Decrypt (Crypto):
         if fixedparts is not None:
             self.pfx = fixedparts
             self.pfx.sort ()
-            super().__init__ (password, paramversion, nacl, counter=counter,
-                              nextpfx=lambda: self.pfx.pop())
+            super().__init__ (password, paramversion, nacl, counter=counter)
         super().__init__ (password, paramversion, nacl, counter=counter)
 
 
@@ -539,7 +542,9 @@ class Decrypt (Crypto):
         self.set_object_counter (self.cnt + 1)
         iv = hdr ["iv"]
         if self.pfx is not None and self.valid_pfx (iv) is False:
-            raise Exception ("XXX iv %r has invalid fixed part" % iv)
+            fixed, _ = struct.unpack (FMT_I2N_IV, iv)
+            raise InvalidIVFixedPart ("iv [%r] has invalid fixed part [%r]"
+                                      % (iv, fixed))
         self.tag = hdr ["tag"]
         defs = ENCRYPTION_PARAMETERS.get(paramversion)
         enc = defs ["enc"]