From 26b42ad4d0f1252553eb9b5155a1689be056e445 Mon Sep 17 00:00:00 2001
From: Philipp Gesang <philipp.gesang@intra2net.com>
Date: Thu, 6 Apr 2017 17:06:05 +0200
Subject: [PATCH] fix IV fixed part validation on decryption

---
 deltatar/crypto.py |   11 ++++++++---
 1 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/deltatar/crypto.py b/deltatar/crypto.py
index 0226a48..56b0e61 100755
--- a/deltatar/crypto.py
+++ b/deltatar/crypto.py
@@ -71,6 +71,10 @@ class InvalidHeader (Exception):
     """Header not valid."""
     pass
 
+class InvalidIVFixedPart (Exception):
+    """IV fixed part not in supplied list."""
+    pass
+
 class DecryptionError (Exception):
     """Error during decryption."""
     pass
@@ -518,8 +522,7 @@ class Decrypt (Crypto):
         if fixedparts is not None:
             self.pfx = fixedparts
             self.pfx.sort ()
-            super().__init__ (password, paramversion, nacl, counter=counter,
-                              nextpfx=lambda: self.pfx.pop())
+            super().__init__ (password, paramversion, nacl, counter=counter)
         super().__init__ (password, paramversion, nacl, counter=counter)
 
 
@@ -539,7 +542,9 @@ class Decrypt (Crypto):
         self.set_object_counter (self.cnt + 1)
         iv = hdr ["iv"]
         if self.pfx is not None and self.valid_pfx (iv) is False:
-            raise Exception ("XXX iv %r has invalid fixed part" % iv)
+            fixed, _ = struct.unpack (FMT_I2N_IV, iv)
+            raise InvalidIVFixedPart ("iv [%r] has invalid fixed part [%r]"
+                                      % (iv, fixed))
         self.tag = hdr ["tag"]
         defs = ENCRYPTION_PARAMETERS.get(paramversion)
         enc = defs ["enc"]
-- 
1.7.1