From cc06e5f0e8724d7e5664b1232f5244334e1fa1fb Mon Sep 17 00:00:00 2001 From: Philipp Gesang Date: Fri, 24 Feb 2017 10:50:03 +0100 Subject: [PATCH] make tarfile.py error out on invalid crypto modes and combos MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit The tarfile stream ctor will simply gloss over encryption requested by the caller unless it happens to exactly match the string (!) “aes”. Furthermore, with non-gzip compression the encryption will be ignored altogether. Instead of deceiving the user about the encryption being applied, have the ctor fail immediately on invalid combinations. --- deltatar/tarfile.py | 28 +++++++++++++++++++++++++--- 1 files changed, 25 insertions(+), 3 deletions(-) diff --git a/deltatar/tarfile.py b/deltatar/tarfile.py index 07c33f8..8e937b4 100644 --- a/deltatar/tarfile.py +++ b/deltatar/tarfile.py @@ -53,7 +53,8 @@ import copy import re import operator -from . import aescrypto +#from . import aescrypto +from . import crypto try: import grp, pwd @@ -148,6 +149,8 @@ PAX_NUMBER_FIELDS = { "size": int } +VALID_ENCRYPTION_MODES = [ "aes" ] + #--------------------------------------------------------- # initialization #--------------------------------------------------------- @@ -308,6 +311,9 @@ class InvalidHeaderError(HeaderError): class SubsequentHeaderError(HeaderError): """Exception for missing and invalid extended headers.""" pass +class InvalidEncryptionError(TarError): + """Exception for undefined crypto modes and combinations.""" + pass #--------------------------- # internal stream interface @@ -343,6 +349,7 @@ class _LowLevelFile: def tell(self): return self.offset + class _Stream: """Class that serves as an adapter between TarFile and a stream-like object. The stream-like object only @@ -393,6 +400,9 @@ class _Stream: self.bytes_written = 0 try: + if enctype != "" and enctype not in VALID_ENCRYPTION_MODES: + raise InvalidEncryptionError("unsupported encryption mode %r" + % enctype) if comptype == "gz": try: import zlib @@ -401,8 +411,8 @@ class _Stream: self.zlib = zlib if mode == "r": if self.enctype == 'aes': - self.encryption = aescrypto.AESCrypt(self.password, - key_length=self.key_length) + self.encryption = crypto.AES_GCM_context(self.password, + key_length=self.key_length) self._init_read_gz() self.exception = zlib.error else: @@ -410,6 +420,10 @@ class _Stream: self.crc = zlib.crc32(b"") & 0xFFFFffff elif comptype == "bz2": + if self.enctype != "": + raise InvalidEncryptionError("encryption mode %r not " + "available for compression %s" + % (enctype, comptype)) try: import bz2 except ImportError: @@ -422,6 +436,10 @@ class _Stream: self.cmp = bz2.BZ2Compressor() elif comptype == 'xz': + if self.enctype != "": + raise InvalidEncryptionError("encryption mode %r not " + "available for compression %s" + % (enctype, comptype)) try: import lzma except ImportError: @@ -441,6 +459,10 @@ class _Stream: self.__write_to_file(self.encryption.salt_str) elif comptype != "tar": + if self.enctype != "": + raise InvalidEncryptionError("encryption mode %r not " + "available for compression %s" + % (enctype, comptype)) raise CompressionError("unknown compression type %r" % comptype) except: -- 1.7.1