From 948d67efd8e188a2b9c3ecd8b94bf9fc3e5158b3 Mon Sep 17 00:00:00 2001 From: Thomas Waldmann Date: Mon, 21 Mar 2022 22:29:18 +0100 Subject: [PATCH] crypto.low_level: simplify return code checks (AEAD) --- src/borg/crypto/low_level.pyx | 34 ++++++++++++---------------------- 1 file changed, 12 insertions(+), 22 deletions(-) diff --git a/src/borg/crypto/low_level.pyx b/src/borg/crypto/low_level.pyx index 6880d8736..8a6e4d817 100644 --- a/src/borg/crypto/low_level.pyx +++ b/src/borg/crypto/low_level.pyx @@ -505,26 +505,20 @@ cdef class _AEAD_BASE: odata[offset+i] = header[i] offset += hlen offset += self.mac_len - rc = EVP_EncryptInit_ex(self.ctx, self.cipher(), NULL, NULL, NULL) - if not rc: + if not EVP_EncryptInit_ex(self.ctx, self.cipher(), NULL, NULL, NULL): raise CryptoError('EVP_EncryptInit_ex failed') if not EVP_CIPHER_CTX_ctrl(self.ctx, EVP_CTRL_AEAD_SET_IVLEN, self.iv_len, NULL): raise CryptoError('EVP_CIPHER_CTX_ctrl SET IVLEN failed') - rc = EVP_EncryptInit_ex(self.ctx, NULL, NULL, self.key, self.iv) - if not rc: + if not EVP_EncryptInit_ex(self.ctx, NULL, NULL, self.key, self.iv): raise CryptoError('EVP_EncryptInit_ex failed') - rc = EVP_EncryptUpdate(self.ctx, NULL, &olen, aadata.buf, aadlen) - if not rc: + if not EVP_EncryptUpdate(self.ctx, NULL, &olen, aadata.buf, aadlen): raise CryptoError('EVP_EncryptUpdate failed') - rc = EVP_EncryptUpdate(self.ctx, NULL, &olen, hdata.buf+aoffset, alen) - if not rc: + if not EVP_EncryptUpdate(self.ctx, NULL, &olen, hdata.buf+aoffset, alen): raise CryptoError('EVP_EncryptUpdate failed') - rc = EVP_EncryptUpdate(self.ctx, odata+offset, &olen, idata.buf, ilen) - if not rc: + if not EVP_EncryptUpdate(self.ctx, odata+offset, &olen, idata.buf, ilen): raise CryptoError('EVP_EncryptUpdate failed') offset += olen - rc = EVP_EncryptFinal_ex(self.ctx, odata+offset, &olen) - if not rc: + if not EVP_EncryptFinal_ex(self.ctx, odata+offset, &olen): raise CryptoError('EVP_EncryptFinal_ex failed') offset += olen if not EVP_CIPHER_CTX_ctrl(self.ctx, EVP_CTRL_AEAD_GET_TAG, self.mac_len, odata + hlen): @@ -566,23 +560,19 @@ cdef class _AEAD_BASE: raise CryptoError('EVP_CIPHER_CTX_ctrl SET IVLEN failed') if not EVP_DecryptInit_ex(self.ctx, NULL, NULL, self.key, self.iv): raise CryptoError('EVP_DecryptInit_ex failed') - rc = EVP_DecryptUpdate(self.ctx, NULL, &olen, aadata.buf, aadlen) - if not rc: + if not EVP_DecryptUpdate(self.ctx, NULL, &olen, aadata.buf, aadlen): raise CryptoError('EVP_DecryptUpdate failed') - rc = EVP_DecryptUpdate(self.ctx, NULL, &olen, idata.buf+aoffset, alen) - if not rc: + if not EVP_DecryptUpdate(self.ctx, NULL, &olen, idata.buf+aoffset, alen): raise CryptoError('EVP_DecryptUpdate failed') offset = 0 - rc = EVP_DecryptUpdate(self.ctx, odata+offset, &olen, - idata.buf+hlen+self.mac_len, - ilen-hlen-self.mac_len) - if not rc: + if not EVP_DecryptUpdate(self.ctx, odata+offset, &olen, + idata.buf+hlen+self.mac_len, + ilen-hlen-self.mac_len): raise CryptoError('EVP_DecryptUpdate failed') offset += olen if not EVP_CIPHER_CTX_ctrl(self.ctx, EVP_CTRL_AEAD_SET_TAG, self.mac_len, idata.buf + hlen): raise CryptoError('EVP_CIPHER_CTX_ctrl SET TAG failed') - rc = EVP_DecryptFinal_ex(self.ctx, odata+offset, &olen) - if not rc: + if not EVP_DecryptFinal_ex(self.ctx, odata+offset, &olen): # a failure here means corrupted or tampered tag (mac) or data. raise IntegrityError('Authentication / EVP_DecryptFinal_ex failed') offset += olen