From f573c6e1ed58d46d694c802eaf5ae3662a952744 Mon Sep 17 00:00:00 2001
From: Christian Brabandt <cb@256bit.org>
Date: Sun, 20 Jun 2021 14:02:16 +0200
Subject: patch 8.2.3022: available encryption methods are not strong enough

Problem:    Available encryption methods are not strong enough.
Solution:   Add initial support for xchaha20. (Christian Brabandt,
            closes #8394)
---
 src/bufwrite.c | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

(limited to 'src/bufwrite.c')

diff --git a/src/bufwrite.c b/src/bufwrite.c
index c7c832cff7..c91bcd9958 100644
--- a/src/bufwrite.c
+++ b/src/bufwrite.c
@@ -30,6 +30,7 @@ struct bw_info
     int		bw_flags;	// FIO_ flags
 #ifdef FEAT_CRYPT
     buf_T	*bw_buffer;	// buffer being written
+    int         bw_finish;      // finish encrypting
 #endif
     char_u	bw_rest[CONV_RESTLEN]; // not converted bytes
     int		bw_restlen;	// nr of bytes in bw_rest[]
@@ -493,14 +494,14 @@ buf_write_bytes(struct bw_info *ip)
 	if (crypt_works_inplace(ip->bw_buffer->b_cryptstate))
 	{
 # endif
-	    crypt_encode_inplace(ip->bw_buffer->b_cryptstate, buf, len);
+	    crypt_encode_inplace(ip->bw_buffer->b_cryptstate, buf, len, ip->bw_finish);
 # ifdef CRYPT_NOT_INPLACE
 	}
 	else
 	{
 	    char_u *outbuf;
 
-	    len = crypt_encode_alloc(curbuf->b_cryptstate, buf, len, &outbuf);
+	    len = crypt_encode_alloc(curbuf->b_cryptstate, buf, len, &outbuf, ip->bw_finish);
 	    if (len == 0)
 		return OK;  // Crypt layer is buffering, will flush later.
 	    wlen = write_eintr(ip->bw_fd, outbuf, len);
@@ -724,6 +725,7 @@ buf_write(
 #endif
 #ifdef FEAT_CRYPT
     write_info.bw_buffer = buf;
+    write_info.bw_finish = FALSE;
 #endif
 
     // After writing a file changedtick changes but we don't want to display
@@ -2015,6 +2017,13 @@ restore_backup:
 		++s;
 		if (++len != bufsize)
 		    continue;
+#ifdef FEAT_CRYPT
+		if (write_info.bw_fd > 0 && lnum == end
+			&& (write_info.bw_flags & FIO_ENCRYPTED)
+			&& *buf->b_p_key != NUL && !filtering
+			&& *ptr == NUL)
+		    write_info.bw_finish = TRUE;
+ #endif
 		if (buf_write_bytes(&write_info) == FAIL)
 		{
 		    end = 0;		// write error: break loop
@@ -2118,6 +2127,12 @@ restore_backup:
 	if (len > 0 && end > 0)
 	{
 	    write_info.bw_len = len;
+#ifdef FEAT_CRYPT
+	    if (write_info.bw_fd > 0 && lnum >= end
+		    && (write_info.bw_flags & FIO_ENCRYPTED)
+		    && *buf->b_p_key != NUL && !filtering)
+		write_info.bw_finish = TRUE;
+ #endif
 	    if (buf_write_bytes(&write_info) == FAIL)
 		end = 0;		    // write error
 	    nchars += len;
-- 
cgit v1.2.3