Streamline M2Crypto 3DES IV handling

M2Crypto defaults to padding the ciphertext,
and the previous implementation danced around that awkwardly
by padding and unpadding ciphertext on decryption
and updating the IV manually.
`m2.cipher_set_padding(context, 0)`
allows to shoulder the IV handling back to where it belongs
and to get rid of unnecessary context reinitializations.
(Investigative work courtesy of @tomato42:
 #377 (review))

Author: t184256

tlslite/utils/openssl_tripledes.py

@@ -15,33 +15,24 @@ class OpenSSL_TripleDES(TripleDES):
 
         def __init__(self, key, mode, IV):
             TripleDES.__init__(self, key, mode, IV, "openssl")
-            self.key = key
-            self.IV = IV
-
-        def _createContext(self, encrypt):
-            context = m2.cipher_ctx_new()
             cipherType = m2.des_ede3_cbc()
-            m2.cipher_init(context, cipherType, self.key, self.IV, encrypt)
-            return context
+            self.encrypt_context = m2.cipher_ctx_new()
+            self.decrypt_context = m2.cipher_ctx_new()
+            m2.cipher_init(self.encrypt_context, cipherType, key, IV, 1)
+            m2.cipher_init(self.decrypt_context, cipherType, key, IV, 0)
+            m2.cipher_set_padding(self.encrypt_context, 0)
+            m2.cipher_set_padding(self.decrypt_context, 0)
 
         def encrypt(self, plaintext):
             TripleDES.encrypt(self, plaintext)
-            context = self._createContext(1)
-            ciphertext = m2.cipher_update(context, plaintext)
-            m2.cipher_ctx_free(context)
-            self.IV = ciphertext[-self.block_size:]
+            ciphertext = m2.cipher_update(self.encrypt_context, plaintext)
             return bytearray(ciphertext)
 
         def decrypt(self, ciphertext):
             TripleDES.decrypt(self, ciphertext)
-            context = self._createContext(0)
-            #I think M2Crypto has a bug - it fails to decrypt and return the last block passed in.
-            #To work around this, we append sixteen zeros to the string, below:
-            plaintext = m2.cipher_update(context, ciphertext+(b'\0'*16))
-
-            #If this bug is ever fixed, then plaintext will end up having a garbage
-            #plaintext block on the end.  That's okay - the below code will ignore it.
-            plaintext = plaintext[:len(ciphertext)]
-            m2.cipher_ctx_free(context)
-            self.IV = ciphertext[-self.block_size:]
+            plaintext = m2.cipher_update(self.decrypt_context, ciphertext)
             return bytearray(plaintext)
+
+        def __del__(self):
+            m2.cipher_ctx_free(self.encrypt_context)
+            m2.cipher_ctx_free(self.decrypt_context)

unit_tests/test_tlslite_utils_tripledes_split.py

@@ -27,8 +27,8 @@ class TestTripleDES(unittest.TestCase):
     _given = given(binary(min_size=24, max_size=24),          # key
                    binary(min_size=8, max_size=8),            # iv
                    binary(min_size=13*8, max_size=13*8),      # plaintext
-                   (tuples(integers(1, 12), integers(1, 12))  # split points
-                       .filter(lambda split_pts: split_pts[0] < split_pts[1])
+                   (tuples(integers(0, 13), integers(0, 13))  # split points
+                       .filter(lambda split_pts: split_pts[0] <= split_pts[1])
                        .map(lambda lengths: [i * 8 for i in lengths])))
 
     def split_test(self, key, iv, plaintext, split_points, make_impl=py_3des):