archive/ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2025-09-15 08:33:58 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

openssl: make Cipher#key= and #iv= reject too long values

Browse source 
* ext/openssl/ossl_cipher.c (ossl_cipher_set_key, ossl_cipher_set_iv):
  Reject too long values as well as too short ones. Currently they
  just truncate the input but this would hide bugs and lead to
  unexpected encryption/decryption results.

* test/openssl/test_cipher.rb: Test that Cipher#key= and #iv= reject
  Strings with invalid length.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55146 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
rhe 2016-05-24 13:09:03 +00:00
parent cff5bd6306
commit ce635262f5
3 changed files with 31 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

12
test/openssl/test_cipher.rb
View file

@ -80,6 +80,18 @@ class OpenSSL::TestCipher < OpenSSL::TestCase
assert_equal(s1, s2, "encrypt reset")
end
def test_key_iv_set
# default value for DES-EDE3-CBC
assert_equal(24, @c1.key_len)
assert_equal(8, @c1.iv_len)
assert_raise(ArgumentError) { @c1.key = "\x01" * 23 }
@c1.key = "\x01" * 24
assert_raise(ArgumentError) { @c1.key = "\x01" * 25 }
assert_raise(ArgumentError) { @c1.iv = "\x01" * 7 }
@c1.iv = "\x01" * 8
assert_raise(ArgumentError) { @c1.iv = "\x01" * 9 }
end
def test_empty_data
@c1.encrypt
assert_raise(ArgumentError){ @c1.update("") }