diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2016-09-28 21:49:57 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2017-08-24 20:19:34 +0900 |
commit | 5f79da4812d2bafd92a964a63875cda8f76a8045 (patch) | |
tree | 0e18569d9d16046b5e84f1b4fcf3cfbf9053a175 | |
parent | 6a79a06a78ad74441a58da166e108b656aa89f61 (diff) | |
download | ruby-openssl-5f79da4812d2bafd92a964a63875cda8f76a8045.tar.gz |
cipher: update the documentation for Cipher#auth_tag=ky/cipher-aead-set-aead-tag-documentation-fix
The authentication tag can be set after starting the decryption, if
only it is before Cipher#final is called.
Fixes: https://github.com/ruby/openssl/issues/74
-rw-r--r-- | ext/openssl/ossl_cipher.c | 12 |
1 files changed, 5 insertions, 7 deletions
diff --git a/ext/openssl/ossl_cipher.c b/ext/openssl/ossl_cipher.c index c2f0927a..36e42ede 100644 --- a/ext/openssl/ossl_cipher.c +++ b/ext/openssl/ossl_cipher.c @@ -631,13 +631,11 @@ ossl_cipher_get_auth_tag(int argc, VALUE *argv, VALUE self) * call-seq: * cipher.auth_tag = string -> string * - * Sets the authentication tag to verify the contents of the - * ciphertext. The tag must be set after calling Cipher#decrypt, - * Cipher#key= and Cipher#iv=, but before assigning the associated - * authenticated data using Cipher#auth_data= and of course, before - * decrypting any of the ciphertext. After all decryption is - * performed, the tag is verified automatically in the call to - * Cipher#final. + * Sets the authentication tag to verify the integrity of the ciphertext. + * This can be called only when the cipher supports AE. The tag must be set + * after calling Cipher#decrypt, Cipher#key= and Cipher#iv=, but before + * calling Cipher#final. After all decryption is performed, the tag is + * verified automatically in the call to Cipher#final. * * For OCB mode, the tag length must be supplied with #auth_tag_len= * beforehand. |