diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2018-01-12 19:33:42 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2018-01-12 19:33:42 +0900 |
commit | 8bb88f13ad5c761f2104a6f8f37f718e119b3ce6 (patch) | |
tree | f9d510ac3ffd66117701cf3d93e5b7874b091e06 | |
parent | 33a67ac96492828c1ea9d88e011da417d4ce7170 (diff) | |
download | ruby-openssl-8bb88f13ad5c761f2104a6f8f37f718e119b3ce6.tar.gz |
cipher: validate iterations argument for Cipher#pkcs5_keyivgenky/cipher-pkcs5-keyivgen-validate-iter
EVP_BytesToKey() internally converts the iteration count given as an
"int" into an "unsigned int". Calling that with a negative integer will
result in a hang. This is surprising, so let's validate the value by
ourselves and raise ArgumentError as necessary.
-rw-r--r-- | ext/openssl/ossl_cipher.c | 2 | ||||
-rw-r--r-- | test/test_cipher.rb | 3 |
2 files changed, 5 insertions, 0 deletions
diff --git a/ext/openssl/ossl_cipher.c b/ext/openssl/ossl_cipher.c index 740f04b2..9e71c817 100644 --- a/ext/openssl/ossl_cipher.c +++ b/ext/openssl/ossl_cipher.c @@ -321,6 +321,8 @@ ossl_cipher_pkcs5_keyivgen(int argc, VALUE *argv, VALUE self) salt = (unsigned char *)RSTRING_PTR(vsalt); } iter = NIL_P(viter) ? 2048 : NUM2INT(viter); + if (iter <= 0) + rb_raise(rb_eArgError, "iterations must be a positive integer"); digest = NIL_P(vdigest) ? EVP_md5() : GetDigestPtr(vdigest); GetCipher(self, ctx); EVP_BytesToKey(EVP_CIPHER_CTX_cipher(ctx), digest, salt, diff --git a/test/test_cipher.rb b/test/test_cipher.rb index 48149d41..732b4fdd 100644 --- a/test/test_cipher.rb +++ b/test/test_cipher.rb @@ -44,6 +44,9 @@ class OpenSSL::TestCipher < OpenSSL::TestCase s2 = cipher.update(pt) << cipher.final assert_equal s1, s2 + + cipher2 = OpenSSL::Cipher.new("DES-EDE3-CBC").encrypt + assert_raise(ArgumentError) { cipher2.pkcs5_keyivgen(pass, salt, -1, "MD5") } end def test_info |