cipher: allow setting IV length when using AEAD cipherstopic/cipher-iv-len

Add OpenSSL::Cipher#iv_len=. For interoperability with other applications, it is sometimes required. Normally 'IV' is fixed-length, but in OpenSSL, some ciphers such as aes-128-gcm make use of it as 'nonce', which is variable-length. Changing the IV length in Cipher#iv= is also an option but I decided not to choose it. Because in Ruby <= 2.3 Cipher#iv= truncates the input when the length is longer than the current IV length, changing the behavior might cause unexpected encryption result. [Bug #8667] [Bug #10420] [GH ruby/ruby#569]
author: Kazuki Yamaguchi <k@rhe.jp> 2016-07-02 20:37:20 +0900
committer: Kazuki Yamaguchi <k@rhe.jp> 2016-07-09 02:46:37 +0900
commit: 01e18485d81e562688be739f902c78965fc1f0be (patch)
tree: c1baeb44beaca2a540efa47c652cbe039b9aadd0 /ext/openssl/openssl_missing.h
parent: 1b8bcdb1dc06626a285859570a1e67037df47d8e (diff)
download: ruby-openssl-01e18485d81e562688be739f902c78965fc1f0be.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h
index 769c7c2d..d2fdce16 100644
--- a/ext/openssl/openssl_missing.h
+++ b/ext/openssl/openssl_missing.h
@@ -231,6 +231,7 @@ IMPL_PKEY_GETTER(EC_KEY, ec)
 #if defined(HAVE_AUTHENTICATED_ENCRYPTION) && !defined(EVP_CTRL_AEAD_GET_TAG)
 #  define EVP_CTRL_AEAD_GET_TAG EVP_CTRL_GCM_GET_TAG
 #  define EVP_CTRL_AEAD_SET_TAG EVP_CTRL_GCM_SET_TAG
+#  define EVP_CTRL_AEAD_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN
 #endif
 
 #endif /* _OSSL_OPENSSL_MISSING_H_ */
author	Kazuki Yamaguchi <k@rhe.jp>	2016-07-02 20:37:20 +0900
committer	Kazuki Yamaguchi <k@rhe.jp>	2016-07-09 02:46:37 +0900
commit	01e18485d81e562688be739f902c78965fc1f0be (patch)
tree	c1baeb44beaca2a540efa47c652cbe039b9aadd0 /ext/openssl/openssl_missing.h
parent	1b8bcdb1dc06626a285859570a1e67037df47d8e (diff)
download	ruby-openssl-01e18485d81e562688be739f902c78965fc1f0be.tar.gz