openssl: make Cipher#key= and #iv= reject too long values

* ext/openssl/ossl_cipher.c (ossl_cipher_set_key, ossl_cipher_set_iv):
  Reject too long values as well as too short ones. Currently they
  just truncate the input but this would hide bugs and lead to
  unexpected encryption/decryption results.

* test/openssl/test_cipher.rb: Test that Cipher#key= and #iv= reject
  Strings with invalid length.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55146 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

1 files changed, 9 insertions, 5 deletions

diff --git a/ext/openssl/ossl_cipher.c b/ext/openssl/ossl_cipher.c
index 9aab8025..43a8effa 100644
--- a/ext/openssl/ossl_cipher.c
+++ b/ext/openssl/ossl_cipher.c
@@ -480,15 +480,17 @@ static VALUE
 ossl_cipher_set_key(VALUE self, VALUE key)
 {
     EVP_CIPHER_CTX *ctx;
+    int key_len;
 
     StringValue(key);
     GetCipher(self, ctx);
 
-    if (RSTRING_LEN(key) < EVP_CIPHER_CTX_key_length(ctx))
-        ossl_raise(eCipherError, "key length too short");
+    key_len = EVP_CIPHER_CTX_key_length(ctx);
+    if (RSTRING_LEN(key) != key_len)
+	ossl_raise(rb_eArgError, "key must be %d bytes", key_len);
 
     if (EVP_CipherInit_ex(ctx, NULL, NULL, (unsigned char *)RSTRING_PTR(key), NULL, -1) != 1)
-        ossl_raise(eCipherError, NULL);
+	ossl_raise(eCipherError, NULL);
 
     return key;
 }
@@ -512,12 +514,14 @@ static VALUE
 ossl_cipher_set_iv(VALUE self, VALUE iv)
 {
     EVP_CIPHER_CTX *ctx;
+    int iv_len;
 
     StringValue(iv);
     GetCipher(self, ctx);
 
-    if (RSTRING_LEN(iv) < EVP_CIPHER_CTX_iv_length(ctx))
-        ossl_raise(eCipherError, "iv length too short");
+    iv_len = EVP_CIPHER_CTX_iv_length(ctx);
+    if (RSTRING_LEN(iv) != iv_len)
+	ossl_raise(rb_eArgError, "iv must be %d bytes", iv_len);
 
     if (EVP_CipherInit_ex(ctx, NULL, NULL, NULL, (unsigned char *)RSTRING_PTR(iv), -1) != 1)
 	ossl_raise(eCipherError, NULL);