diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2017-10-18 23:24:37 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2017-10-18 23:24:37 +0900 |
commit | bb10767b0570d44f240632a7399c882764a48649 (patch) | |
tree | c637714e4b1e1154ab530c67826bab85c200b95e /test | |
parent | c35c69256770dd1f41bfacfbde71b2cea4227e58 (diff) | |
download | ruby-openssl-bb10767b0570d44f240632a7399c882764a48649.tar.gz |
cipher: disallow setting AAD for non-AEAD ciphers
EVP_CipherUpdate() must not be call with the output parameter set to
NULL when the cipher does not support AEAD. Check the flag of
EVP_CIPHER, and raise an exception as necessary.
Reference: http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-core/83337
Reference: https://bugs.ruby-lang.org/issues/14024
Diffstat (limited to 'test')
-rw-r--r-- | test/test_cipher.rb | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/test/test_cipher.rb b/test/test_cipher.rb index ad0e87b4..216eeded 100644 --- a/test/test_cipher.rb +++ b/test/test_cipher.rb @@ -297,6 +297,13 @@ class OpenSSL::TestCipher < OpenSSL::TestCase assert_equal tag1, tag2 end if has_cipher?("aes-128-gcm") + def test_non_aead_cipher_set_auth_data + assert_raise(OpenSSL::Cipher::CipherError) { + cipher = OpenSSL::Cipher.new("aes-128-cfb").encrypt + cipher.auth_data = "123" + } + end + private def new_encryptor(algo, **kwargs) |