cipher: validate iterations argument for Cipher#pkcs5_keyivgenky/cipher-pkcs5-keyivgen-validate-iter

EVP_BytesToKey() internally converts the iteration count given as an "int" into an "unsigned int". Calling that with a negative integer will result in a hang. This is surprising, so let's validate the value by ourselves and raise ArgumentError as necessary.
author: Kazuki Yamaguchi <k@rhe.jp> 2018-01-12 19:33:42 +0900
committer: Kazuki Yamaguchi <k@rhe.jp> 2018-01-12 19:33:42 +0900
commit: 8bb88f13ad5c761f2104a6f8f37f718e119b3ce6 (patch)
tree: f9d510ac3ffd66117701cf3d93e5b7874b091e06 /test
parent: 33a67ac96492828c1ea9d88e011da417d4ce7170 (diff)
download: ruby-openssl-8bb88f13ad5c761f2104a6f8f37f718e119b3ce6.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/test/test_cipher.rb b/test/test_cipher.rb
index 48149d41..732b4fdd 100644
--- a/test/test_cipher.rb
+++ b/test/test_cipher.rb
@@ -44,6 +44,9 @@ class OpenSSL::TestCipher < OpenSSL::TestCase
     s2 = cipher.update(pt) << cipher.final
 
     assert_equal s1, s2
+
+    cipher2 = OpenSSL::Cipher.new("DES-EDE3-CBC").encrypt
+    assert_raise(ArgumentError) { cipher2.pkcs5_keyivgen(pass, salt, -1, "MD5") }
   end
 
   def test_info
author	Kazuki Yamaguchi <k@rhe.jp>	2018-01-12 19:33:42 +0900
committer	Kazuki Yamaguchi <k@rhe.jp>	2018-01-12 19:33:42 +0900
commit	8bb88f13ad5c761f2104a6f8f37f718e119b3ce6 (patch)
tree	f9d510ac3ffd66117701cf3d93e5b7874b091e06 /test
parent	33a67ac96492828c1ea9d88e011da417d4ce7170 (diff)
download	ruby-openssl-8bb88f13ad5c761f2104a6f8f37f718e119b3ce6.tar.gz