cipher: disallow setting AAD for non-AEAD ciphers

EVP_CipherUpdate() must not be call with the output parameter set to NULL when the cipher does not support AEAD. Check the flag of EVP_CIPHER, and raise an exception as necessary. Reference: http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-core/83337 Reference: https://bugs.ruby-lang.org/issues/14024
author: Kazuki Yamaguchi <k@rhe.jp> 2017-10-18 23:24:37 +0900
committer: Kazuki Yamaguchi <k@rhe.jp> 2017-10-18 23:24:37 +0900
commit: bb10767b0570d44f240632a7399c882764a48649 (patch)
tree: c637714e4b1e1154ab530c67826bab85c200b95e /test
parent: c35c69256770dd1f41bfacfbde71b2cea4227e58 (diff)
download: ruby-openssl-bb10767b0570d44f240632a7399c882764a48649.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/test/test_cipher.rb b/test/test_cipher.rb
index ad0e87b4..216eeded 100644
--- a/test/test_cipher.rb
+++ b/test/test_cipher.rb
@@ -297,6 +297,13 @@ class OpenSSL::TestCipher < OpenSSL::TestCase
     assert_equal tag1, tag2
   end if has_cipher?("aes-128-gcm")
 
+  def test_non_aead_cipher_set_auth_data
+    assert_raise(OpenSSL::Cipher::CipherError) {
+      cipher = OpenSSL::Cipher.new("aes-128-cfb").encrypt
+      cipher.auth_data = "123"
+    }
+  end
+
   private
 
   def new_encryptor(algo, **kwargs)
author	Kazuki Yamaguchi <k@rhe.jp>	2017-10-18 23:24:37 +0900
committer	Kazuki Yamaguchi <k@rhe.jp>	2017-10-18 23:24:37 +0900
commit	bb10767b0570d44f240632a7399c882764a48649 (patch)
tree	c637714e4b1e1154ab530c67826bab85c200b95e /test
parent	c35c69256770dd1f41bfacfbde71b2cea4227e58 (diff)
download	ruby-openssl-bb10767b0570d44f240632a7399c882764a48649.tar.gz