diff options
-rw-r--r-- | ext/openssl/ossl_cipher.c | 39 | ||||
-rw-r--r-- | test/test_cipher.rb | 22 |
2 files changed, 32 insertions, 29 deletions
diff --git a/ext/openssl/ossl_cipher.c b/ext/openssl/ossl_cipher.c index e2ec0bf8..73b667b2 100644 --- a/ext/openssl/ossl_cipher.c +++ b/ext/openssl/ossl_cipher.c @@ -527,6 +527,27 @@ ossl_cipher_set_iv(VALUE self, VALUE iv) return iv; } +/* + * call-seq: + * cipher.authenticated? -> true | false + * + * Indicated whether this Cipher instance uses an Authenticated Encryption + * mode. + */ +static VALUE +ossl_cipher_is_authenticated(VALUE self) +{ + EVP_CIPHER_CTX *ctx; + + GetCipher(self, ctx); + +#if defined(HAVE_AUTHENTICATED_ENCRYPTION) + return (EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER) ? Qtrue : Qfalse; +#else + return Qfalse; +#endif +} + #ifdef HAVE_AUTHENTICATED_ENCRYPTION /* * call-seq: @@ -673,23 +694,6 @@ ossl_cipher_set_auth_tag_len(VALUE self, VALUE vlen) } /* - * call-seq: - * cipher.authenticated? -> boolean - * - * Indicated whether this Cipher instance uses an Authenticated Encryption - * mode. - */ -static VALUE -ossl_cipher_is_authenticated(VALUE self) -{ - EVP_CIPHER_CTX *ctx; - - GetCipher(self, ctx); - - return (EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER) ? Qtrue : Qfalse; -} - -/* * call-seq: * cipher.iv_len = integer -> integer * @@ -723,7 +727,6 @@ ossl_cipher_set_iv_length(VALUE self, VALUE iv_length) #define ossl_cipher_get_auth_tag rb_f_notimplement #define ossl_cipher_set_auth_tag rb_f_notimplement #define ossl_cipher_set_auth_tag_len rb_f_notimplement -#define ossl_cipher_is_authenticated rb_f_notimplement #define ossl_cipher_set_iv_length rb_f_notimplement #endif diff --git a/test/test_cipher.rb b/test/test_cipher.rb index 015bb561..0d79eabe 100644 --- a/test/test_cipher.rb +++ b/test/test_cipher.rb @@ -4,20 +4,18 @@ require_relative 'utils' if defined?(OpenSSL::TestUtils) class OpenSSL::TestCipher < OpenSSL::TestCase - - @ciphers = OpenSSL::Cipher.ciphers - - class << self - + module Helper def has_cipher?(name) + @ciphers ||= OpenSSL::Cipher.ciphers @ciphers.include?(name) end def has_ciphers?(list) list.all? { |name| has_cipher?(name) } end - end + include Helper + extend Helper def setup @c1 = OpenSSL::Cipher.new("DES-EDE3-CBC") @@ -144,14 +142,16 @@ class OpenSSL::TestCipher < OpenSSL::TestCase end end - if has_ciphers?(['aes-128-gcm', 'aes-192-gcm', 'aes-256-gcm']) - - def test_authenticated + def test_authenticated + if has_cipher?('aes-128-gcm') cipher = OpenSSL::Cipher.new('aes-128-gcm') assert_predicate(cipher, :authenticated?) - cipher = OpenSSL::Cipher.new('aes-128-cbc') - assert_not_predicate(cipher, :authenticated?) end + cipher = OpenSSL::Cipher.new('aes-128-cbc') + assert_not_predicate(cipher, :authenticated?) + end + + if has_ciphers?(['aes-128-gcm', 'aes-192-gcm', 'aes-256-gcm']) def test_aes_gcm ['aes-128-gcm', 'aes-192-gcm', 'aes-256-gcm'].each do |algo| |