| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Ruby core uses _str_ for emphasizing argument names and +str+ for codes.
Match with the rule for better rendering.
|
|
|
|
|
|
|
|
|
|
| |
They are no longer receiving security updates from the OpenSSL
development team since 2015-12.
We have kept basic compatibility until now because RHEL 5 still uses an
(heavily modified) OpenSSL 0.9.8e. The RHEL 5 will reach EOL on 2017-03,
thus it is now safe to assume nobody is still using such old versions of
OpenSSL.
|
|
|
|
|
| |
Implement Cipher#authenticated? even when the OpenSSL version does not
support AEAD. It just returns false.
|
|
|
|
|
|
|
| |
Remove a sentence "If not explicitly set, the OpenSSL default of an
all-zeroes ("\\0") IV is used." It actually works so, but not guranteed
by the OpenSSL API. At least I didn't find any formal documentation
saying so.
|
|\
| |
| |
| |
| | |
* topic/cipher-no-initialize-null-key:
cipher: don't set dummy encryption key in Cipher#initialize
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Remove the encryption key initialization from Cipher#initialize. This
is effectively a revert of r32723 ("Avoid possible SEGV from AES
encryption/decryption", 2011-07-28).
r32723, which added the key initialization, was a workaround for
Ruby Bug #2768. For some certain ciphers, calling EVP_CipherUpdate()
before setting an encryption key caused segfault. It was not a problem
until OpenSSL implemented GCM mode - the encryption key could be
overridden by repeated calls of EVP_CipherInit_ex(). But, it is not the
case for AES-GCM ciphers. Setting a key, an IV, a key, in this order
causes the IV to be reset to an all-zero IV.
The problem of Bug #2768 persists on the current versions of OpenSSL.
So, make Cipher#update raise an exception if a key is not yet set by the
user. Since encrypting or decrypting without key does not make any
sense, this should not break existing applications.
Users can still call Cipher#key= and Cipher#iv= multiple times with
their own responsibility.
Reference: https://bugs.ruby-lang.org/issues/2768
Reference: https://bugs.ruby-lang.org/issues/8221
Reference: https://github.com/ruby/openssl/issues/49
|
|/
|
|
|
|
| |
* fix typos, "a" before "Integer" to "an". [Fix GH-1438]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56225 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|\
| |
| |
| |
| | |
* topic/cipher-auth-tag-len:
cipher: add Cipher#auth_tag_len=
|
| |
| |
| |
| |
| |
| | |
Add a method to set the authentication tag length to be generate by an
AEAD ciphers. In particular, OCB mode which is implemented in OpenSSL
1.1.0 requires this.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The function GetCipherPtr() is used when we want a const EVP_CIPHER that
represents a cipher algorithm. This change allows users to write a code
that exports a PKey encrypted without creating an OpenSSL::Cipher
instance:
pkey = OpenSSL::PKey.read(...)
pkey.export("aes-128-cbc") { password }
This is the same as what happened to GetDigestPtr() in r12128.
|
| | |
|
| |
| |
| |
| |
| |
| | |
Add some explaination about the associated data. Also fix the
description of the AES-GCM example: the IV (nonce) doesn't need to be
unpredictable.
|
|/
|
|
|
| |
Add a note about GCM mode - warn of the risk of reusing nonce and
authentication tag truncation. [GH ruby/openssl#63]
|
|
|
|
| |
Fixes c0548c94e499.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The function ossl_cipher_update_long() was added to fix this in r48923
(ossl_cipher.c: workaround of OpenSSL API, 2014-12-23), but it didn't
work well. [Bug #10633]
This can be tested by running:
$ fallocate -l 2G data.img
$ ruby -ropenssl <<EOF
cipher = OpenSSL::Cipher.new("aes-128-ecb").encrypt
cipher.key = "\x00" * 16
ct = cipher.update(File.read("data.img")) << cipher.final
p ct.bytesize
EOF
|
|\
| |
| |
| |
| | |
* topic/cipher-iv-len:
cipher: allow setting IV length when using AEAD ciphers
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add OpenSSL::Cipher#iv_len=. For interoperability with other
applications, it is sometimes required. Normally 'IV' is fixed-length,
but in OpenSSL, some ciphers such as aes-128-gcm make use of it as
'nonce', which is variable-length.
Changing the IV length in Cipher#iv= is also an option but I decided not
to choose it. Because in Ruby <= 2.3 Cipher#iv= truncates the input when
the length is longer than the current IV length, changing the behavior
might cause unexpected encryption result.
[Bug #8667] [Bug #10420] [GH ruby/ruby#569]
|
|/ |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* ext/openssl/ossl_cipher.c (ossl_cipher_get_auth_tag,
ossl_cipher_set_auth_tag): Check if the cipher flags retrieved by
EVP_CIPHER_CTX_flags() includes EVP_CIPH_FLAG_AEAD_CIPHER to see if
the cipher supports AEAD. AES-GCM was the only supported in OpenSSL
1.0.1.
(Init_ossl_cipher): Fix doc; OpenSSL::Cipher::AES.new(128, :GCM) can't
work.
* ext/openssl/openssl_missing.h: Define EVP_CTRL_AEAD_{GET,SET}_TAG if
missing. They are added in OpenSSL 1.1.0, and have the same value as
EVP_CTRL_GCM_{GET,SET}_TAG and EVP_CTRL_CCM_{GET,SET}_TAG.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55388 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
|
|
|
|
| |
* ext/openssl/ossl_cipher.c (ossl_cipher_free): Use EVP_CIPHER_CTX_free()
to free EVP_CIPHER_CTX allocated by EVP_CIPHER_CTX_new().
[ruby-core:75225] [Feature #12324]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55294 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* ext/openssl/extconf.rb: Check existence of accessor functions that
don't exist in OpenSSL 0.9.8. OpenSSL 1.1.0 made most of its
structures opaque and requires use of these accessor functions.
[ruby-core:75225] [Feature #12324]
* ext/openssl/openssl_missing.[ch]: Implement them if missing.
* ext/openssl/ossl*.c: Use these accessor functions.
* test/openssl/test_hmac.rb: Add missing test for HMAC#reset.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55287 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
|
|
| |
* ext/openssl, test/openssl: Drop OpenSSL < 0.9.8 support.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55162 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
|
|
|
|
|
|
|
|
| |
* ext/openssl/ossl_cipher.c (ossl_cipher_set_key, ossl_cipher_set_iv):
Reject too long values as well as too short ones. Currently they
just truncate the input but this would hide bugs and lead to
unexpected encryption/decryption results.
* test/openssl/test_cipher.rb: Test that Cipher#key= and #iv= reject
Strings with invalid length.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55146 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* ext/openssl/ossl_asn1.c, ext/openssl/ossl_bn.c,
ext/openssl/ossl_cipher.c, ext/openssl/ossl_digest.c
ext/openssl/ossl_engine.c, ext/openssl/ossl_ns_spki.c
ext/openssl/ossl_pkcs12.c, ext/openssl/ossl_pkcs7.c
ext/openssl/ossl_pkey.c, ext/openssl/ossl_pkey_ec.c
ext/openssl/ossl_rand.c, ext/openssl/ossl_ssl.c
ext/openssl/ossl_x509attr.c, ext/openssl/ossl_x509cert.c
ext/openssl/ossl_x509ext.c, ext/openssl/ossl_x509store.c: Use
StringValueCStr() where NUL-terminated string is expected.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55134 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
| |
|
| |
|
| |
|
|
|
|
| |
See also r50351 from ruby/ruby#876
|
| |
|
|
|