ruby.git/ext/openssl/ossl_cipher.c, branch v4.0.2 The Ruby Programming Language [ruby/openssl] Expand tabs in C source files 2025-12-04T17:46:59+00:00 Kazuki Yamaguchi k@rhe.jp 2025-07-29T18:40:32+00:00 5062c0c621d887367af8a054e5e5d83d7ec57dd3 Since around 2018, we have been using spaces for indentation for newly added code[1]. The mixed use of tabs and spaces has repeatedly confused new contributors who configured their editors to use a different tab size than 8. Since git blame can now skip specific commits, ruby/ruby did a mass reformatting of tabs in 2022[2]. Do the same in ruby/openssl. While at it, fix a few indentation issues, mainly in switch-case labels and in ossl_ssl_session.c, which used doubled indentation size. This patch contains white-space changes only. git diff -w output should be empty. [1] https://bugs.ruby-lang.org/issues/14246 [2] https://bugs.ruby-lang.org/issues/18891 https://github.com/ruby/openssl/commit/4d6214f507 
Since around 2018, we have been using spaces for indentation for newly
added code[1]. The mixed use of tabs and spaces has repeatedly confused
new contributors who configured their editors to use a different tab
size than 8. Since git blame can now skip specific commits, ruby/ruby
did a mass reformatting of tabs in 2022[2]. Do the same in ruby/openssl.

While at it, fix a few indentation issues, mainly in switch-case labels
and in ossl_ssl_session.c, which used doubled indentation size.

This patch contains white-space changes only. git diff -w output should
be empty.

[1] https://bugs.ruby-lang.org/issues/14246
[2] https://bugs.ruby-lang.org/issues/18891

https://github.com/ruby/openssl/commit/4d6214f507
[ruby/openssl] Remove dummy declarations for mOSSL and eOSSLError 2025-11-29T17:05:19+00:00 Kazuki Yamaguchi k@rhe.jp 2025-11-29T16:47:26+00:00 bae06ce22c5ab6a4a3085300274f258d55858e90 These declarations were added to every source file because older versions of RDoc did not resolve ancestor tree across files. Since RDoc 6.9.0 supports this, this workaround is no longer needed. https://redirect.github.com/ruby/rdoc/pull/1217 https://github.com/ruby/openssl/commit/6491ce63be 
These declarations were added to every source file because older
versions of RDoc did not resolve ancestor tree across files. Since
RDoc 6.9.0 supports this, this workaround is no longer needed.

    https://redirect.github.com/ruby/rdoc/pull/1217

https://github.com/ruby/openssl/commit/6491ce63be
[ruby/openssl] cipher: use EVP_CIPHER_fetch() if available 2025-11-06T13:25:09+00:00 Kazuki Yamaguchi k@rhe.jp 2025-08-09T09:36:49+00:00 57aaf86bdbdaacb66ebbd29d1e2551d87167cbfe Likewise, use EVP_MD_fetch() if it is available. This adds support for AES-GCM-SIV with OpenSSL 3.2 or later. https://github.com/ruby/openssl/commit/0e565a215e 
Likewise, use EVP_MD_fetch() if it is available.

This adds support for AES-GCM-SIV with OpenSSL 3.2 or later.

https://github.com/ruby/openssl/commit/0e565a215e
[ruby/openssl] digest: use EVP_MD_fetch() if available 2025-11-06T13:25:09+00:00 Kazuki Yamaguchi k@rhe.jp 2025-06-24T10:31:31+00:00 10d2311e136212549d36f90ec7cb86108e682088 With the introduction of OpenSSL 3 providers, newly implemented algorithms do not necessarily have a corresponding NID assigned. To use such an algorithm, it has to be "fetched" from providers using the new EVP_*_fetch() functions. For digest algorithms, we have to use EVP_MD_fetch() instead of the existing EVP_get_digestbyname(). However, it is not a drop-in replacement because: - EVP_MD_fetch() does not support all algorithm name aliases recognized by EVP_get_digestbyname(). - Both return an EVP_MD, but the one returned by EVP_MD_fetch() is sometimes reference counted and the user has to explicitly release it with EVP_MD_free(). So, keep using EVP_get_digestbyname() for all OpenSSL versions for now, and fall back to EVP_MD_fetch() if it fails. In the latter case, prepare a T_DATA object to manage the fetched EVP_MD's lifetime. https://github.com/ruby/openssl/commit/9fc2179403 
With the introduction of OpenSSL 3 providers, newly implemented
algorithms do not necessarily have a corresponding NID assigned. To use
such an algorithm, it has to be "fetched" from providers using the new
EVP_*_fetch() functions.

For digest algorithms, we have to use EVP_MD_fetch() instead of the
existing EVP_get_digestbyname(). However, it is not a drop-in
replacement because:

 - EVP_MD_fetch() does not support all algorithm name aliases recognized
   by EVP_get_digestbyname().

 - Both return an EVP_MD, but the one returned by EVP_MD_fetch() is
   sometimes reference counted and the user has to explicitly release
   it with EVP_MD_free().

So, keep using EVP_get_digestbyname() for all OpenSSL versions for now,
and fall back to EVP_MD_fetch() if it fails. In the latter case, prepare
a T_DATA object to manage the fetched EVP_MD's lifetime.

https://github.com/ruby/openssl/commit/9fc2179403
[ruby/openssl] cipher: raise CipherError for unsupported algorithm name 2025-11-06T13:25:09+00:00 Kazuki Yamaguchi k@rhe.jp 2025-11-03T09:26:28+00:00 26751e40857be6faf91d0c87362ebae769f51faa Raise OpenSSL::Cipher::CipherError instead of ArgumentError or RuntimeError for consistency. https://github.com/ruby/openssl/commit/78601c9c34 
Raise OpenSSL::Cipher::CipherError instead of ArgumentError or
RuntimeError for consistency.

https://github.com/ruby/openssl/commit/78601c9c34
[ruby/openssl] cipher: various docs improvements 2025-10-27T06:54:01+00:00 Kazuki Yamaguchi k@rhe.jp 2025-10-14T09:19:52+00:00 e5ac2b8956ecf6b6843f5078219542561cd7ecc2 The EVP_CIPHER_CTX = OpenSSL::Cipher interface for AEAD ciphers is notoriously complicated and full of pitfalls. I tried to clarify docs so that users can hopefully connect the Ruby methods with the corresponding OpenSSL man pages more easily. - Call out the common mistakes with Cipher#iv= and Cipher#auth_tag= with AES-GCM. - Update outdated notes about the method calling order requirements with AEAD ciphers. - Add references to the man page where the behavior varies according to the specific cipher algorithm and we cannot document every detail. - Various style/wording updates. https://github.com/ruby/openssl/commit/30e22d9bbb 
The EVP_CIPHER_CTX = OpenSSL::Cipher interface for AEAD ciphers is
notoriously complicated and full of pitfalls. I tried to clarify docs
so that users can hopefully connect the Ruby methods with the
corresponding OpenSSL man pages more easily.

- Call out the common mistakes with Cipher#iv= and Cipher#auth_tag=
  with AES-GCM.
- Update outdated notes about the method calling order requirements
  with AEAD ciphers.
- Add references to the man page where the behavior varies according to
  the specific cipher algorithm and we cannot document every detail.
- Various style/wording updates.

https://github.com/ruby/openssl/commit/30e22d9bbb
[ruby/openssl] Add AuthTagError exception for AEAD authentication 2025-09-17T12:32:50+00:00 Samuel Williams samuel.williams@shopify.com 2025-09-17T12:32:47+00:00 a1f39b4b807a5412181ca3f1bf87e7c7d2d9f542 failures (https://github.com/ruby/openssl/pull/939) * Add AuthTagError exception for AEAD authentication failures - Add OpenSSL::Cipher::AuthTagError as a subclass of CipherError - Raise AuthTagError specifically for AEAD cipher authentication tag verification failures - Enhanced error messages: 'AEAD authentication tag verification failed' for auth failures - Precise detection: Only EVP_CipherFinal_ex failures in AEAD ciphers raise AuthTagError - All other errors (key setup, IV setup, update failures, etc.) still raise CipherError - Comprehensive test coverage for GCM/CCM modes and error inheritance - Fully backwards compatible: AuthTagError < CipherError https://github.com/ruby/openssl/commit/9663b09040 
failures
(https://github.com/ruby/openssl/pull/939)

* Add AuthTagError exception for AEAD authentication failures

- Add OpenSSL::Cipher::AuthTagError as a subclass of CipherError
- Raise AuthTagError specifically for AEAD cipher authentication tag verification failures
- Enhanced error messages: 'AEAD authentication tag verification failed' for auth failures
- Precise detection: Only EVP_CipherFinal_ex failures in AEAD ciphers raise AuthTagError
- All other errors (key setup, IV setup, update failures, etc.) still raise CipherError
- Comprehensive test coverage for GCM/CCM modes and error inheritance
- Fully backwards compatible: AuthTagError < CipherError

https://github.com/ruby/openssl/commit/9663b09040
[ruby/openssl] cipher: remove Cipher#encrypt(password, iv) form 2025-05-15T16:50:25+00:00 Kazuki Yamaguchi k@rhe.jp 2025-05-13T17:09:16+00:00 b43c7cf8c41e86f4ecefbd605bef17625c69ed1a OpenSSL::Cipher#encrypt and #decrypt have long supported a hidden feature to derive a key and an IV from the String argument, but in an inappropriate way. This feature is undocumented, untested, and has been deprecated since commit https://github.com/ruby/ruby/commit/0dc43217b189 on 2004-06-30, which started printing a non-verbose warning. More than 20 years later, it must be safe to remove it entirely. The deprecated usage: # `password` is a String, `iv` is either a String or nil cipher = OpenSSL::Cipher.new("aes-256-cbc") cipher.encrypt(password, iv) p cipher.update("data") << cipher.final was equivalent to: cipher = OpenSSL::Cipher.new("aes-256-cbc") cipher.encrypt iv ||= "OpenSSL for Ruby rulez!" key = ((cipher.key_len + 15) / 16).times.inject([""]) { |ary, _| ary << OpenSSL::Digest.digest("MD5", ary.last + password + iv[0, 8].ljust(8, "\0")) }.join cipher.key = key[...cipher.key_len] cipher.iv = iv[...cipher.iv_len].ljust(cipher.iv_len, "\0") p cipher.update("data") << cipher.final https://github.com/ruby/openssl/commit/e46d992ea1 
OpenSSL::Cipher#encrypt and #decrypt have long supported a hidden
feature to derive a key and an IV from the String argument, but in an
inappropriate way.

This feature is undocumented, untested, and has been deprecated since
commit https://github.com/ruby/ruby/commit/0dc43217b189 on 2004-06-30,
which started printing a non-verbose warning. More than 20 years later,
it must be safe to remove it entirely.

The deprecated usage:

	# `password` is a String, `iv` is either a String or nil
	cipher = OpenSSL::Cipher.new("aes-256-cbc")
	cipher.encrypt(password, iv)
	p cipher.update("data") << cipher.final

was equivalent to:

	cipher = OpenSSL::Cipher.new("aes-256-cbc")
	cipher.encrypt

	iv ||= "OpenSSL for Ruby rulez!"
	key = ((cipher.key_len + 15) / 16).times.inject([""]) { |ary, _|
	  ary << OpenSSL::Digest.digest("MD5", ary.last + password + iv[0, 8].ljust(8, "\0"))
	}.join
	cipher.key = key[...cipher.key_len]
	cipher.iv = iv[...cipher.iv_len].ljust(cipher.iv_len, "\0")
	p cipher.update("data") << cipher.final

https://github.com/ruby/openssl/commit/e46d992ea1
[ruby/openssl] mark `initialize_copy` as :nodoc: 2025-03-12T16:03:47+00:00 Sarun Rattanasiri midnight_w@gmx.tw 2025-03-08T14:43:11+00:00 9ec8dc9c6504e62c6a3ff6b111cee53f67d5508c https://github.com/ruby/openssl/commit/17f87d2cf0 
https://github.com/ruby/openssl/commit/17f87d2cf0
[ruby/openssl] cipher: make output buffer String independent 2024-12-21T18:33:03+00:00 Kazuki Yamaguchi k@rhe.jp 2024-12-10T14:06:00+00:00 637f019f1f7611ba41f761a1b17e4228661d0a5b OpenSSL::Cipher#update accepts a String as the second argument to be used as the output buffer. The buffer must be directly writable, in other words, it must not be frozen and not a shared string. rb_str_resize() does not make the String independent if the String already has the intended length. Use the rb_str_modify() family instead to check it. Fixes: https://bugs.ruby-lang.org/issues/20937 https://github.com/ruby/openssl/commit/1de3b80a46 
OpenSSL::Cipher#update accepts a String as the second argument to be
used as the output buffer. The buffer must be directly writable, in
other words, it must not be frozen and not a shared string.

rb_str_resize() does not make the String independent if the String
already has the intended length. Use the rb_str_modify() family instead
to check it.

Fixes: https://bugs.ruby-lang.org/issues/20937

https://github.com/ruby/openssl/commit/1de3b80a46