* ext/openssl/ossl_cipher.c (ossl_cipher_initialize): Avoid possible

SEGV from AES encryption/decryption. Processing data by Cipher#update without initializing key (meaningless usage of Cipher object since we don't offer a way to export a key) could cause SEGV. In OpenSSL, the EVP which has EVP_CIPH_RAND_KEY flag (such as DES3) allows uninitialized key, but other EVPs (such as AES) does not allow it. Calling EVP_CipherUpdate() without initializing key causes SEGV so we set the data filled with "\0" as the key by default. See #2768. * test/openssl/test_cipher.rb: test it. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32723 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: nahi <nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2011-07-28 13:48:05 +0000
committer: nahi <nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2011-07-28 13:48:05 +0000
commit: e7e87b3c4e5979ab81e924c3f1d26b7a28edbf74 (patch)
tree: 006b08c9a191085db4c3b836daf1a145fc135f1f
parent: 46247fb35a262b71d193b76ec594c644d6efeabe (diff)
3 files changed, 33 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index 7c064e7bcd..4110c8f962 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,18 @@
+Thu Jul 28 22:36:06 2011  Hiroshi Nakamura  <nahi@ruby-lang.org>
+
+	* ext/openssl/ossl_cipher.c (ossl_cipher_initialize): Avoid possible
+	  SEGV from AES encryption/decryption. Processing data by
+	  Cipher#update without initializing key (meaningless usage of Cipher
+	  object since we don't offer a way to export a key) could cause SEGV.
+	  
+	  In OpenSSL, the EVP which has EVP_CIPH_RAND_KEY flag (such as DES3)
+	  allows uninitialized key, but other EVPs (such as AES) does not
+	  allow it. Calling EVP_CipherUpdate() without initializing key causes
+	  SEGV so we set the data filled with "\0" as the key by default. See
+	  #2768.
+
+	* test/openssl/test_cipher.rb: test it.
+
 Thu Jul 28 14:25:08 2011  NAKAMURA Usaku  <usa@ruby-lang.org>
 
 	* lib/rubygems/user_interaction.rb (Gem::StreamUI#tty?): typo.
diff --git a/ext/openssl/ossl_cipher.c b/ext/openssl/ossl_cipher.c
index ad6eab1e98..7a30641153 100644
--- a/ext/openssl/ossl_cipher.c
+++ b/ext/openssl/ossl_cipher.c
@@ -102,6 +102,7 @@ ossl_cipher_initialize(VALUE self, VALUE str)
     EVP_CIPHER_CTX *ctx;
     const EVP_CIPHER *cipher;
     char *name;
+    unsigned char key[EVP_MAX_KEY_LENGTH];
 
     name = StringValuePtr(str);
     GetCipherInit(self, ctx);
@@ -113,7 +114,14 @@ ossl_cipher_initialize(VALUE self, VALUE str)
     if (!(cipher = EVP_get_cipherbyname(name))) {
 	ossl_raise(rb_eRuntimeError, "unsupported cipher algorithm (%s)", name);
     }
-    if (EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, -1) != 1)
+    /*
+     * The EVP which has EVP_CIPH_RAND_KEY flag (such as DES3) allows
+     * uninitialized key, but other EVPs (such as AES) does not allow it.
+     * Calling EVP_CipherUpdate() without initializing key causes SEGV so we
+     * set the data filled with "\0" as the key by default.
+     */
+    memset(key, 0, EVP_MAX_KEY_LENGTH);
+    if (EVP_CipherInit_ex(ctx, cipher, NULL, key, NULL, -1) != 1)
 	ossl_raise(eCipherError, NULL);
 
     return self;
diff --git a/test/openssl/test_cipher.rb b/test/openssl/test_cipher.rb
index 70c963bbb0..eb2f4fec57 100644
--- a/test/openssl/test_cipher.rb
+++ b/test/openssl/test_cipher.rb
@@ -90,6 +90,15 @@ class OpenSSL::TestCipher < Test::Unit::TestCase
         assert_equal(pt, c2.update(ct) + c2.final)
       }
     end
+
+    def test_AES_crush
+      500.times do
+        assert_nothing_raised("[Bug #2768]") do
+          # it caused OpenSSL SEGV by uninitialized key
+          OpenSSL::Cipher::AES128.new("ECB").update "." * 17
+        end
+      end
+    end
   end
 end
author	nahi <nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2011-07-28 13:48:05 +0000
committer	nahi <nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2011-07-28 13:48:05 +0000
commit	e7e87b3c4e5979ab81e924c3f1d26b7a28edbf74 (patch)
tree	006b08c9a191085db4c3b836daf1a145fc135f1f
parent	46247fb35a262b71d193b76ec594c644d6efeabe (diff)