summaryrefslogtreecommitdiff
path: root/ext/openssl/ossl_cipher.c
diff options
context:
space:
mode:
authornahi <nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2011-07-28 13:48:05 +0000
committernahi <nahi@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2011-07-28 13:48:05 +0000
commite7e87b3c4e5979ab81e924c3f1d26b7a28edbf74 (patch)
tree006b08c9a191085db4c3b836daf1a145fc135f1f /ext/openssl/ossl_cipher.c
parent46247fb35a262b71d193b76ec594c644d6efeabe (diff)
* ext/openssl/ossl_cipher.c (ossl_cipher_initialize): Avoid possible
SEGV from AES encryption/decryption. Processing data by Cipher#update without initializing key (meaningless usage of Cipher object since we don't offer a way to export a key) could cause SEGV. In OpenSSL, the EVP which has EVP_CIPH_RAND_KEY flag (such as DES3) allows uninitialized key, but other EVPs (such as AES) does not allow it. Calling EVP_CipherUpdate() without initializing key causes SEGV so we set the data filled with "\0" as the key by default. See #2768. * test/openssl/test_cipher.rb: test it. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32723 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext/openssl/ossl_cipher.c')
-rw-r--r--ext/openssl/ossl_cipher.c10
1 files changed, 9 insertions, 1 deletions
diff --git a/ext/openssl/ossl_cipher.c b/ext/openssl/ossl_cipher.c
index ad6eab1..7a30641 100644
--- a/ext/openssl/ossl_cipher.c
+++ b/ext/openssl/ossl_cipher.c
@@ -102,6 +102,7 @@ ossl_cipher_initialize(VALUE self, VALUE str)
EVP_CIPHER_CTX *ctx;
const EVP_CIPHER *cipher;
char *name;
+ unsigned char key[EVP_MAX_KEY_LENGTH];
name = StringValuePtr(str);
GetCipherInit(self, ctx);
@@ -113,7 +114,14 @@ ossl_cipher_initialize(VALUE self, VALUE str)
if (!(cipher = EVP_get_cipherbyname(name))) {
ossl_raise(rb_eRuntimeError, "unsupported cipher algorithm (%s)", name);
}
- if (EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, -1) != 1)
+ /*
+ * The EVP which has EVP_CIPH_RAND_KEY flag (such as DES3) allows
+ * uninitialized key, but other EVPs (such as AES) does not allow it.
+ * Calling EVP_CipherUpdate() without initializing key causes SEGV so we
+ * set the data filled with "\0" as the key by default.
+ */
+ memset(key, 0, EVP_MAX_KEY_LENGTH);
+ if (EVP_CipherInit_ex(ctx, cipher, NULL, key, NULL, -1) != 1)
ossl_raise(eCipherError, NULL);
return self;