diff options
| author | Bart de Water <bartdewater@gmail.com> | 2020-04-19 16:14:34 -0400 |
|---|---|---|
| committer | Kazuki Yamaguchi <k@rhe.jp> | 2020-05-13 15:47:51 +0900 |
| commit | c85789f9b2882bc95364c5da182a24aa72ca52cc (patch) | |
| tree | be5b2b482d033753123693b2cf8eb528a8622384 /ext | |
| parent | b44cc9f040f17fe1d19fb161a22e2df94c5ad76a (diff) | |
[ruby/openssl] Look up cipher by name instead of constant
https://github.com/ruby/openssl/commit/b08ae7e73d
Diffstat (limited to 'ext')
| -rw-r--r-- | ext/openssl/ossl_cipher.c | 26 |
1 files changed, 5 insertions, 21 deletions
diff --git a/ext/openssl/ossl_cipher.c b/ext/openssl/ossl_cipher.c index 66bf0beb11..0b78f40b72 100644 --- a/ext/openssl/ossl_cipher.c +++ b/ext/openssl/ossl_cipher.c @@ -851,22 +851,6 @@ Init_ossl_cipher(void) * * cipher = OpenSSL::Cipher.new('AES-128-CBC') * - * For each algorithm supported, there is a class defined under the - * Cipher class that goes by the name of the cipher, e.g. to obtain an - * instance of AES, you could also use - * - * # these are equivalent - * cipher = OpenSSL::Cipher::AES.new(128, :CBC) - * cipher = OpenSSL::Cipher::AES.new(128, 'CBC') - * cipher = OpenSSL::Cipher::AES.new('128-CBC') - * - * Finally, due to its wide-spread use, there are also extra classes - * defined for the different key sizes of AES - * - * cipher = OpenSSL::Cipher::AES128.new(:CBC) - * cipher = OpenSSL::Cipher::AES192.new(:CBC) - * cipher = OpenSSL::Cipher::AES256.new(:CBC) - * * === Choosing either encryption or decryption mode * * Encryption and decryption are often very similar operations for @@ -895,7 +879,7 @@ Init_ossl_cipher(void) * without processing the password further. A simple and secure way to * create a key for a particular Cipher is * - * cipher = OpenSSL::Cipher::AES256.new(:CFB) + * cipher = OpenSSL::Cipher.new('AES-256-CFB') * cipher.encrypt * key = cipher.random_key # also sets the generated key on the Cipher * @@ -963,14 +947,14 @@ Init_ossl_cipher(void) * * data = "Very, very confidential data" * - * cipher = OpenSSL::Cipher::AES.new(128, :CBC) + * cipher = OpenSSL::Cipher.new('AES-128-CBC') * cipher.encrypt * key = cipher.random_key * iv = cipher.random_iv * * encrypted = cipher.update(data) + cipher.final * ... - * decipher = OpenSSL::Cipher::AES.new(128, :CBC) + * decipher = OpenSSL::Cipher.new('AES-128-CBC') * decipher.decrypt * decipher.key = key * decipher.iv = iv @@ -1006,7 +990,7 @@ Init_ossl_cipher(void) * not to reuse the _key_ and _nonce_ pair. Reusing an nonce ruins the * security guarantees of GCM mode. * - * cipher = OpenSSL::Cipher::AES.new(128, :GCM).encrypt + * cipher = OpenSSL::Cipher.new('AES-128-GCM').encrypt * cipher.key = key * cipher.iv = nonce * cipher.auth_data = auth_data @@ -1022,7 +1006,7 @@ Init_ossl_cipher(void) * ciphertext with a probability of 1/256. * * raise "tag is truncated!" unless tag.bytesize == 16 - * decipher = OpenSSL::Cipher::AES.new(128, :GCM).decrypt + * decipher = OpenSSL::Cipher.new('AES-128-GCM').decrypt * decipher.key = key * decipher.iv = nonce * decipher.auth_tag = tag |