diff options
| author | usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2017-07-05 07:06:45 +0000 |
|---|---|---|
| committer | usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2017-07-05 07:06:45 +0000 |
| commit | 739782e37a6662fea379e7ef3ec89e851b04b46c (patch) | |
| tree | 4166d2e7270d5c5bbc8866092bf2f4a840ec0618 /test | |
| parent | f16590ba1de60b8834d46a4979d4a60894fceef4 (diff) | |
* ext/openssl/ossl_cipher.c: remove the encryption key initialization
from Cipher#initialize. This is effectively a revert of r32723
("Avoid possible SEGV from AES encryption/decryption", 2011-07-28).
the patch is derived from https://github.com/ruby/openssl/commit/8108e0a6db133f3375608303fdd2083eb5115062,
written by Kazuki Yamaguchi.
[Backport #8221]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_3@59267 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'test')
| -rw-r--r-- | test/openssl/test_cipher.rb | 29 |
1 files changed, 23 insertions, 6 deletions
diff --git a/test/openssl/test_cipher.rb b/test/openssl/test_cipher.rb index 89c176f4de..95058b5f19 100644 --- a/test/openssl/test_cipher.rb +++ b/test/openssl/test_cipher.rb @@ -81,6 +81,7 @@ class OpenSSL::TestCipher < Test::Unit::TestCase def test_empty_data @c1.encrypt + @c1.random_key assert_raise(ArgumentError){ @c1.update("") } end @@ -129,12 +130,10 @@ class OpenSSL::TestCipher < Test::Unit::TestCase } end - def test_AES_crush - 500.times do - assert_nothing_raised("[Bug #2768]") do - # it caused OpenSSL SEGV by uninitialized key - OpenSSL::Cipher::AES128.new("ECB").update "." * 17 - end + def test_update_raise_if_key_not_set + assert_raise(OpenSSL::Cipher::CipherError) do + # it caused OpenSSL SEGV by uninitialized key [Bug #2768] + OpenSSL::Cipher::AES128.new("ECB").update "." * 17 end end end @@ -236,6 +235,24 @@ class OpenSSL::TestCipher < Test::Unit::TestCase end end + def test_aes_gcm_key_iv_order_issue + pt = "[ruby/openssl#49]" + cipher = OpenSSL::Cipher.new("aes-128-gcm").encrypt + cipher.key = "x" * 16 + cipher.iv = "a" * 12 + ct1 = cipher.update(pt) << cipher.final + tag1 = cipher.auth_tag + + cipher = OpenSSL::Cipher.new("aes-128-gcm").encrypt + cipher.iv = "a" * 12 + cipher.key = "x" * 16 + ct2 = cipher.update(pt) << cipher.final + tag2 = cipher.auth_tag + + assert_equal ct1, ct2 + assert_equal tag1, tag2 + end if has_cipher?("aes-128-gcm") + end private |