summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
authorrhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2016-05-24 13:09:03 (GMT)
committerrhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2016-05-24 13:09:03 (GMT)
commitce635262f53b760284d56bb1027baebaaec175d1 (patch)
treeefd24c2db86c786402247f7059fb7fa6af796f1c /test
parentcff5bd63065da3ca53e877b086c2671884ae16dd (diff)
openssl: make Cipher#key= and #iv= reject too long values
* ext/openssl/ossl_cipher.c (ossl_cipher_set_key, ossl_cipher_set_iv): Reject too long values as well as too short ones. Currently they just truncate the input but this would hide bugs and lead to unexpected encryption/decryption results. * test/openssl/test_cipher.rb: Test that Cipher#key= and #iv= reject Strings with invalid length. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55146 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'test')
-rw-r--r--test/openssl/test_cipher.rb12
1 files changed, 12 insertions, 0 deletions
diff --git a/test/openssl/test_cipher.rb b/test/openssl/test_cipher.rb
index dab64aa..aec33fd 100644
--- a/test/openssl/test_cipher.rb
+++ b/test/openssl/test_cipher.rb
@@ -80,6 +80,18 @@ class OpenSSL::TestCipher < OpenSSL::TestCase
assert_equal(s1, s2, "encrypt reset")
end
+ def test_key_iv_set
+ # default value for DES-EDE3-CBC
+ assert_equal(24, @c1.key_len)
+ assert_equal(8, @c1.iv_len)
+ assert_raise(ArgumentError) { @c1.key = "\x01" * 23 }
+ @c1.key = "\x01" * 24
+ assert_raise(ArgumentError) { @c1.key = "\x01" * 25 }
+ assert_raise(ArgumentError) { @c1.iv = "\x01" * 7 }
+ @c1.iv = "\x01" * 8
+ assert_raise(ArgumentError) { @c1.iv = "\x01" * 9 }
+ end
+
def test_empty_data
@c1.encrypt
assert_raise(ArgumentError){ @c1.update("") }