From 4d8bce227c85ef4d1f8b794a8c96a7b23e4cf357 Mon Sep 17 00:00:00 2001 From: Spencer McIntyre Date: Mon, 30 Mar 2020 14:42:53 -0400 Subject: [ruby/openssl] Define Cipher #ccm_data_len= for CCM mode ciphers Allow specifying just length to #update CCM mode ciphers need to specify the total plaintext or ciphertext length to EVP_CipherUpdate. Update the link to the tests file Define Cipher#ccm_data_len= for CCM mode ciphers Add a unit test for CCM mode Also check CCM is authenticated when testing https://github.com/ruby/openssl/commit/bb3816953b --- ext/openssl/ossl_cipher.c | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) (limited to 'ext/openssl') diff --git a/ext/openssl/ossl_cipher.c b/ext/openssl/ossl_cipher.c index 0b78f40b72..5b92fc39f0 100644 --- a/ext/openssl/ossl_cipher.c +++ b/ext/openssl/ossl_cipher.c @@ -813,6 +813,31 @@ ossl_cipher_block_size(VALUE self) return INT2NUM(EVP_CIPHER_CTX_block_size(ctx)); } +/* + * call-seq: + * cipher.ccm_data_len = integer -> integer + * + * Sets the length of the plaintext / ciphertext message that will be + * processed in CCM mode. Make sure to call this method after #key= and + * #iv= have been set, and before #auth_data=. + * + * Only call this method after calling Cipher#encrypt or Cipher#decrypt. + */ +static VALUE +ossl_cipher_set_ccm_data_len(VALUE self, VALUE data_len) +{ + int in_len, out_len; + EVP_CIPHER_CTX *ctx; + + in_len = NUM2INT(data_len); + + GetCipher(self, ctx); + if (EVP_CipherUpdate(ctx, NULL, &out_len, NULL, in_len) != 1) + ossl_raise(eCipherError, NULL); + + return data_len; +} + /* * INIT */ @@ -1043,6 +1068,7 @@ Init_ossl_cipher(void) rb_define_method(cCipher, "iv_len", ossl_cipher_iv_length, 0); rb_define_method(cCipher, "block_size", ossl_cipher_block_size, 0); rb_define_method(cCipher, "padding=", ossl_cipher_set_padding, 1); + rb_define_method(cCipher, "ccm_data_len=", ossl_cipher_set_ccm_data_len, 1); id_auth_tag_len = rb_intern_const("auth_tag_len"); id_key_set = rb_intern_const("key_set"); -- cgit v1.2.3