diff options
author | rhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2016-05-24 13:09:03 +0000 |
---|---|---|
committer | rhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2016-05-24 13:09:03 +0000 |
commit | ce635262f53b760284d56bb1027baebaaec175d1 (patch) | |
tree | efd24c2db86c786402247f7059fb7fa6af796f1c /test/openssl/test_cipher.rb | |
parent | cff5bd63065da3ca53e877b086c2671884ae16dd (diff) | |
download | ruby-ce635262f53b760284d56bb1027baebaaec175d1.tar.gz |
openssl: make Cipher#key= and #iv= reject too long values
* ext/openssl/ossl_cipher.c (ossl_cipher_set_key, ossl_cipher_set_iv):
Reject too long values as well as too short ones. Currently they
just truncate the input but this would hide bugs and lead to
unexpected encryption/decryption results.
* test/openssl/test_cipher.rb: Test that Cipher#key= and #iv= reject
Strings with invalid length.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55146 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'test/openssl/test_cipher.rb')
-rw-r--r-- | test/openssl/test_cipher.rb | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/test/openssl/test_cipher.rb b/test/openssl/test_cipher.rb index dab64aa5a1..aec33fdd1a 100644 --- a/test/openssl/test_cipher.rb +++ b/test/openssl/test_cipher.rb @@ -80,6 +80,18 @@ class OpenSSL::TestCipher < OpenSSL::TestCase assert_equal(s1, s2, "encrypt reset") end + def test_key_iv_set + # default value for DES-EDE3-CBC + assert_equal(24, @c1.key_len) + assert_equal(8, @c1.iv_len) + assert_raise(ArgumentError) { @c1.key = "\x01" * 23 } + @c1.key = "\x01" * 24 + assert_raise(ArgumentError) { @c1.key = "\x01" * 25 } + assert_raise(ArgumentError) { @c1.iv = "\x01" * 7 } + @c1.iv = "\x01" * 8 + assert_raise(ArgumentError) { @c1.iv = "\x01" * 9 } + end + def test_empty_data @c1.encrypt assert_raise(ArgumentError){ @c1.update("") } |