2003-07-23 12:12:24 -04:00
|
|
|
/*
|
|
|
|
* $Id$
|
|
|
|
* 'OpenSSL for Ruby' project
|
|
|
|
* Copyright (C) 2001-2002 Michal Rokos <m.rokos@sh.cvut.cz>
|
|
|
|
* All rights reserved.
|
|
|
|
*/
|
|
|
|
/*
|
|
|
|
* This program is licenced under the same licence as Ruby.
|
|
|
|
* (See the file 'LICENCE'.)
|
|
|
|
*/
|
|
|
|
#include "ossl.h"
|
|
|
|
|
2011-02-04 21:48:55 -05:00
|
|
|
#define WrapCipher(obj, klass, ctx) \
|
2011-02-20 05:59:48 -05:00
|
|
|
(obj) = Data_Wrap_Struct((klass), 0, ossl_cipher_free, (ctx))
|
2003-07-23 12:12:24 -04:00
|
|
|
#define MakeCipher(obj, klass, ctx) \
|
2011-02-20 05:59:48 -05:00
|
|
|
(obj) = Data_Make_Struct((klass), EVP_CIPHER_CTX, 0, ossl_cipher_free, (ctx))
|
2011-02-04 21:48:55 -05:00
|
|
|
#define AllocCipher(obj, ctx) \
|
|
|
|
memset(DATA_PTR(obj) = (ctx) = ALLOC(EVP_CIPHER_CTX), 0, sizeof(EVP_CIPHER_CTX))
|
|
|
|
#define GetCipherInit(obj, ctx) do { \
|
2011-02-20 05:59:48 -05:00
|
|
|
Data_Get_Struct((obj), EVP_CIPHER_CTX, (ctx)); \
|
2011-02-04 21:48:55 -05:00
|
|
|
} while (0)
|
|
|
|
#define GetCipher(obj, ctx) do { \
|
2011-02-20 05:59:48 -05:00
|
|
|
GetCipherInit((obj), (ctx)); \
|
|
|
|
if (!(ctx)) { \
|
2003-07-23 12:12:24 -04:00
|
|
|
ossl_raise(rb_eRuntimeError, "Cipher not inititalized!"); \
|
|
|
|
} \
|
|
|
|
} while (0)
|
|
|
|
#define SafeGetCipher(obj, ctx) do { \
|
2011-02-20 05:59:48 -05:00
|
|
|
OSSL_Check_Kind((obj), cCipher); \
|
|
|
|
GetCipher((obj), (ctx)); \
|
2003-07-23 12:12:24 -04:00
|
|
|
} while (0)
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Classes
|
|
|
|
*/
|
|
|
|
VALUE cCipher;
|
|
|
|
VALUE eCipherError;
|
|
|
|
|
2003-09-05 05:08:40 -04:00
|
|
|
static VALUE ossl_cipher_alloc(VALUE klass);
|
|
|
|
|
2003-07-23 12:12:24 -04:00
|
|
|
/*
|
|
|
|
* PUBLIC
|
|
|
|
*/
|
|
|
|
const EVP_CIPHER *
|
|
|
|
GetCipherPtr(VALUE obj)
|
|
|
|
{
|
|
|
|
EVP_CIPHER_CTX *ctx;
|
|
|
|
|
|
|
|
SafeGetCipher(obj, ctx);
|
|
|
|
|
|
|
|
return EVP_CIPHER_CTX_cipher(ctx);
|
|
|
|
}
|
|
|
|
|
2003-09-05 05:08:40 -04:00
|
|
|
VALUE
|
|
|
|
ossl_cipher_new(const EVP_CIPHER *cipher)
|
|
|
|
{
|
|
|
|
VALUE ret;
|
|
|
|
EVP_CIPHER_CTX *ctx;
|
|
|
|
|
|
|
|
ret = ossl_cipher_alloc(cCipher);
|
2011-02-04 21:48:55 -05:00
|
|
|
AllocCipher(ret, ctx);
|
2003-09-05 05:08:40 -04:00
|
|
|
EVP_CIPHER_CTX_init(ctx);
|
* ext/openssl/extconf.rb: check for EVP_CIPHER_CTX_copy, ENGINE_add,
EVP_CIPHER_CTX_set_padding, EVP_CipherFinal_ex, EVP_CipherInit_ex,
EVP_DigestFinal_ex and EVP_DigestInit_ex.
* ext/openssl/openssl_missing.c (EVP_CIPHER_CTX_copy): new function.
* ext/openssl/openssl_missing.h (EVP_DigestInit_ex, EVP_DigestFinal_ex,
EVP_CipherInit_ex, EVP_CipherFinal_ex, HMAC_Init_ex): new macro for
OpenSSL 0.9.6.
* ext/openssl/ossl_cipher.c (ossl_cipher_alloc, ossl_cipher_initialize,
ossl_cipher_copy, ossl_cipher_reset, ossl_cipher_encrypt,
ossl_cipher_decrypt, ossl_cipher_final, ossl_cipher_set_key,
ossl_cipher_set_iv): replace all EVP_CipherInit and
EVP_CipherFinal into EVP_CipherInit_ex and EVP_CipherFinal_ex.
and EVP_CIPHER_CTX_init should only be called once.
* ext/openssl/ossl_cipher.c (ossl_cipher_set_padding): check for
EVP_CIPHER_CTX_set_padding.
* ext/openssl/ossl_cipher.c (Init_ossl_cipher): Cipher#<< is deprecated.
* ext/openssl/ossl_digest.c: replace all EVP_DigestInit and
EVP_DigestFinal into EVP_DigestInit_ex and EVP_DigestFinal_ex.
and EVP_MD_CTX_init should only be called once.
* ext/openssl/ossl_digest.c (digest_final): should call
EVP_MD_CTX_cleanup to avoid memory leak.
* ext/openssl/ossl_hmac.c (ossl_hmac_initialize): repalce HMAC_init
into HMAC_init_ex. and HMAC_CTX_init is moved to ossl_hmac_alloc.
* ext/openssl/ossl_hmac.c (hmac_final): should call
HMAC_CTX_cleanup to avoid memory leak.
* test/openssl/test_cipher.rb, test/openssl/test_digest.rb,
test/openssl/test_hmac.rb: new file.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6548 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2004-06-30 06:48:43 -04:00
|
|
|
if (EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, -1) != 1)
|
2003-09-05 05:08:40 -04:00
|
|
|
ossl_raise(eCipherError, NULL);
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2003-07-23 12:12:24 -04:00
|
|
|
/*
|
|
|
|
* PRIVATE
|
|
|
|
*/
|
|
|
|
static void
|
|
|
|
ossl_cipher_free(EVP_CIPHER_CTX *ctx)
|
|
|
|
{
|
|
|
|
if (ctx) {
|
|
|
|
EVP_CIPHER_CTX_cleanup(ctx);
|
* array.c, bignum.c, cont.c, dir.c, dln.c, encoding.c, enumerator.c,
enumerator.c (enumerator_allocate), eval_jump.c, file.c, hash.c,
io.c, load.c, pack.c, proc.c, random.c, re.c, ruby.c, st.c,
string.c, thread.c, thread_pthread.c, time.c, util.c, variable.c,
vm.c, gc.c:
allocated memory objects by xmalloc (ruby_xmalloc) should be
freed by xfree (ruby_xfree).
* ext/curses/curses.c, ext/dbm/dbm.c, ext/digest/digest.c,
ext/gdbm/gdbm.c, ext/json/ext/parser/parser.c,
ext/json/ext/parser/unicode.c, ext/openssl/ossl_cipher.c,
ext/openssl/ossl_hmac.c, ext/openssl/ossl_pkey_ec.c,
ext/sdbm/init.c, ext/strscan/strscan.c, ext/zlib/zlib.c:
ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@17017 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2008-06-08 06:01:40 -04:00
|
|
|
ruby_xfree(ctx);
|
2003-07-23 12:12:24 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static VALUE
|
|
|
|
ossl_cipher_alloc(VALUE klass)
|
|
|
|
{
|
|
|
|
VALUE obj;
|
|
|
|
|
2011-02-04 21:48:55 -05:00
|
|
|
WrapCipher(obj, klass, 0);
|
2010-04-22 04:21:01 -04:00
|
|
|
|
2003-07-23 12:12:24 -04:00
|
|
|
return obj;
|
|
|
|
}
|
|
|
|
|
2007-03-29 13:29:03 -04:00
|
|
|
/*
|
|
|
|
* call-seq:
|
|
|
|
* Cipher.new(string) -> cipher
|
|
|
|
*
|
|
|
|
* The string must contain a valid cipher name like "AES-128-CBC" or "3DES".
|
|
|
|
*
|
|
|
|
* A list of cipher names is available by calling OpenSSL::Cipher.ciphers.
|
|
|
|
*/
|
2003-07-23 12:12:24 -04:00
|
|
|
static VALUE
|
|
|
|
ossl_cipher_initialize(VALUE self, VALUE str)
|
|
|
|
{
|
|
|
|
EVP_CIPHER_CTX *ctx;
|
|
|
|
const EVP_CIPHER *cipher;
|
|
|
|
char *name;
|
2011-07-28 09:48:05 -04:00
|
|
|
unsigned char key[EVP_MAX_KEY_LENGTH];
|
2003-07-23 12:12:24 -04:00
|
|
|
|
|
|
|
name = StringValuePtr(str);
|
2011-02-04 21:48:55 -05:00
|
|
|
GetCipherInit(self, ctx);
|
|
|
|
if (ctx) {
|
|
|
|
ossl_raise(rb_eRuntimeError, "Cipher already inititalized!");
|
|
|
|
}
|
|
|
|
AllocCipher(self, ctx);
|
|
|
|
EVP_CIPHER_CTX_init(ctx);
|
2003-07-23 12:12:24 -04:00
|
|
|
if (!(cipher = EVP_get_cipherbyname(name))) {
|
* array.c: replace rb_protect_inspect() and rb_inspecting_p() by
rb_exec_recursive() in eval.c.
* eval.c (rb_exec_recursive): new function.
* array.c (rb_ary_join): use rb_exec_recursive().
* array.c (rb_ary_inspect, rb_ary_hash): ditto.
* file.c (rb_file_join): ditto.
* hash.c (rb_hash_inspect, rb_hash_to_s, rb_hash_hash): ditto.
* io.c (rb_io_puts): ditto.
* object.c (rb_obj_inspect): ditto
* struct.c (rb_struct_inspect): ditto.
* lib/set.rb (SortedSet::setup): a hack to shut up warning.
[ruby-talk:132866]
* lib/time.rb (Time::strptime): add new function. inspired by
[ruby-talk:132815].
* lib/parsedate.rb (ParseDate::strptime): ditto.
* regparse.c: move st_*_strend() functions from st.c. fixed some
potential memory leaks.
* exception error messages updated. [ruby-core:04497]
* ext/socket/socket.c (Init_socket): add bunch of Socket
constants. Patch from Sam Roberts <sroberts@uniserve.com>.
[ruby-core:04409]
* array.c (rb_ary_s_create): no need for negative argc check.
[ruby-core:04463]
* array.c (rb_ary_unshift_m): ditto.
* lib/xmlrpc/parser.rb (XMLRPC::FaultException): make it subclass
of StandardError class, not Exception class. [ruby-core:04429]
* parse.y (fcall_gen): lvar(arg) will be evaluated as
lvar.call(arg) when lvar is a defined local variable. [new]
* object.c (rb_class_initialize): call inherited method before
calling initializing block.
* eval.c (rb_thread_start_1): initialize newly pushed frame.
* lib/open3.rb (Open3::popen3): $? should not be EXIT_FAILURE.
fixed: [ruby-core:04444]
* eval.c (is_defined): NODE_IASGN is an assignment.
* ext/readline/readline.c (Readline.readline): use rl_outstream
and rl_instream. [ruby-dev:25699]
* ext/etc/etc.c (Init_etc): sGroup needs HAVE_ST_GR_PASSWD check
[ruby-dev:25675]
* misc/ruby-mode.el: [ruby-core:04415]
* lib/rdoc/generators/html_generator.rb: [ruby-core:04412]
* lib/rdoc/generators/ri_generator.rb: ditto.
* struct.c (make_struct): fixed: [ruby-core:04402]
* ext/curses/curses.c (window_color_set): [ruby-core:04393]
* ext/socket/socket.c (Init_socket): SO_REUSEPORT added.
[ruby-talk:130092]
* object.c: [ruby-doc:818]
* parse.y (open_args): fix too verbose warnings for the space
before argument parentheses. [ruby-dev:25492]
* parse.y (parser_yylex): ditto.
* parse.y (parser_yylex): the first expression in the parentheses
should not be a command. [ruby-dev:25492]
* lib/irb/context.rb (IRB::Context::initialize): [ruby-core:04330]
* object.c (Init_Object): remove Object#type. [ruby-core:04335]
* st.c (st_foreach): report success/failure by return value.
[ruby-Bugs-1396]
* parse.y: forgot to initialize parser struct. [ruby-dev:25492]
* parse.y (parser_yylex): no tLABEL on EXPR_BEG.
[ruby-talk:127711]
* document updates - [ruby-core:04296], [ruby-core:04301],
[ruby-core:04302], [ruby-core:04307]
* dir.c (rb_push_glob): should work for NUL delimited patterns.
* dir.c (rb_glob2): should aware of offset in the pattern.
* string.c (rb_str_new4): should propagate taintedness.
* env.h: rename member names in struct FRAME; last_func -> callee,
orig_func -> this_func, last_class -> this_class.
* struct.c (rb_struct_set): use original method name, not callee
name, to retrieve member slot. [ruby-core:04268]
* time.c (time_strftime): protect from format modification from GC
finalizers.
* object.c (Init_Object): remove rb_obj_id_obsolete()
* eval.c (rb_mod_define_method): incomplete subclass check.
[ruby-dev:25464]
* gc.c (rb_data_object_alloc): klass may be NULL.
[ruby-list:40498]
* bignum.c (rb_big_rand): should return positive random number.
[ruby-dev:25401]
* bignum.c (rb_big_rand): do not use rb_big_modulo to generate
random bignums. [ruby-dev:25396]
* variable.c (rb_autoload): [ruby-dev:25373]
* eval.c (svalue_to_avalue): [ruby-dev:25366]
* string.c (rb_str_justify): [ruby-dev:25367]
* io.c (rb_f_select): [ruby-dev:25312]
* ext/socket/socket.c (sock_s_getservbyport): [ruby-talk:124072]
* struct.c (make_struct): [ruby-dev:25249]
* dir.c (dir_open_dir): new function. [ruby-dev:25242]
* io.c (rb_f_open): add type check for return value from to_open.
* lib/pstore.rb (PStore#transaction): Use the empty content when a
file is not found. [ruby-dev:24561]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@8068 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2005-03-04 01:47:45 -05:00
|
|
|
ossl_raise(rb_eRuntimeError, "unsupported cipher algorithm (%s)", name);
|
2003-07-23 12:12:24 -04:00
|
|
|
}
|
2011-07-28 09:48:05 -04:00
|
|
|
/*
|
|
|
|
* The EVP which has EVP_CIPH_RAND_KEY flag (such as DES3) allows
|
|
|
|
* uninitialized key, but other EVPs (such as AES) does not allow it.
|
|
|
|
* Calling EVP_CipherUpdate() without initializing key causes SEGV so we
|
|
|
|
* set the data filled with "\0" as the key by default.
|
|
|
|
*/
|
|
|
|
memset(key, 0, EVP_MAX_KEY_LENGTH);
|
|
|
|
if (EVP_CipherInit_ex(ctx, cipher, NULL, key, NULL, -1) != 1)
|
* ext/openssl/extconf.rb: check for EVP_CIPHER_CTX_copy, ENGINE_add,
EVP_CIPHER_CTX_set_padding, EVP_CipherFinal_ex, EVP_CipherInit_ex,
EVP_DigestFinal_ex and EVP_DigestInit_ex.
* ext/openssl/openssl_missing.c (EVP_CIPHER_CTX_copy): new function.
* ext/openssl/openssl_missing.h (EVP_DigestInit_ex, EVP_DigestFinal_ex,
EVP_CipherInit_ex, EVP_CipherFinal_ex, HMAC_Init_ex): new macro for
OpenSSL 0.9.6.
* ext/openssl/ossl_cipher.c (ossl_cipher_alloc, ossl_cipher_initialize,
ossl_cipher_copy, ossl_cipher_reset, ossl_cipher_encrypt,
ossl_cipher_decrypt, ossl_cipher_final, ossl_cipher_set_key,
ossl_cipher_set_iv): replace all EVP_CipherInit and
EVP_CipherFinal into EVP_CipherInit_ex and EVP_CipherFinal_ex.
and EVP_CIPHER_CTX_init should only be called once.
* ext/openssl/ossl_cipher.c (ossl_cipher_set_padding): check for
EVP_CIPHER_CTX_set_padding.
* ext/openssl/ossl_cipher.c (Init_ossl_cipher): Cipher#<< is deprecated.
* ext/openssl/ossl_digest.c: replace all EVP_DigestInit and
EVP_DigestFinal into EVP_DigestInit_ex and EVP_DigestFinal_ex.
and EVP_MD_CTX_init should only be called once.
* ext/openssl/ossl_digest.c (digest_final): should call
EVP_MD_CTX_cleanup to avoid memory leak.
* ext/openssl/ossl_hmac.c (ossl_hmac_initialize): repalce HMAC_init
into HMAC_init_ex. and HMAC_CTX_init is moved to ossl_hmac_alloc.
* ext/openssl/ossl_hmac.c (hmac_final): should call
HMAC_CTX_cleanup to avoid memory leak.
* test/openssl/test_cipher.rb, test/openssl/test_digest.rb,
test/openssl/test_hmac.rb: new file.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6548 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2004-06-30 06:48:43 -04:00
|
|
|
ossl_raise(eCipherError, NULL);
|
2003-07-23 12:12:24 -04:00
|
|
|
|
|
|
|
return self;
|
|
|
|
}
|
2011-12-25 13:53:45 -05:00
|
|
|
|
2003-07-23 12:12:24 -04:00
|
|
|
static VALUE
|
|
|
|
ossl_cipher_copy(VALUE self, VALUE other)
|
|
|
|
{
|
|
|
|
EVP_CIPHER_CTX *ctx1, *ctx2;
|
2010-04-22 04:21:01 -04:00
|
|
|
|
2003-07-23 12:12:24 -04:00
|
|
|
rb_check_frozen(self);
|
|
|
|
if (self == other) return self;
|
|
|
|
|
2011-02-04 21:48:55 -05:00
|
|
|
GetCipherInit(self, ctx1);
|
|
|
|
if (!ctx1) {
|
|
|
|
AllocCipher(self, ctx1);
|
|
|
|
}
|
2003-07-23 12:12:24 -04:00
|
|
|
SafeGetCipher(other, ctx2);
|
* ext/openssl/extconf.rb: check for EVP_CIPHER_CTX_copy, ENGINE_add,
EVP_CIPHER_CTX_set_padding, EVP_CipherFinal_ex, EVP_CipherInit_ex,
EVP_DigestFinal_ex and EVP_DigestInit_ex.
* ext/openssl/openssl_missing.c (EVP_CIPHER_CTX_copy): new function.
* ext/openssl/openssl_missing.h (EVP_DigestInit_ex, EVP_DigestFinal_ex,
EVP_CipherInit_ex, EVP_CipherFinal_ex, HMAC_Init_ex): new macro for
OpenSSL 0.9.6.
* ext/openssl/ossl_cipher.c (ossl_cipher_alloc, ossl_cipher_initialize,
ossl_cipher_copy, ossl_cipher_reset, ossl_cipher_encrypt,
ossl_cipher_decrypt, ossl_cipher_final, ossl_cipher_set_key,
ossl_cipher_set_iv): replace all EVP_CipherInit and
EVP_CipherFinal into EVP_CipherInit_ex and EVP_CipherFinal_ex.
and EVP_CIPHER_CTX_init should only be called once.
* ext/openssl/ossl_cipher.c (ossl_cipher_set_padding): check for
EVP_CIPHER_CTX_set_padding.
* ext/openssl/ossl_cipher.c (Init_ossl_cipher): Cipher#<< is deprecated.
* ext/openssl/ossl_digest.c: replace all EVP_DigestInit and
EVP_DigestFinal into EVP_DigestInit_ex and EVP_DigestFinal_ex.
and EVP_MD_CTX_init should only be called once.
* ext/openssl/ossl_digest.c (digest_final): should call
EVP_MD_CTX_cleanup to avoid memory leak.
* ext/openssl/ossl_hmac.c (ossl_hmac_initialize): repalce HMAC_init
into HMAC_init_ex. and HMAC_CTX_init is moved to ossl_hmac_alloc.
* ext/openssl/ossl_hmac.c (hmac_final): should call
HMAC_CTX_cleanup to avoid memory leak.
* test/openssl/test_cipher.rb, test/openssl/test_digest.rb,
test/openssl/test_hmac.rb: new file.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6548 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2004-06-30 06:48:43 -04:00
|
|
|
if (EVP_CIPHER_CTX_copy(ctx1, ctx2) != 1)
|
|
|
|
ossl_raise(eCipherError, NULL);
|
2003-07-23 12:12:24 -04:00
|
|
|
|
|
|
|
return self;
|
|
|
|
}
|
|
|
|
|
2009-02-06 10:29:39 -05:00
|
|
|
#ifdef HAVE_OBJ_NAME_DO_ALL_SORTED
|
2006-05-07 20:12:00 -04:00
|
|
|
static void*
|
|
|
|
add_cipher_name_to_ary(const OBJ_NAME *name, VALUE ary)
|
|
|
|
{
|
|
|
|
rb_ary_push(ary, rb_str_new2(name->name));
|
2006-05-11 05:31:27 -04:00
|
|
|
return NULL;
|
2006-05-07 20:12:00 -04:00
|
|
|
}
|
2009-02-06 10:29:39 -05:00
|
|
|
#endif
|
2006-05-07 20:12:00 -04:00
|
|
|
|
2009-04-18 10:10:06 -04:00
|
|
|
#ifdef HAVE_OBJ_NAME_DO_ALL_SORTED
|
2007-03-29 13:29:03 -04:00
|
|
|
/*
|
|
|
|
* call-seq:
|
|
|
|
* Cipher.ciphers -> array[string...]
|
|
|
|
*
|
|
|
|
* Returns the names of all available ciphers in an array.
|
|
|
|
*/
|
2006-05-07 20:12:00 -04:00
|
|
|
static VALUE
|
|
|
|
ossl_s_ciphers(VALUE self)
|
|
|
|
{
|
|
|
|
VALUE ary;
|
|
|
|
|
|
|
|
ary = rb_ary_new();
|
|
|
|
OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
|
|
|
|
(void(*)(const OBJ_NAME*,void*))add_cipher_name_to_ary,
|
|
|
|
(void*)ary);
|
|
|
|
|
|
|
|
return ary;
|
2009-04-18 10:10:06 -04:00
|
|
|
}
|
2006-05-07 20:12:00 -04:00
|
|
|
#else
|
2009-04-18 10:10:06 -04:00
|
|
|
#define ossl_s_ciphers rb_f_notimplement
|
2006-05-07 20:12:00 -04:00
|
|
|
#endif
|
|
|
|
|
2007-03-29 13:29:03 -04:00
|
|
|
/*
|
|
|
|
* call-seq:
|
|
|
|
* cipher.reset -> self
|
|
|
|
*
|
2011-12-25 13:53:45 -05:00
|
|
|
* Fully resets the internal state of the Cipher. By using this, the same
|
|
|
|
* Cipher instance may be used several times for en- or decryption tasks.
|
|
|
|
*
|
2007-03-29 13:29:03 -04:00
|
|
|
* Internally calls EVP_CipherInit_ex(ctx, NULL, NULL, NULL, NULL, -1).
|
|
|
|
*/
|
2003-07-23 12:12:24 -04:00
|
|
|
static VALUE
|
|
|
|
ossl_cipher_reset(VALUE self)
|
|
|
|
{
|
2003-09-17 05:05:02 -04:00
|
|
|
EVP_CIPHER_CTX *ctx;
|
2003-07-23 12:12:24 -04:00
|
|
|
|
2003-09-17 05:05:02 -04:00
|
|
|
GetCipher(self, ctx);
|
* ext/openssl/extconf.rb: check for EVP_CIPHER_CTX_copy, ENGINE_add,
EVP_CIPHER_CTX_set_padding, EVP_CipherFinal_ex, EVP_CipherInit_ex,
EVP_DigestFinal_ex and EVP_DigestInit_ex.
* ext/openssl/openssl_missing.c (EVP_CIPHER_CTX_copy): new function.
* ext/openssl/openssl_missing.h (EVP_DigestInit_ex, EVP_DigestFinal_ex,
EVP_CipherInit_ex, EVP_CipherFinal_ex, HMAC_Init_ex): new macro for
OpenSSL 0.9.6.
* ext/openssl/ossl_cipher.c (ossl_cipher_alloc, ossl_cipher_initialize,
ossl_cipher_copy, ossl_cipher_reset, ossl_cipher_encrypt,
ossl_cipher_decrypt, ossl_cipher_final, ossl_cipher_set_key,
ossl_cipher_set_iv): replace all EVP_CipherInit and
EVP_CipherFinal into EVP_CipherInit_ex and EVP_CipherFinal_ex.
and EVP_CIPHER_CTX_init should only be called once.
* ext/openssl/ossl_cipher.c (ossl_cipher_set_padding): check for
EVP_CIPHER_CTX_set_padding.
* ext/openssl/ossl_cipher.c (Init_ossl_cipher): Cipher#<< is deprecated.
* ext/openssl/ossl_digest.c: replace all EVP_DigestInit and
EVP_DigestFinal into EVP_DigestInit_ex and EVP_DigestFinal_ex.
and EVP_MD_CTX_init should only be called once.
* ext/openssl/ossl_digest.c (digest_final): should call
EVP_MD_CTX_cleanup to avoid memory leak.
* ext/openssl/ossl_hmac.c (ossl_hmac_initialize): repalce HMAC_init
into HMAC_init_ex. and HMAC_CTX_init is moved to ossl_hmac_alloc.
* ext/openssl/ossl_hmac.c (hmac_final): should call
HMAC_CTX_cleanup to avoid memory leak.
* test/openssl/test_cipher.rb, test/openssl/test_digest.rb,
test/openssl/test_hmac.rb: new file.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6548 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2004-06-30 06:48:43 -04:00
|
|
|
if (EVP_CipherInit_ex(ctx, NULL, NULL, NULL, NULL, -1) != 1)
|
2003-09-17 05:05:02 -04:00
|
|
|
ossl_raise(eCipherError, NULL);
|
2010-04-22 04:21:01 -04:00
|
|
|
|
2003-09-17 05:05:02 -04:00
|
|
|
return self;
|
2003-07-23 12:12:24 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
static VALUE
|
2004-06-30 11:45:41 -04:00
|
|
|
ossl_cipher_init(int argc, VALUE *argv, VALUE self, int mode)
|
2003-07-23 12:12:24 -04:00
|
|
|
{
|
|
|
|
EVP_CIPHER_CTX *ctx;
|
2004-06-30 11:45:41 -04:00
|
|
|
unsigned char key[EVP_MAX_KEY_LENGTH], *p_key = NULL;
|
|
|
|
unsigned char iv[EVP_MAX_IV_LENGTH], *p_iv = NULL;
|
2003-07-23 12:12:24 -04:00
|
|
|
VALUE pass, init_v;
|
|
|
|
|
2004-06-30 11:45:41 -04:00
|
|
|
if(rb_scan_args(argc, argv, "02", &pass, &init_v) > 0){
|
2003-07-23 12:12:24 -04:00
|
|
|
/*
|
2004-06-30 11:45:41 -04:00
|
|
|
* oops. this code mistakes salt for IV.
|
|
|
|
* We deprecated the arguments for this method, but we decided
|
|
|
|
* keeping this behaviour for backward compatibility.
|
|
|
|
*/
|
2008-07-22 11:34:23 -04:00
|
|
|
const char *cname = rb_class2name(rb_obj_class(self));
|
2011-03-07 03:44:45 -05:00
|
|
|
rb_warn("arguments for %s#encrypt and %s#decrypt were deprecated; "
|
2006-05-07 20:12:00 -04:00
|
|
|
"use %s#pkcs5_keyivgen to derive key and IV",
|
|
|
|
cname, cname, cname);
|
2004-06-30 11:45:41 -04:00
|
|
|
StringValue(pass);
|
2004-12-15 01:35:55 -05:00
|
|
|
GetCipher(self, ctx);
|
2004-06-30 11:45:41 -04:00
|
|
|
if (NIL_P(init_v)) memcpy(iv, "OpenSSL for Ruby rulez!", sizeof(iv));
|
|
|
|
else{
|
|
|
|
StringValue(init_v);
|
2006-08-31 06:30:33 -04:00
|
|
|
if (EVP_MAX_IV_LENGTH > RSTRING_LEN(init_v)) {
|
2004-06-30 11:45:41 -04:00
|
|
|
memset(iv, 0, EVP_MAX_IV_LENGTH);
|
2006-08-31 06:30:33 -04:00
|
|
|
memcpy(iv, RSTRING_PTR(init_v), RSTRING_LEN(init_v));
|
2004-06-30 11:45:41 -04:00
|
|
|
}
|
2006-08-31 06:30:33 -04:00
|
|
|
else memcpy(iv, RSTRING_PTR(init_v), sizeof(iv));
|
2003-07-23 12:12:24 -04:00
|
|
|
}
|
2004-06-30 11:45:41 -04:00
|
|
|
EVP_BytesToKey(EVP_CIPHER_CTX_cipher(ctx), EVP_md5(), iv,
|
2011-03-24 03:29:21 -04:00
|
|
|
(unsigned char *)RSTRING_PTR(pass), RSTRING_LENINT(pass), 1, key, NULL);
|
2004-06-30 11:45:41 -04:00
|
|
|
p_key = key;
|
|
|
|
p_iv = iv;
|
2003-07-23 12:12:24 -04:00
|
|
|
}
|
2004-12-15 01:35:55 -05:00
|
|
|
else {
|
|
|
|
GetCipher(self, ctx);
|
|
|
|
}
|
2004-06-30 11:45:41 -04:00
|
|
|
if (EVP_CipherInit_ex(ctx, NULL, NULL, p_key, p_iv, mode) != 1) {
|
|
|
|
ossl_raise(eCipherError, NULL);
|
2003-07-23 12:12:24 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
return self;
|
|
|
|
}
|
|
|
|
|
2007-03-29 13:29:03 -04:00
|
|
|
/*
|
|
|
|
* call-seq:
|
|
|
|
* cipher.encrypt -> self
|
|
|
|
*
|
2011-12-25 13:53:45 -05:00
|
|
|
* Initializes the Cipher for encryption.
|
|
|
|
*
|
|
|
|
* Make sure to call Cipher#encrypt or Cipher#decrypt before using any of the
|
|
|
|
* following methods:
|
2007-03-29 13:29:03 -04:00
|
|
|
* * [key=, iv=, random_key, random_iv, pkcs5_keyivgen]
|
|
|
|
*
|
|
|
|
* Internally calls EVP_CipherInit_ex(ctx, NULL, NULL, NULL, NULL, 1).
|
|
|
|
*/
|
2003-07-23 12:12:24 -04:00
|
|
|
static VALUE
|
2004-06-30 11:45:41 -04:00
|
|
|
ossl_cipher_encrypt(int argc, VALUE *argv, VALUE self)
|
2003-07-23 12:12:24 -04:00
|
|
|
{
|
2004-06-30 11:45:41 -04:00
|
|
|
return ossl_cipher_init(argc, argv, self, 1);
|
|
|
|
}
|
2003-07-23 12:12:24 -04:00
|
|
|
|
2007-03-29 13:29:03 -04:00
|
|
|
/*
|
|
|
|
* call-seq:
|
|
|
|
* cipher.decrypt -> self
|
|
|
|
*
|
2011-12-25 13:53:45 -05:00
|
|
|
* Initializes the Cipher for decryption.
|
|
|
|
*
|
|
|
|
* Make sure to call Cipher#encrypt or Cipher#decrypt before using any of the
|
|
|
|
* following methods:
|
2007-03-29 13:29:03 -04:00
|
|
|
* * [key=, iv=, random_key, random_iv, pkcs5_keyivgen]
|
|
|
|
*
|
|
|
|
* Internally calls EVP_CipherInit_ex(ctx, NULL, NULL, NULL, NULL, 0).
|
|
|
|
*/
|
2004-06-30 11:45:41 -04:00
|
|
|
static VALUE
|
|
|
|
ossl_cipher_decrypt(int argc, VALUE *argv, VALUE self)
|
|
|
|
{
|
|
|
|
return ossl_cipher_init(argc, argv, self, 0);
|
|
|
|
}
|
2003-07-23 12:12:24 -04:00
|
|
|
|
2007-03-29 13:29:03 -04:00
|
|
|
/*
|
|
|
|
* call-seq:
|
|
|
|
* cipher.pkcs5_keyivgen(pass [, salt [, iterations [, digest]]] ) -> nil
|
|
|
|
*
|
2011-12-25 13:53:45 -05:00
|
|
|
* Generates and sets the key/IV based on a password.
|
2007-03-29 13:29:03 -04:00
|
|
|
*
|
2011-12-25 13:53:45 -05:00
|
|
|
* WARNING: This method is only PKCS5 v1.5 compliant when using RC2, RC4-40,
|
|
|
|
* or DES with MD5 or SHA1. Using anything else (like AES) will generate the
|
|
|
|
* key/iv using an OpenSSL specific method. This method is deprecated and
|
|
|
|
* should no longer be used. Use a PKCS5 v2 key generation method from
|
|
|
|
* OpenSSL::PKCS5 instead.
|
2007-03-29 13:29:03 -04:00
|
|
|
*
|
|
|
|
* === Parameters
|
|
|
|
* +salt+ must be an 8 byte string if provided.
|
|
|
|
* +iterations+ is a integer with a default of 2048.
|
|
|
|
* +digest+ is a Digest object that defaults to 'MD5'
|
|
|
|
*
|
|
|
|
* A minimum of 1000 iterations is recommended.
|
|
|
|
*
|
|
|
|
*/
|
2004-06-30 11:45:41 -04:00
|
|
|
static VALUE
|
|
|
|
ossl_cipher_pkcs5_keyivgen(int argc, VALUE *argv, VALUE self)
|
|
|
|
{
|
|
|
|
EVP_CIPHER_CTX *ctx;
|
|
|
|
const EVP_MD *digest;
|
|
|
|
VALUE vpass, vsalt, viter, vdigest;
|
|
|
|
unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH], *salt = NULL;
|
|
|
|
int iter;
|
2003-07-23 12:12:24 -04:00
|
|
|
|
2004-06-30 11:45:41 -04:00
|
|
|
rb_scan_args(argc, argv, "13", &vpass, &vsalt, &viter, &vdigest);
|
|
|
|
StringValue(vpass);
|
|
|
|
if(!NIL_P(vsalt)){
|
|
|
|
StringValue(vsalt);
|
2006-08-31 06:30:33 -04:00
|
|
|
if(RSTRING_LEN(vsalt) != PKCS5_SALT_LEN)
|
2011-06-22 04:41:08 -04:00
|
|
|
ossl_raise(eCipherError, "salt must be an 8-octet string");
|
2008-07-22 11:34:23 -04:00
|
|
|
salt = (unsigned char *)RSTRING_PTR(vsalt);
|
2003-07-23 12:12:24 -04:00
|
|
|
}
|
2004-06-30 11:45:41 -04:00
|
|
|
iter = NIL_P(viter) ? 2048 : NUM2INT(viter);
|
|
|
|
digest = NIL_P(vdigest) ? EVP_md5() : GetDigestPtr(vdigest);
|
2004-12-15 01:35:55 -05:00
|
|
|
GetCipher(self, ctx);
|
2004-06-30 11:45:41 -04:00
|
|
|
EVP_BytesToKey(EVP_CIPHER_CTX_cipher(ctx), digest, salt,
|
2011-03-24 03:29:21 -04:00
|
|
|
(unsigned char *)RSTRING_PTR(vpass), RSTRING_LENINT(vpass), iter, key, iv);
|
2004-06-30 11:45:41 -04:00
|
|
|
if (EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, -1) != 1)
|
|
|
|
ossl_raise(eCipherError, NULL);
|
|
|
|
OPENSSL_cleanse(key, sizeof key);
|
|
|
|
OPENSSL_cleanse(iv, sizeof iv);
|
2003-07-23 12:12:24 -04:00
|
|
|
|
2004-06-30 11:45:41 -04:00
|
|
|
return Qnil;
|
2003-07-23 12:12:24 -04:00
|
|
|
}
|
|
|
|
|
2007-03-29 13:29:03 -04:00
|
|
|
/*
|
|
|
|
* call-seq:
|
2007-04-02 15:00:23 -04:00
|
|
|
* cipher.update(data [, buffer]) -> string or buffer
|
2007-03-29 13:29:03 -04:00
|
|
|
*
|
2011-12-25 13:53:45 -05:00
|
|
|
* Encrypts data in a streaming fashion. Hand consecutive blocks of data
|
|
|
|
* to the +update+ method in order to encrypt it. Returns the encrypted
|
|
|
|
* data chunk. When done, the output of Cipher#final should be additionally
|
2012-02-08 22:25:07 -05:00
|
|
|
* added to the result.
|
2011-12-25 13:53:45 -05:00
|
|
|
*
|
2007-04-02 15:00:23 -04:00
|
|
|
* === Parameters
|
|
|
|
* +data+ is a nonempty string.
|
|
|
|
* +buffer+ is an optional string to store the result.
|
2007-03-29 13:29:03 -04:00
|
|
|
*/
|
2010-04-22 04:04:13 -04:00
|
|
|
static VALUE
|
2007-04-02 15:00:23 -04:00
|
|
|
ossl_cipher_update(int argc, VALUE *argv, VALUE self)
|
2003-07-23 12:12:24 -04:00
|
|
|
{
|
|
|
|
EVP_CIPHER_CTX *ctx;
|
2008-07-22 11:34:23 -04:00
|
|
|
unsigned char *in;
|
2003-07-23 12:12:24 -04:00
|
|
|
int in_len, out_len;
|
2007-04-02 15:00:23 -04:00
|
|
|
VALUE data, str;
|
|
|
|
|
|
|
|
rb_scan_args(argc, argv, "11", &data, &str);
|
2003-07-23 12:12:24 -04:00
|
|
|
|
|
|
|
StringValue(data);
|
2008-07-22 11:34:23 -04:00
|
|
|
in = (unsigned char *)RSTRING_PTR(data);
|
2011-03-24 03:29:21 -04:00
|
|
|
if ((in_len = RSTRING_LENINT(data)) == 0)
|
2011-06-22 04:41:08 -04:00
|
|
|
ossl_raise(rb_eArgError, "data must not be empty");
|
2004-12-15 01:35:55 -05:00
|
|
|
GetCipher(self, ctx);
|
2007-04-02 15:00:23 -04:00
|
|
|
out_len = in_len+EVP_CIPHER_CTX_block_size(ctx);
|
|
|
|
|
|
|
|
if (NIL_P(str)) {
|
|
|
|
str = rb_str_new(0, out_len);
|
|
|
|
} else {
|
|
|
|
StringValue(str);
|
|
|
|
rb_str_resize(str, out_len);
|
|
|
|
}
|
|
|
|
|
2008-07-22 11:34:23 -04:00
|
|
|
if (!EVP_CipherUpdate(ctx, (unsigned char *)RSTRING_PTR(str), &out_len, in, in_len))
|
2003-07-23 12:12:24 -04:00
|
|
|
ossl_raise(eCipherError, NULL);
|
2006-08-31 06:30:33 -04:00
|
|
|
assert(out_len < RSTRING_LEN(str));
|
|
|
|
rb_str_set_len(str, out_len);
|
2003-07-23 12:12:24 -04:00
|
|
|
|
|
|
|
return str;
|
|
|
|
}
|
|
|
|
|
2007-03-29 13:29:03 -04:00
|
|
|
/*
|
|
|
|
* call-seq:
|
2011-12-25 13:53:45 -05:00
|
|
|
* cipher.final -> string
|
2007-03-29 13:29:03 -04:00
|
|
|
*
|
2012-12-20 01:03:03 -05:00
|
|
|
* Returns the remaining data held in the cipher object. Further calls to
|
|
|
|
* Cipher#update or Cipher#final will return garbage. This call should always
|
|
|
|
* be made as the last call of an encryption or decryption operation, after
|
|
|
|
* after having fed the entire plaintext or ciphertext to the Cipher instance.
|
2007-03-29 13:29:03 -04:00
|
|
|
*
|
2012-12-20 01:03:03 -05:00
|
|
|
* If an authenticated cipher was used, a CipherError is raised if the tag
|
|
|
|
* could not be authenticated successfully. Only call this method after
|
|
|
|
* setting the authentication tag and passing the entire contents of the
|
|
|
|
* ciphertext into the cipher.
|
2007-03-29 13:29:03 -04:00
|
|
|
*/
|
2010-04-22 04:04:13 -04:00
|
|
|
static VALUE
|
2003-07-23 12:12:24 -04:00
|
|
|
ossl_cipher_final(VALUE self)
|
|
|
|
{
|
|
|
|
EVP_CIPHER_CTX *ctx;
|
|
|
|
int out_len;
|
|
|
|
VALUE str;
|
|
|
|
|
|
|
|
GetCipher(self, ctx);
|
2003-09-17 05:05:02 -04:00
|
|
|
str = rb_str_new(0, EVP_CIPHER_CTX_block_size(ctx));
|
2008-07-22 11:34:23 -04:00
|
|
|
if (!EVP_CipherFinal_ex(ctx, (unsigned char *)RSTRING_PTR(str), &out_len))
|
2003-07-23 12:12:24 -04:00
|
|
|
ossl_raise(eCipherError, NULL);
|
2006-08-31 06:30:33 -04:00
|
|
|
assert(out_len <= RSTRING_LEN(str));
|
|
|
|
rb_str_set_len(str, out_len);
|
2003-07-23 12:12:24 -04:00
|
|
|
|
|
|
|
return str;
|
|
|
|
}
|
|
|
|
|
2007-03-29 13:29:03 -04:00
|
|
|
/*
|
|
|
|
* call-seq:
|
|
|
|
* cipher.name -> string
|
|
|
|
*
|
2011-12-25 13:53:45 -05:00
|
|
|
* Returns the name of the cipher which may differ slightly from the original
|
|
|
|
* name provided.
|
2007-03-29 13:29:03 -04:00
|
|
|
*/
|
2003-07-23 12:12:24 -04:00
|
|
|
static VALUE
|
|
|
|
ossl_cipher_name(VALUE self)
|
|
|
|
{
|
|
|
|
EVP_CIPHER_CTX *ctx;
|
|
|
|
|
|
|
|
GetCipher(self, ctx);
|
|
|
|
|
|
|
|
return rb_str_new2(EVP_CIPHER_name(EVP_CIPHER_CTX_cipher(ctx)));
|
|
|
|
}
|
|
|
|
|
2007-03-29 13:29:03 -04:00
|
|
|
/*
|
|
|
|
* call-seq:
|
|
|
|
* cipher.key = string -> string
|
|
|
|
*
|
2011-12-25 13:53:45 -05:00
|
|
|
* Sets the cipher key. To generate a key, you should either use a secure
|
|
|
|
* random byte string or, if the key is to be derived from a password, you
|
|
|
|
* should rely on PBKDF2 functionality provided by OpenSSL::PKCS5. To
|
|
|
|
* generate a secure random-based key, Cipher#random_key may be used.
|
2007-03-29 13:29:03 -04:00
|
|
|
*
|
2011-12-25 13:53:45 -05:00
|
|
|
* Only call this method after calling Cipher#encrypt or Cipher#decrypt.
|
2007-03-29 13:29:03 -04:00
|
|
|
*/
|
2003-07-23 12:12:24 -04:00
|
|
|
static VALUE
|
|
|
|
ossl_cipher_set_key(VALUE self, VALUE key)
|
|
|
|
{
|
|
|
|
EVP_CIPHER_CTX *ctx;
|
|
|
|
|
|
|
|
StringValue(key);
|
|
|
|
GetCipher(self, ctx);
|
|
|
|
|
2006-08-31 06:30:33 -04:00
|
|
|
if (RSTRING_LEN(key) < EVP_CIPHER_CTX_key_length(ctx))
|
2003-07-23 12:12:24 -04:00
|
|
|
ossl_raise(eCipherError, "key length too short");
|
|
|
|
|
2008-07-22 11:34:23 -04:00
|
|
|
if (EVP_CipherInit_ex(ctx, NULL, NULL, (unsigned char *)RSTRING_PTR(key), NULL, -1) != 1)
|
2003-07-23 12:12:24 -04:00
|
|
|
ossl_raise(eCipherError, NULL);
|
|
|
|
|
|
|
|
return key;
|
|
|
|
}
|
|
|
|
|
2007-03-29 13:29:03 -04:00
|
|
|
/*
|
|
|
|
* call-seq:
|
|
|
|
* cipher.iv = string -> string
|
|
|
|
*
|
2011-12-25 13:53:45 -05:00
|
|
|
* Sets the cipher IV. Please note that since you should never be using ECB
|
|
|
|
* mode, an IV is always explicitly required and should be set prior to
|
|
|
|
* encryption. The IV itself can be safely transmitted in public, but it
|
|
|
|
* should be unpredictable to prevent certain kinds of attacks. You may use
|
|
|
|
* Cipher#random_iv to create a secure random IV.
|
|
|
|
*
|
|
|
|
* Only call this method after calling Cipher#encrypt or Cipher#decrypt.
|
2007-03-29 13:29:03 -04:00
|
|
|
*
|
2011-12-25 13:53:45 -05:00
|
|
|
* If not explicitly set, the OpenSSL default of an all-zeroes ("\\0") IV is
|
|
|
|
* used.
|
2007-03-29 13:29:03 -04:00
|
|
|
*/
|
2003-07-23 12:12:24 -04:00
|
|
|
static VALUE
|
|
|
|
ossl_cipher_set_iv(VALUE self, VALUE iv)
|
|
|
|
{
|
|
|
|
EVP_CIPHER_CTX *ctx;
|
|
|
|
|
|
|
|
StringValue(iv);
|
|
|
|
GetCipher(self, ctx);
|
|
|
|
|
2006-08-31 06:30:33 -04:00
|
|
|
if (RSTRING_LEN(iv) < EVP_CIPHER_CTX_iv_length(ctx))
|
2003-07-23 12:12:24 -04:00
|
|
|
ossl_raise(eCipherError, "iv length too short");
|
|
|
|
|
2008-07-22 11:34:23 -04:00
|
|
|
if (EVP_CipherInit_ex(ctx, NULL, NULL, NULL, (unsigned char *)RSTRING_PTR(iv), -1) != 1)
|
* ext/openssl/extconf.rb: check for EVP_CIPHER_CTX_copy, ENGINE_add,
EVP_CIPHER_CTX_set_padding, EVP_CipherFinal_ex, EVP_CipherInit_ex,
EVP_DigestFinal_ex and EVP_DigestInit_ex.
* ext/openssl/openssl_missing.c (EVP_CIPHER_CTX_copy): new function.
* ext/openssl/openssl_missing.h (EVP_DigestInit_ex, EVP_DigestFinal_ex,
EVP_CipherInit_ex, EVP_CipherFinal_ex, HMAC_Init_ex): new macro for
OpenSSL 0.9.6.
* ext/openssl/ossl_cipher.c (ossl_cipher_alloc, ossl_cipher_initialize,
ossl_cipher_copy, ossl_cipher_reset, ossl_cipher_encrypt,
ossl_cipher_decrypt, ossl_cipher_final, ossl_cipher_set_key,
ossl_cipher_set_iv): replace all EVP_CipherInit and
EVP_CipherFinal into EVP_CipherInit_ex and EVP_CipherFinal_ex.
and EVP_CIPHER_CTX_init should only be called once.
* ext/openssl/ossl_cipher.c (ossl_cipher_set_padding): check for
EVP_CIPHER_CTX_set_padding.
* ext/openssl/ossl_cipher.c (Init_ossl_cipher): Cipher#<< is deprecated.
* ext/openssl/ossl_digest.c: replace all EVP_DigestInit and
EVP_DigestFinal into EVP_DigestInit_ex and EVP_DigestFinal_ex.
and EVP_MD_CTX_init should only be called once.
* ext/openssl/ossl_digest.c (digest_final): should call
EVP_MD_CTX_cleanup to avoid memory leak.
* ext/openssl/ossl_hmac.c (ossl_hmac_initialize): repalce HMAC_init
into HMAC_init_ex. and HMAC_CTX_init is moved to ossl_hmac_alloc.
* ext/openssl/ossl_hmac.c (hmac_final): should call
HMAC_CTX_cleanup to avoid memory leak.
* test/openssl/test_cipher.rb, test/openssl/test_digest.rb,
test/openssl/test_hmac.rb: new file.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6548 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2004-06-30 06:48:43 -04:00
|
|
|
ossl_raise(eCipherError, NULL);
|
2003-07-23 12:12:24 -04:00
|
|
|
|
|
|
|
return iv;
|
|
|
|
}
|
|
|
|
|
2012-12-20 02:42:56 -05:00
|
|
|
#ifdef HAVE_AUTHENTICATED_ENCRYPTION
|
2012-12-20 01:03:03 -05:00
|
|
|
/*
|
|
|
|
* call-seq:
|
|
|
|
* cipher.auth_data = string -> string
|
|
|
|
*
|
|
|
|
* Sets the cipher's additional authenticated data. This field must be
|
|
|
|
* set when using AEAD cipher modes such as GCM or CCM. If no associated
|
|
|
|
* data shall be used, this method must *still* be called with a value of "".
|
|
|
|
* The contents of this field should be non-sensitive data which will be
|
|
|
|
* added to the ciphertext to generate the authentication tag which validates
|
|
|
|
* the contents of the ciphertext.
|
|
|
|
*
|
|
|
|
* The AAD must be set prior to encryption or decryption. In encryption mode,
|
|
|
|
* it must be set after calling Cipher#encrypt and setting Cipher#key= and
|
|
|
|
* Cipher#iv=. When decrypting, the authenticated data must be set after key,
|
|
|
|
* iv and especially *after* the authentication tag has been set. I.e. set it
|
|
|
|
* only after calling Cipher#decrypt, Cipher#key=, Cipher#iv= and
|
|
|
|
* Cipher#auth_tag= first.
|
|
|
|
*/
|
|
|
|
static VALUE
|
|
|
|
ossl_cipher_set_auth_data(VALUE self, VALUE data)
|
|
|
|
{
|
|
|
|
EVP_CIPHER_CTX *ctx;
|
|
|
|
unsigned char *in;
|
|
|
|
int in_len;
|
|
|
|
int out_len;
|
|
|
|
|
|
|
|
StringValue(data);
|
|
|
|
|
|
|
|
in = (unsigned char *) RSTRING_PTR(data);
|
|
|
|
in_len = RSTRING_LENINT(data);
|
|
|
|
|
|
|
|
GetCipher(self, ctx);
|
|
|
|
|
|
|
|
if (!EVP_CipherUpdate(ctx, NULL, &out_len, in, in_len))
|
|
|
|
ossl_raise(eCipherError, "couldn't set additional authenticated data");
|
|
|
|
|
|
|
|
return data;
|
|
|
|
}
|
|
|
|
|
|
|
|
#define ossl_is_gcm(nid) (nid) == NID_aes_128_gcm || \
|
|
|
|
(nid) == NID_aes_192_gcm || \
|
|
|
|
(nid) == NID_aes_256_gcm
|
|
|
|
|
|
|
|
static VALUE
|
|
|
|
ossl_get_gcm_auth_tag(EVP_CIPHER_CTX *ctx, int len)
|
|
|
|
{
|
|
|
|
unsigned char *tag;
|
|
|
|
VALUE ret;
|
|
|
|
|
|
|
|
tag = ALLOC_N(unsigned char, len);
|
|
|
|
|
|
|
|
if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, len, tag))
|
|
|
|
ossl_raise(eCipherError, "retrieving the authentication tag failed");
|
|
|
|
|
|
|
|
ret = rb_str_new((const char *) tag, len);
|
|
|
|
xfree(tag);
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* call-seq:
|
|
|
|
* cipher.auth_tag([ tag_len ] -> string
|
|
|
|
*
|
|
|
|
* Gets the authentication tag generated by Authenticated Encryption Cipher
|
|
|
|
* modes (GCM for example). This tag may be stored along with the ciphertext,
|
|
|
|
* then set on the decryption cipher to authenticate the contents of the
|
|
|
|
* ciphertext against changes. If the optional integer parameter +tag_len+ is
|
|
|
|
* given, the returned tag will be +tag_len+ bytes long. If the parameter is
|
|
|
|
* omitted, the maximum length of 16 bytes will be returned. For maximum
|
|
|
|
* security, the default of 16 bytes should be chosen.
|
|
|
|
*
|
|
|
|
* The tag may only be retrieved after calling Cipher#final.
|
|
|
|
*/
|
|
|
|
static VALUE
|
|
|
|
ossl_cipher_get_auth_tag(int argc, VALUE *argv, VALUE self)
|
|
|
|
{
|
|
|
|
VALUE vtag_len;
|
|
|
|
EVP_CIPHER_CTX *ctx;
|
|
|
|
int nid, tag_len;
|
|
|
|
|
|
|
|
if (rb_scan_args(argc, argv, "01", &vtag_len) == 0) {
|
|
|
|
tag_len = 16;
|
|
|
|
} else {
|
|
|
|
tag_len = NUM2INT(vtag_len);
|
|
|
|
}
|
|
|
|
|
|
|
|
GetCipher(self, ctx);
|
|
|
|
nid = EVP_CIPHER_CTX_nid(ctx);
|
|
|
|
|
|
|
|
if (ossl_is_gcm(nid)) {
|
|
|
|
return ossl_get_gcm_auth_tag(ctx, tag_len);
|
|
|
|
} else {
|
|
|
|
ossl_raise(eCipherError, "authentication tag not supported by this cipher");
|
|
|
|
return Qnil; /* dummy */
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void
|
|
|
|
ossl_set_gcm_auth_tag(EVP_CIPHER_CTX *ctx, unsigned char *tag, int tag_len)
|
|
|
|
{
|
|
|
|
if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, tag_len, tag))
|
|
|
|
ossl_raise(eCipherError, "unable to set GCM tag");
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* call-seq:
|
|
|
|
* cipher.auth_tag = string -> string
|
|
|
|
*
|
|
|
|
* Sets the authentication tag to verify the contents of the
|
|
|
|
* ciphertext. The tag must be set after calling Cipher#decrypt,
|
|
|
|
* Cipher#key= and Cipher#iv=, but before assigning the associated
|
|
|
|
* authenticated data using Cipher#auth_data= and of course, before
|
|
|
|
* decrypting any of the ciphertext. After all decryption is
|
|
|
|
* performed, the tag is verified automatically in the call to
|
|
|
|
* Cipher#final.
|
|
|
|
*/
|
|
|
|
static VALUE
|
|
|
|
ossl_cipher_set_auth_tag(VALUE self, VALUE vtag)
|
|
|
|
{
|
|
|
|
EVP_CIPHER_CTX *ctx;
|
|
|
|
int nid;
|
|
|
|
unsigned char *tag;
|
|
|
|
int tag_len;
|
|
|
|
|
|
|
|
StringValue(vtag);
|
|
|
|
tag = (unsigned char *) RSTRING_PTR(vtag);
|
|
|
|
tag_len = RSTRING_LENINT(vtag);
|
|
|
|
|
|
|
|
GetCipher(self, ctx);
|
|
|
|
nid = EVP_CIPHER_CTX_nid(ctx);
|
|
|
|
|
|
|
|
if (ossl_is_gcm(nid)) {
|
|
|
|
ossl_set_gcm_auth_tag(ctx, tag, tag_len);
|
|
|
|
} else {
|
|
|
|
ossl_raise(eCipherError, "authentication tag not supported by this cipher");
|
|
|
|
}
|
|
|
|
|
|
|
|
return vtag;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* call-seq:
|
|
|
|
* cipher.authenticated? -> boolean
|
|
|
|
*
|
|
|
|
* Indicated whether this Cipher instance uses an Authenticated Encryption
|
|
|
|
* mode.
|
|
|
|
*/
|
|
|
|
static VALUE
|
|
|
|
ossl_cipher_is_authenticated(VALUE self)
|
|
|
|
{
|
|
|
|
EVP_CIPHER_CTX *ctx;
|
|
|
|
int nid;
|
|
|
|
|
|
|
|
GetCipher(self, ctx);
|
|
|
|
nid = EVP_CIPHER_CTX_nid(ctx);
|
|
|
|
|
|
|
|
if (ossl_is_gcm(nid)) {
|
2012-12-20 01:18:26 -05:00
|
|
|
return Qtrue;
|
2012-12-20 01:03:03 -05:00
|
|
|
} else {
|
|
|
|
return Qfalse;
|
|
|
|
}
|
|
|
|
}
|
2012-12-20 02:42:56 -05:00
|
|
|
#else
|
|
|
|
#define ossl_cipher_set_auth_data rb_f_notimplement
|
|
|
|
#define ossl_cipher_get_auth_tag rb_f_notimplement
|
|
|
|
#define ossl_cipher_set_auth_tag rb_f_notimplement
|
|
|
|
#define ossl_cipher_is_authenticated rb_f_notimplement
|
|
|
|
#endif
|
2007-03-29 13:29:03 -04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* call-seq:
|
2011-06-20 05:48:05 -04:00
|
|
|
* cipher.key_len = integer -> integer
|
2007-03-29 13:29:03 -04:00
|
|
|
*
|
2011-12-25 13:53:45 -05:00
|
|
|
* Sets the key length of the cipher. If the cipher is a fixed length cipher
|
|
|
|
* then attempting to set the key length to any value other than the fixed
|
|
|
|
* value is an error.
|
2007-03-29 13:29:03 -04:00
|
|
|
*
|
|
|
|
* Under normal circumstances you do not need to call this method (and probably shouldn't).
|
|
|
|
*
|
|
|
|
* See EVP_CIPHER_CTX_set_key_length for further information.
|
|
|
|
*/
|
2004-06-30 11:45:41 -04:00
|
|
|
static VALUE
|
|
|
|
ossl_cipher_set_key_length(VALUE self, VALUE key_length)
|
|
|
|
{
|
2004-12-15 01:35:55 -05:00
|
|
|
int len = NUM2INT(key_length);
|
2004-06-30 11:45:41 -04:00
|
|
|
EVP_CIPHER_CTX *ctx;
|
2010-04-22 04:04:13 -04:00
|
|
|
|
2004-06-30 11:45:41 -04:00
|
|
|
GetCipher(self, ctx);
|
2004-12-15 01:35:55 -05:00
|
|
|
if (EVP_CIPHER_CTX_set_key_length(ctx, len) != 1)
|
2004-06-30 11:45:41 -04:00
|
|
|
ossl_raise(eCipherError, NULL);
|
|
|
|
|
|
|
|
return key_length;
|
|
|
|
}
|
|
|
|
|
2009-04-18 10:10:06 -04:00
|
|
|
#if defined(HAVE_EVP_CIPHER_CTX_SET_PADDING)
|
2007-03-29 13:29:03 -04:00
|
|
|
/*
|
|
|
|
* call-seq:
|
|
|
|
* cipher.padding = integer -> integer
|
|
|
|
*
|
|
|
|
* Enables or disables padding. By default encryption operations are padded using standard block padding and the
|
|
|
|
* padding is checked and removed when decrypting. If the pad parameter is zero then no padding is performed, the
|
|
|
|
* total amount of data encrypted or decrypted must then be a multiple of the block size or an error will occur.
|
|
|
|
*
|
|
|
|
* See EVP_CIPHER_CTX_set_padding for further information.
|
|
|
|
*/
|
2003-07-23 12:12:24 -04:00
|
|
|
static VALUE
|
|
|
|
ossl_cipher_set_padding(VALUE self, VALUE padding)
|
|
|
|
{
|
|
|
|
EVP_CIPHER_CTX *ctx;
|
2004-12-15 01:35:55 -05:00
|
|
|
int pad = NUM2INT(padding);
|
2003-07-23 12:12:24 -04:00
|
|
|
|
|
|
|
GetCipher(self, ctx);
|
2004-12-15 01:35:55 -05:00
|
|
|
if (EVP_CIPHER_CTX_set_padding(ctx, pad) != 1)
|
* ext/openssl/extconf.rb: check for EVP_CIPHER_CTX_copy, ENGINE_add,
EVP_CIPHER_CTX_set_padding, EVP_CipherFinal_ex, EVP_CipherInit_ex,
EVP_DigestFinal_ex and EVP_DigestInit_ex.
* ext/openssl/openssl_missing.c (EVP_CIPHER_CTX_copy): new function.
* ext/openssl/openssl_missing.h (EVP_DigestInit_ex, EVP_DigestFinal_ex,
EVP_CipherInit_ex, EVP_CipherFinal_ex, HMAC_Init_ex): new macro for
OpenSSL 0.9.6.
* ext/openssl/ossl_cipher.c (ossl_cipher_alloc, ossl_cipher_initialize,
ossl_cipher_copy, ossl_cipher_reset, ossl_cipher_encrypt,
ossl_cipher_decrypt, ossl_cipher_final, ossl_cipher_set_key,
ossl_cipher_set_iv): replace all EVP_CipherInit and
EVP_CipherFinal into EVP_CipherInit_ex and EVP_CipherFinal_ex.
and EVP_CIPHER_CTX_init should only be called once.
* ext/openssl/ossl_cipher.c (ossl_cipher_set_padding): check for
EVP_CIPHER_CTX_set_padding.
* ext/openssl/ossl_cipher.c (Init_ossl_cipher): Cipher#<< is deprecated.
* ext/openssl/ossl_digest.c: replace all EVP_DigestInit and
EVP_DigestFinal into EVP_DigestInit_ex and EVP_DigestFinal_ex.
and EVP_MD_CTX_init should only be called once.
* ext/openssl/ossl_digest.c (digest_final): should call
EVP_MD_CTX_cleanup to avoid memory leak.
* ext/openssl/ossl_hmac.c (ossl_hmac_initialize): repalce HMAC_init
into HMAC_init_ex. and HMAC_CTX_init is moved to ossl_hmac_alloc.
* ext/openssl/ossl_hmac.c (hmac_final): should call
HMAC_CTX_cleanup to avoid memory leak.
* test/openssl/test_cipher.rb, test/openssl/test_digest.rb,
test/openssl/test_hmac.rb: new file.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6548 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2004-06-30 06:48:43 -04:00
|
|
|
ossl_raise(eCipherError, NULL);
|
2003-07-23 12:12:24 -04:00
|
|
|
return padding;
|
|
|
|
}
|
2009-04-18 10:10:06 -04:00
|
|
|
#else
|
|
|
|
#define ossl_cipher_set_padding rb_f_notimplement
|
|
|
|
#endif
|
2003-07-23 12:12:24 -04:00
|
|
|
|
|
|
|
#define CIPHER_0ARG_INT(func) \
|
|
|
|
static VALUE \
|
|
|
|
ossl_cipher_##func(VALUE self) \
|
|
|
|
{ \
|
|
|
|
EVP_CIPHER_CTX *ctx; \
|
|
|
|
GetCipher(self, ctx); \
|
|
|
|
return INT2NUM(EVP_CIPHER_##func(EVP_CIPHER_CTX_cipher(ctx))); \
|
|
|
|
}
|
|
|
|
|
2007-03-29 13:29:03 -04:00
|
|
|
/*
|
|
|
|
* call-seq:
|
2011-06-20 05:48:05 -04:00
|
|
|
* cipher.key_len -> integer
|
2007-03-29 13:29:03 -04:00
|
|
|
*
|
2011-12-25 13:53:45 -05:00
|
|
|
* Returns the key length in bytes of the Cipher.
|
2007-03-29 13:29:03 -04:00
|
|
|
*/
|
2011-12-25 13:53:45 -05:00
|
|
|
CIPHER_0ARG_INT(key_length)
|
2007-03-29 13:29:03 -04:00
|
|
|
/*
|
|
|
|
* call-seq:
|
2011-06-20 05:48:05 -04:00
|
|
|
* cipher.iv_len -> integer
|
2007-03-29 13:29:03 -04:00
|
|
|
*
|
2011-12-25 13:53:45 -05:00
|
|
|
* Returns the expected length in bytes for an IV for this Cipher.
|
2007-03-29 13:29:03 -04:00
|
|
|
*/
|
2011-12-25 13:53:45 -05:00
|
|
|
CIPHER_0ARG_INT(iv_length)
|
2007-03-29 13:29:03 -04:00
|
|
|
/*
|
|
|
|
* call-seq:
|
|
|
|
* cipher.block_size -> integer
|
|
|
|
*
|
2011-12-25 13:53:45 -05:00
|
|
|
* Returns the size in bytes of the blocks on which this Cipher operates on.
|
2007-03-29 13:29:03 -04:00
|
|
|
*/
|
2011-12-25 13:53:45 -05:00
|
|
|
CIPHER_0ARG_INT(block_size)
|
2007-03-29 13:29:03 -04:00
|
|
|
|
2003-07-23 12:12:24 -04:00
|
|
|
/*
|
|
|
|
* INIT
|
|
|
|
*/
|
2010-04-22 04:04:13 -04:00
|
|
|
void
|
2003-07-23 12:12:24 -04:00
|
|
|
Init_ossl_cipher(void)
|
|
|
|
{
|
2010-12-05 19:54:44 -05:00
|
|
|
#if 0
|
|
|
|
mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */
|
2007-03-11 22:01:19 -04:00
|
|
|
#endif
|
2011-12-25 13:53:45 -05:00
|
|
|
|
|
|
|
/* Document-class: OpenSSL::Cipher
|
|
|
|
*
|
|
|
|
* Provides symmetric algorithms for encryption and decryption. The
|
|
|
|
* algorithms that are available depend on the particular version
|
|
|
|
* of OpenSSL that is installed.
|
|
|
|
*
|
|
|
|
* === Listing all supported algorithms
|
|
|
|
*
|
|
|
|
* A list of supported algorithms can be obtained by
|
|
|
|
*
|
|
|
|
* puts OpenSSL::Cipher.ciphers
|
|
|
|
*
|
|
|
|
* === Instantiating a Cipher
|
|
|
|
*
|
|
|
|
* There are several ways to create a Cipher instance. Generally, a
|
|
|
|
* Cipher algorithm is categorized by its name, the key length in bits
|
|
|
|
* and the cipher mode to be used. The most generic way to create a
|
|
|
|
* Cipher is the following
|
|
|
|
*
|
|
|
|
* cipher = OpenSSL::Cipher.new('<name>-<key length>-<mode>')
|
|
|
|
*
|
|
|
|
* That is, a string consisting of the hyphenated concatenation of the
|
2011-12-25 15:47:48 -05:00
|
|
|
* individual components name, key length and mode. Either all uppercase
|
2011-12-25 13:53:45 -05:00
|
|
|
* or all lowercase strings may be used, for example:
|
|
|
|
*
|
|
|
|
* cipher = OpenSSL::Cipher.new('AES-128-CBC')
|
|
|
|
*
|
|
|
|
* For each algorithm supported, there is a class defined under the
|
|
|
|
* Cipher class that goes by the name of the cipher, e.g. to obtain an
|
|
|
|
* instance of AES, you could also use
|
|
|
|
*
|
|
|
|
* # these are equivalent
|
|
|
|
* cipher = OpenSSL::Cipher::AES.new(128, :CBC)
|
|
|
|
* cipher = OpenSSL::Cipher::AES.new(128, 'CBC')
|
|
|
|
* cipher = OpenSSL::Cipher::AES.new('128-CBC')
|
|
|
|
*
|
|
|
|
* Finally, due to its wide-spread use, there are also extra classes
|
|
|
|
* defined for the different key sizes of AES
|
|
|
|
*
|
|
|
|
* cipher = OpenSSL::Cipher::AES128.new(:CBC)
|
|
|
|
* cipher = OpenSSL::Cipher::AES192.new(:CBC)
|
|
|
|
* cipher = OpenSSL::Cipher::AES256.new(:CBC)
|
|
|
|
*
|
|
|
|
* === Choosing either encryption or decryption mode
|
|
|
|
*
|
|
|
|
* Encryption and decryption are often very similar operations for
|
|
|
|
* symmetric algorithms, this is reflected by not having to choose
|
|
|
|
* different classes for either operation, both can be done using the
|
|
|
|
* same class. Still, after obtaining a Cipher instance, we need to
|
|
|
|
* tell the instance what it is that we intend to do with it, so we
|
|
|
|
* need to call either
|
|
|
|
*
|
|
|
|
* cipher.encrypt
|
|
|
|
*
|
|
|
|
* or
|
|
|
|
*
|
|
|
|
* cipher.decrypt
|
|
|
|
*
|
|
|
|
* on the Cipher instance. This should be the first call after creating
|
|
|
|
* the instance, otherwise configuration that has already been set could
|
|
|
|
* get lost in the process.
|
|
|
|
*
|
|
|
|
* === Choosing a key
|
|
|
|
*
|
|
|
|
* Symmetric encryption requires a key that is the same for the encrypting
|
|
|
|
* and for the decrypting party and after initial key establishment should
|
|
|
|
* be kept as private information. There are a lot of ways to create
|
|
|
|
* insecure keys, the most notable is to simply take a password as the key
|
|
|
|
* without processing the password further. A simple and secure way to
|
|
|
|
* create a key for a particular Cipher is
|
|
|
|
*
|
|
|
|
* cipher = OpenSSL::AES256.new(:CFB)
|
|
|
|
* cipher.encrypt
|
|
|
|
* key = cipher.random_key # also sets the generated key on the Cipher
|
|
|
|
*
|
|
|
|
* If you absolutely need to use passwords as encryption keys, you
|
|
|
|
* should use Password-Based Key Derivation Function 2 (PBKDF2) by
|
|
|
|
* generating the key with the help of the functionality provided by
|
2011-12-25 15:09:59 -05:00
|
|
|
* OpenSSL::PKCS5.pbkdf2_hmac_sha1 or OpenSSL::PKCS5.pbkdf2_hmac.
|
2011-12-25 13:53:45 -05:00
|
|
|
*
|
|
|
|
* Although there is Cipher#pkcs5_keyivgen, its use is deprecated and
|
|
|
|
* it should only be used in legacy applications because it does not use
|
|
|
|
* the newer PKCS#5 v2 algorithms.
|
|
|
|
*
|
|
|
|
* === Choosing an IV
|
|
|
|
*
|
|
|
|
* The cipher modes CBC, CFB, OFB and CTR all need an "initialization
|
|
|
|
* vector", or short, IV. ECB mode is the only mode that does not require
|
|
|
|
* an IV, but there is almost no legitimate use case for this mode
|
|
|
|
* because of the fact that it does not sufficiently hide plaintext
|
|
|
|
* patterns. Therefore
|
|
|
|
*
|
|
|
|
* <b>You should never use ECB mode unless you are absolutely sure that
|
|
|
|
* you absolutely need it</b>
|
|
|
|
*
|
|
|
|
* Because of this, you will end up with a mode that explicitly requires
|
|
|
|
* an IV in any case. Note that for backwards compatibility reasons,
|
|
|
|
* setting an IV is not explicitly mandated by the Cipher API. If not
|
|
|
|
* set, OpenSSL itself defaults to an all-zeroes IV ("\\0", not the
|
|
|
|
* character). Although the IV can be seen as public information, i.e.
|
|
|
|
* it may be transmitted in public once generated, it should still stay
|
|
|
|
* unpredictable to prevent certain kinds of attacks. Therefore, ideally
|
|
|
|
*
|
|
|
|
* <b>Always create a secure random IV for every encryption of your
|
|
|
|
* Cipher</b>
|
|
|
|
*
|
|
|
|
* A new, random IV should be created for every encryption of data. Think
|
|
|
|
* of the IV as a nonce (number used once) - it's public but random and
|
|
|
|
* unpredictable. A secure random IV can be created as follows
|
|
|
|
*
|
|
|
|
* cipher = ...
|
|
|
|
* cipher.encrypt
|
|
|
|
* key = cipher.random_key
|
|
|
|
* iv = cipher.random_iv # also sets the generated IV on the Cipher
|
|
|
|
*
|
2012-02-07 19:29:26 -05:00
|
|
|
* Although the key is generally a random value, too, it is a bad choice
|
|
|
|
* as an IV. There are elaborate ways how an attacker can take advantage
|
|
|
|
* of such an IV. As a general rule of thumb, exposing the key directly
|
|
|
|
* or indirectly should be avoided at all cost and exceptions only be
|
2012-02-08 22:25:07 -05:00
|
|
|
* made with good reason.
|
2012-02-07 19:29:26 -05:00
|
|
|
*
|
2011-12-25 13:53:45 -05:00
|
|
|
* === Calling Cipher#final
|
|
|
|
*
|
|
|
|
* ECB (which should not be used) and CBC are both block-based modes.
|
2011-12-25 15:47:48 -05:00
|
|
|
* This means that unlike for the other streaming-based modes, they
|
|
|
|
* operate on fixed-size blocks of data, and therefore they require a
|
2011-12-25 13:53:45 -05:00
|
|
|
* "finalization" step to produce or correctly decrypt the last block of
|
|
|
|
* data by appropriately handling some form of padding. Therefore it is
|
|
|
|
* essential to add the output of OpenSSL::Cipher#final to your
|
|
|
|
* encryption/decryption buffer or you will end up with decryption errors
|
|
|
|
* or truncated data.
|
|
|
|
*
|
2011-12-25 15:47:48 -05:00
|
|
|
* Although this is not really necessary for streaming-mode ciphers, it is
|
2011-12-25 13:53:45 -05:00
|
|
|
* still recommended to apply the same pattern of adding the output of
|
|
|
|
* Cipher#final there as well - it also enables you to switch between
|
|
|
|
* modes more easily in the future.
|
|
|
|
*
|
|
|
|
* === Encrypting and decrypting some data
|
|
|
|
*
|
|
|
|
* data = "Very, very confidential data"
|
|
|
|
*
|
|
|
|
* cipher = OpenSSL::Cipher::AES.new(128, :CBC)
|
|
|
|
* cipher.encrypt
|
|
|
|
* key = cipher.random_key
|
|
|
|
* iv = cipher.random_iv
|
|
|
|
*
|
|
|
|
* encrypted = cipher.update(data) + cipher.final
|
|
|
|
* ...
|
|
|
|
* decipher = OpenSSL::Cipher::AES.new(128, :CBC)
|
|
|
|
* decipher.decrypt
|
|
|
|
* decipher.key = key
|
|
|
|
* decipher.iv = iv
|
|
|
|
*
|
|
|
|
* plain = decipher.update(encrypted) + decipher.final
|
|
|
|
*
|
|
|
|
* puts data == plain #=> true
|
|
|
|
*
|
2012-12-20 01:03:03 -05:00
|
|
|
* === Authenticated Encryption and Associated Data (AEAD)
|
|
|
|
*
|
|
|
|
* If the OpenSSL version used supports it, an Authenticated Encryption
|
|
|
|
* mode (such as GCM or CCM) should always be preferred over any
|
|
|
|
* unauthenticated mode. Currently, OpenSSL supports AE only in combination
|
|
|
|
* with Associated Data (AEAD) where additional associated data is included
|
|
|
|
* in the encryption process to compute a tag at the end of the encryption.
|
|
|
|
* This tag will also be used in the decryption process and by verifying
|
|
|
|
* its validity, the authenticity of a given ciphertext is established.
|
|
|
|
*
|
|
|
|
* This is superior to unauthenticated modes in that it allows to detect
|
|
|
|
* if somebody effectively changed the ciphertext after it had been
|
|
|
|
* encrypted. This prevents malicious modifications of the ciphertext that
|
|
|
|
* could otherwise be exploited to modify ciphertexts in ways beneficial to
|
|
|
|
* potential attackers.
|
|
|
|
*
|
|
|
|
* If no associated data is needed for encryption and later decryption,
|
|
|
|
* the OpenSSL library still requires a value to be set - "" may be used in
|
|
|
|
* case none is available. An example using the GCM (Galois Counter Mode):
|
|
|
|
*
|
|
|
|
* cipher = OpenSSL::Cipher::AES.new(128, :GCM)
|
|
|
|
* cipher.encrypt
|
|
|
|
* key = cipher.random_key
|
|
|
|
* iv = cipher.random_iv
|
|
|
|
* cipher.auth_data = ""
|
|
|
|
*
|
|
|
|
* encrypted = cipher.update(data) + cipher.final
|
|
|
|
* tag = cipher.auth_tag
|
|
|
|
*
|
|
|
|
* decipher = OpenSSL::Cipher::AES.new(128, :GCM)
|
|
|
|
* decipher.decrypt
|
|
|
|
* decipher.key = key
|
|
|
|
* decipher.iv = iv
|
|
|
|
* decipher.auth_tag = tag
|
|
|
|
* decipher.auth_data = ""
|
|
|
|
*
|
|
|
|
* plain = decipher.update(encrypted) + decipher.final
|
|
|
|
*
|
|
|
|
* puts data == plain #=> true
|
2011-12-25 13:53:45 -05:00
|
|
|
*/
|
2007-04-05 01:59:22 -04:00
|
|
|
cCipher = rb_define_class_under(mOSSL, "Cipher", rb_cObject);
|
|
|
|
eCipherError = rb_define_class_under(cCipher, "CipherError", eOSSLError);
|
2003-07-23 12:12:24 -04:00
|
|
|
|
|
|
|
rb_define_alloc_func(cCipher, ossl_cipher_alloc);
|
|
|
|
rb_define_copy_func(cCipher, ossl_cipher_copy);
|
2007-04-05 01:59:22 -04:00
|
|
|
rb_define_module_function(cCipher, "ciphers", ossl_s_ciphers, 0);
|
* ext/openssl/extconf.rb: check for EVP_CIPHER_CTX_copy, ENGINE_add,
EVP_CIPHER_CTX_set_padding, EVP_CipherFinal_ex, EVP_CipherInit_ex,
EVP_DigestFinal_ex and EVP_DigestInit_ex.
* ext/openssl/openssl_missing.c (EVP_CIPHER_CTX_copy): new function.
* ext/openssl/openssl_missing.h (EVP_DigestInit_ex, EVP_DigestFinal_ex,
EVP_CipherInit_ex, EVP_CipherFinal_ex, HMAC_Init_ex): new macro for
OpenSSL 0.9.6.
* ext/openssl/ossl_cipher.c (ossl_cipher_alloc, ossl_cipher_initialize,
ossl_cipher_copy, ossl_cipher_reset, ossl_cipher_encrypt,
ossl_cipher_decrypt, ossl_cipher_final, ossl_cipher_set_key,
ossl_cipher_set_iv): replace all EVP_CipherInit and
EVP_CipherFinal into EVP_CipherInit_ex and EVP_CipherFinal_ex.
and EVP_CIPHER_CTX_init should only be called once.
* ext/openssl/ossl_cipher.c (ossl_cipher_set_padding): check for
EVP_CIPHER_CTX_set_padding.
* ext/openssl/ossl_cipher.c (Init_ossl_cipher): Cipher#<< is deprecated.
* ext/openssl/ossl_digest.c: replace all EVP_DigestInit and
EVP_DigestFinal into EVP_DigestInit_ex and EVP_DigestFinal_ex.
and EVP_MD_CTX_init should only be called once.
* ext/openssl/ossl_digest.c (digest_final): should call
EVP_MD_CTX_cleanup to avoid memory leak.
* ext/openssl/ossl_hmac.c (ossl_hmac_initialize): repalce HMAC_init
into HMAC_init_ex. and HMAC_CTX_init is moved to ossl_hmac_alloc.
* ext/openssl/ossl_hmac.c (hmac_final): should call
HMAC_CTX_cleanup to avoid memory leak.
* test/openssl/test_cipher.rb, test/openssl/test_digest.rb,
test/openssl/test_hmac.rb: new file.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6548 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2004-06-30 06:48:43 -04:00
|
|
|
rb_define_method(cCipher, "initialize", ossl_cipher_initialize, 1);
|
2003-07-23 12:12:24 -04:00
|
|
|
rb_define_method(cCipher, "reset", ossl_cipher_reset, 0);
|
|
|
|
rb_define_method(cCipher, "encrypt", ossl_cipher_encrypt, -1);
|
|
|
|
rb_define_method(cCipher, "decrypt", ossl_cipher_decrypt, -1);
|
2004-06-30 11:45:41 -04:00
|
|
|
rb_define_method(cCipher, "pkcs5_keyivgen", ossl_cipher_pkcs5_keyivgen, -1);
|
2007-04-02 15:00:23 -04:00
|
|
|
rb_define_method(cCipher, "update", ossl_cipher_update, -1);
|
2003-07-23 12:12:24 -04:00
|
|
|
rb_define_method(cCipher, "final", ossl_cipher_final, 0);
|
|
|
|
rb_define_method(cCipher, "name", ossl_cipher_name, 0);
|
|
|
|
rb_define_method(cCipher, "key=", ossl_cipher_set_key, 1);
|
2012-12-20 01:03:03 -05:00
|
|
|
rb_define_method(cCipher, "auth_data=", ossl_cipher_set_auth_data, 1);
|
|
|
|
rb_define_method(cCipher, "auth_tag=", ossl_cipher_set_auth_tag, 1);
|
|
|
|
rb_define_method(cCipher, "auth_tag", ossl_cipher_get_auth_tag, -1);
|
|
|
|
rb_define_method(cCipher, "authenticated?", ossl_cipher_is_authenticated, 0);
|
2004-06-30 11:45:41 -04:00
|
|
|
rb_define_method(cCipher, "key_len=", ossl_cipher_set_key_length, 1);
|
2003-07-23 12:12:24 -04:00
|
|
|
rb_define_method(cCipher, "key_len", ossl_cipher_key_length, 0);
|
|
|
|
rb_define_method(cCipher, "iv=", ossl_cipher_set_iv, 1);
|
|
|
|
rb_define_method(cCipher, "iv_len", ossl_cipher_iv_length, 0);
|
|
|
|
rb_define_method(cCipher, "block_size", ossl_cipher_block_size, 0);
|
|
|
|
rb_define_method(cCipher, "padding=", ossl_cipher_set_padding, 1);
|
* ext/openssl/extconf.rb: check for EVP_CIPHER_CTX_copy, ENGINE_add,
EVP_CIPHER_CTX_set_padding, EVP_CipherFinal_ex, EVP_CipherInit_ex,
EVP_DigestFinal_ex and EVP_DigestInit_ex.
* ext/openssl/openssl_missing.c (EVP_CIPHER_CTX_copy): new function.
* ext/openssl/openssl_missing.h (EVP_DigestInit_ex, EVP_DigestFinal_ex,
EVP_CipherInit_ex, EVP_CipherFinal_ex, HMAC_Init_ex): new macro for
OpenSSL 0.9.6.
* ext/openssl/ossl_cipher.c (ossl_cipher_alloc, ossl_cipher_initialize,
ossl_cipher_copy, ossl_cipher_reset, ossl_cipher_encrypt,
ossl_cipher_decrypt, ossl_cipher_final, ossl_cipher_set_key,
ossl_cipher_set_iv): replace all EVP_CipherInit and
EVP_CipherFinal into EVP_CipherInit_ex and EVP_CipherFinal_ex.
and EVP_CIPHER_CTX_init should only be called once.
* ext/openssl/ossl_cipher.c (ossl_cipher_set_padding): check for
EVP_CIPHER_CTX_set_padding.
* ext/openssl/ossl_cipher.c (Init_ossl_cipher): Cipher#<< is deprecated.
* ext/openssl/ossl_digest.c: replace all EVP_DigestInit and
EVP_DigestFinal into EVP_DigestInit_ex and EVP_DigestFinal_ex.
and EVP_MD_CTX_init should only be called once.
* ext/openssl/ossl_digest.c (digest_final): should call
EVP_MD_CTX_cleanup to avoid memory leak.
* ext/openssl/ossl_hmac.c (ossl_hmac_initialize): repalce HMAC_init
into HMAC_init_ex. and HMAC_CTX_init is moved to ossl_hmac_alloc.
* ext/openssl/ossl_hmac.c (hmac_final): should call
HMAC_CTX_cleanup to avoid memory leak.
* test/openssl/test_cipher.rb, test/openssl/test_digest.rb,
test/openssl/test_hmac.rb: new file.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6548 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2004-06-30 06:48:43 -04:00
|
|
|
}
|
2007-04-02 15:00:23 -04:00
|
|
|
|