* ext/openssl/ossl_cipher.c: Add warning about key as IV.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@34463 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2012-02-08 00:29:26 +00:00 · 2012-02-08 00:29:26 +00:00 · aa3854e33d
commit aa3854e33d
parent 89a2a10508
2 changed files with 10 additions and 0 deletions
--- a/4
+++ b/4
@ -1,3 +1,7 @@
+Wed Feb 08 09:19:00 2012  Martin Bosslet  <Martin.Bosslet@googlemail.com>
+
+	* ext/openssl/ossl_cipher.c: Add warning about key as IV.
+
 Tue Feb  7 20:08:12 2012  Ayumu AIZAWA  <ayumu.aizawa@gmail.com>

 	* error.c (exc_inspect): Fix typo. patch from Trent Ogren
--- a/ext/openssl/ossl_cipher.c
+++ b/ext/openssl/ossl_cipher.c
@ -686,6 +686,12 @@ Init_ossl_cipher(void)
     *  key = cipher.random_key
     *  iv = cipher.random_iv # also sets the generated IV on the Cipher
     *
+     *  Although the key is generally a random value, too, it is a bad choice
+     *  as an IV. There are elaborate ways how an attacker can take advantage
+     *  of such an IV. As a general rule of thumb, exposing the key directly
+     *  or indirectly should be avoided at all cost and exceptions only be
+     *  made with good reason. 
+     *
     * === Calling Cipher#final
     *
     * ECB (which should not be used) and CBC are both block-based modes.