diff --git a/ChangeLog b/ChangeLog index 04f78677bb..c6beb5aac7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,11 @@ +Thu Nov 14 19:53:00 2013 Tanaka Akira + + * test/openssl/test_cipher.rb (test_aes_gcm_wrong_tag): Don't use + String#succ because it can make modified (wrong) auth_tag longer + than 16 bytes. The longer auth_tag makes that + EVP_CIPHER_CTX_ctrl (and internally aes_gcm_ctrl) fail. + [ruby-core:55143] [Bug #8439] reported by Vit Ondruch. + Thu Nov 14 11:35:37 2013 Nobuyoshi Nakada * hash.c (hash_foreach_ensure): restore iter_lev to the previous diff --git a/test/openssl/test_cipher.rb b/test/openssl/test_cipher.rb index 088dbc140d..156fa2a9c9 100644 --- a/test/openssl/test_cipher.rb +++ b/test/openssl/test_cipher.rb @@ -187,7 +187,8 @@ class OpenSSL::TestCipher < Test::Unit::TestCase tag = cipher.auth_tag decipher = new_decryptor('aes-128-gcm', key, iv) - decipher.auth_tag = tag[0..-2] << tag[-1].succ + tag.setbyte(-1, (tag.getbyte(-1) + 1) & 0xff) + decipher.auth_tag = tag decipher.auth_data = "aad" assert_raise OpenSSL::Cipher::CipherError do