12#define NewCipher(klass) \
13 TypedData_Wrap_Struct((klass), &ossl_cipher_type, 0)
14#define AllocCipher(obj, ctx) do { \
15 (ctx) = EVP_CIPHER_CTX_new(); \
17 ossl_raise(rb_eRuntimeError, NULL); \
18 RTYPEDDATA_DATA(obj) = (ctx); \
20#define GetCipherInit(obj, ctx) do { \
21 TypedData_Get_Struct((obj), EVP_CIPHER_CTX, &ossl_cipher_type, (ctx)); \
23#define GetCipher(obj, ctx) do { \
24 GetCipherInit((obj), (ctx)); \
26 ossl_raise(rb_eRuntimeError, "Cipher not initialized!"); \
35static ID id_auth_tag_len, id_key_set;
38static void ossl_cipher_free(
void *
ptr);
59 return EVP_CIPHER_CTX_cipher(ctx);
62 const EVP_CIPHER *cipher;
80 ret = ossl_cipher_alloc(
cCipher);
82 if (EVP_CipherInit_ex(ctx, cipher,
NULL,
NULL,
NULL, -1) != 1)
92ossl_cipher_free(
void *
ptr)
94 EVP_CIPHER_CTX_free(
ptr);
115 const EVP_CIPHER *cipher;
124 if (!(cipher = EVP_get_cipherbyname(
name))) {
127 if (EVP_CipherInit_ex(ctx, cipher,
NULL,
NULL,
NULL, -1) != 1)
136 EVP_CIPHER_CTX *ctx1, *ctx2;
139 if (
self == other)
return self;
146 if (EVP_CIPHER_CTX_copy(ctx1, ctx2) != 1)
153add_cipher_name_to_ary(
const OBJ_NAME *
name,
VALUE ary)
166ossl_s_ciphers(
VALUE self)
171 OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
172 (
void(*)(
const OBJ_NAME*,
void*))add_cipher_name_to_ary,
188ossl_cipher_reset(
VALUE self)
203 unsigned char key[EVP_MAX_KEY_LENGTH], *p_key =
NULL;
204 unsigned char iv[EVP_MAX_IV_LENGTH], *p_iv =
NULL;
215 "use %"PRIsVALUE"#pkcs5_keyivgen to derive key and IV",
216 cname, cname, cname);
219 if (
NIL_P(init_v))
memcpy(iv,
"OpenSSL for Ruby rulez!",
sizeof(iv));
223 memset(iv, 0, EVP_MAX_IV_LENGTH);
228 EVP_BytesToKey(EVP_CIPHER_CTX_cipher(ctx), EVP_md5(), iv,
236 if (EVP_CipherInit_ex(ctx,
NULL,
NULL, p_key, p_iv, mode) != 1) {
261 return ossl_cipher_init(
argc,
argv,
self, 1);
279 return ossl_cipher_init(
argc,
argv,
self, 0);
306 const EVP_MD *digest;
307 VALUE vpass, vsalt, viter, vdigest;
308 unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH], *salt =
NULL;
324 EVP_BytesToKey(EVP_CIPHER_CTX_cipher(ctx), digest, salt,
326 if (EVP_CipherInit_ex(ctx,
NULL,
NULL,
key, iv, -1) != 1)
328 OPENSSL_cleanse(
key,
sizeof key);
329 OPENSSL_cleanse(iv,
sizeof iv);
337ossl_cipher_update_long(EVP_CIPHER_CTX *ctx,
unsigned char *out,
long *out_len_ptr,
338 const unsigned char *in,
long in_len)
345 int in_part_len = in_len > limit ? limit : (
int)in_len;
347 if (!EVP_CipherUpdate(ctx, out ? (out + out_len) : 0,
348 &out_part_len, in, in_part_len))
351 out_len += out_part_len;
353 }
while ((in_len -= limit) > 0);
356 *out_len_ptr = out_len;
378 long in_len, out_len;
391 out_len = in_len+EVP_CIPHER_CTX_block_size(ctx);
394 "data too big to make output buffer: %ld bytes", in_len);
404 if (!ossl_cipher_update_long(ctx, (
unsigned char *)
RSTRING_PTR(
str), &out_len, in, in_len))
427ossl_cipher_final(
VALUE self)
435 if (!EVP_CipherFinal_ex(ctx, (
unsigned char *)
RSTRING_PTR(
str), &out_len))
451ossl_cipher_name(
VALUE self)
457 return rb_str_new2(EVP_CIPHER_name(EVP_CIPHER_CTX_cipher(ctx)));
480 key_len = EVP_CIPHER_CTX_key_length(ctx);
513 if (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER)
514 iv_len = (
int)(
VALUE)EVP_CIPHER_CTX_get_app_data(ctx);
516 iv_len = EVP_CIPHER_CTX_iv_length(ctx);
534ossl_cipher_is_authenticated(
VALUE self)
540 return (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER) ?
Qtrue :
Qfalse;
562ossl_cipher_set_auth_data(
VALUE self,
VALUE data)
566 long in_len, out_len;
574 if (!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER))
577 if (!ossl_cipher_update_long(ctx,
NULL, &out_len, in, in_len))
608 if (!
NIL_P(vtag_len))
613 if (!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER))
637ossl_cipher_set_auth_tag(
VALUE self,
VALUE vtag)
648 if (!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER))
669ossl_cipher_set_auth_tag_len(
VALUE self,
VALUE vlen)
675 if (!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER))
696ossl_cipher_set_iv_length(
VALUE self,
VALUE iv_length)
702 if (!(EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER))
712 EVP_CIPHER_CTX_set_app_data(ctx, (
void *)(
VALUE)
len);
730ossl_cipher_set_key_length(
VALUE self,
VALUE key_length)
736 if (EVP_CIPHER_CTX_set_key_length(ctx,
len) != 1)
753ossl_cipher_set_padding(
VALUE self,
VALUE padding)
759 if (EVP_CIPHER_CTX_set_padding(ctx, pad) != 1)
771ossl_cipher_key_length(
VALUE self)
777 return INT2NUM(EVP_CIPHER_CTX_key_length(ctx));
787ossl_cipher_iv_length(
VALUE self)
793 if (EVP_CIPHER_flags(EVP_CIPHER_CTX_cipher(ctx)) & EVP_CIPH_FLAG_AEAD_CIPHER)
794 len = (
int)(
VALUE)EVP_CIPHER_CTX_get_app_data(ctx);
796 len = EVP_CIPHER_CTX_iv_length(ctx);
808ossl_cipher_block_size(
VALUE self)
814 return INT2NUM(EVP_CIPHER_CTX_block_size(ctx));
char str[HTML_ESCAPE_MAX_LEN+1]
VALUE rb_define_class_under(VALUE, const char *, VALUE)
Defines a class under the namespace of outer.
VALUE rb_define_module(const char *)
VALUE rb_cObject
Object class.
void rb_raise(VALUE exc, const char *fmt,...)
void rb_warn(const char *fmt,...)
VALUE rb_obj_class(VALUE)
Equivalent to Object#class in Ruby.
VALUE rb_obj_is_kind_of(VALUE, VALUE)
Determines if obj is a kind of c.
#define EVP_CTRL_AEAD_SET_IVLEN
#define EVP_CTRL_AEAD_GET_TAG
#define EVP_CTRL_AEAD_SET_TAG
void ossl_raise(VALUE exc, const char *fmt,...)
#define AllocCipher(obj, ctx)
const EVP_CIPHER * ossl_evp_get_cipherbyname(VALUE obj)
void Init_ossl_cipher(void)
VALUE ossl_cipher_new(const EVP_CIPHER *cipher)
#define GetCipherInit(obj, ctx)
#define GetCipher(obj, ctx)
const EVP_MD * ossl_evp_get_digestbyname(VALUE obj)