From e4f8f8907c8d04c54acf7791947295f8d9abf959 Mon Sep 17 00:00:00 2001

From: akr <akr@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>

Date: Thu, 14 Nov 2013 10:58:15 +0000

Subject: [PATCH] * test/openssl/test_cipher.rb (test_aes_gcm_wrong_tag): Don't

 use   String#succ because it can make modified (wrong) auth_tag longer   than

 16 bytes.  The longer auth_tag makes that   EVP_CIPHER_CTX_ctrl (and

 internally aes_gcm_ctrl) fail.   [ruby-core:55143] [Bug #8439] reported by

 Vit Ondruch.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@43676 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

---

 ChangeLog                   | 8 ++++++++

 test/openssl/test_cipher.rb | 3 ++-

 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog

index 04f7867..c6beb5a 100644

--- a/ChangeLog

+++ b/ChangeLog

@@ -24,6 +24,14 @@

 	  time to invocation of signal handler from 0.01 sec to 0.2 sec.

 	  RubyCI report error on mswin. reported by @unak

+Thu Nov 14 19:53:00 2013  Tanaka Akira  <akr@fsij.org>

+

+	* test/openssl/test_cipher.rb (test_aes_gcm_wrong_tag): Don't use

+	  String#succ because it can make modified (wrong) auth_tag longer

+	  than 16 bytes.  The longer auth_tag makes that

+	  EVP_CIPHER_CTX_ctrl (and internally aes_gcm_ctrl) fail.

+	  [ruby-core:55143] [Bug #8439] reported by Vit Ondruch.

+

 Wed Nov 13 11:57:01 2013  CHIKANAGA Tomoyuki  <nagachika@ruby-lang.org>

 	* lib/rubygems: Update to RubyGems 2.0.14. [ruby-core:58300]

diff --git a/test/openssl/test_cipher.rb b/test/openssl/test_cipher.rb

index 088dbc1..156fa2a 100644

--- a/test/openssl/test_cipher.rb

+++ b/test/openssl/test_cipher.rb

@@ -187,7 +187,8 @@ def test_aes_gcm_wrong_tag

       tag = cipher.auth_tag

       decipher = new_decryptor('aes-128-gcm', key, iv)

-      decipher.auth_tag = tag[0..-2] << tag[-1].succ

+      tag.setbyte(-1, (tag.getbyte(-1) + 1) & 0xff)

+      decipher.auth_tag = tag

       decipher.auth_data = "aad"

       assert_raise OpenSSL::Cipher::CipherError do

-- 

1.8.5.1