Actions
Bug #15309
closedECB is broken
Description
#!/usr/bin/env ruby
require 'openssl'
# AES-128 ECB mode test vectors
KEY = ["2b7e151628aed2a6abf7158809cf4f3c"].pack("H*")
PLAINTEXT = ["6bc1bee22e409f96e93d7e117393172a"].pack("H*")
CIPHERTEXT = ["3ad77bb40d7a3660a89ecaf32466ef97"].pack("H*")
cipher = OpenSSL::Cipher::Cipher.new("aes-128-ecb")
cipher.key = KEY
cipher.padding = 0 # Padding is enabled by default o_O
puts "test encrypt : "
cipher.encrypt
ciphertext = cipher.update(PLAINTEXT) << cipher.final
if ciphertext == CIPHERTEXT
puts "OK!"
else
puts "FAILED!"
end
puts "test decrypt : "
cipher.reset
cipher.decrypt
plaintext = cipher.update(CIPHERTEXT) << cipher.final
if plaintext == PLAINTEXT
puts "OK!"
else
puts "FAILED!"
end
Updated by sevk (kk kk) over 5 years ago
test encrypt :
FAILED!
test decrypt :
OK!
Updated by sevk (kk kk) over 5 years ago
- ruby -v changed from ruby 2.5.3p105 (2018-10-18 revision 65156) [x86_64-linux] to ruby 2.0 2.2 2.3 2.4 2.5 2.6
Updated by hsbt (Hiroshi SHIBATA) about 5 years ago
- Status changed from Open to Assigned
- Assignee set to rhenium (Kazuki Yamaguchi)
Updated by jeremyevans0 (Jeremy Evans) over 4 years ago
- Status changed from Assigned to Closed
This is because encrypt
is called after key
, which goes against the documentation. It is not specific to ECB. This is fixed by https://github.com/ruby/openssl/pull/263, which raises an exception for this broken code instead of silently failing.
Actions
Like0
Like0Like0Like0Like0Like0