diff options
| author | Kazuki Yamaguchi <[email protected]> | 2024-09-05 19:45:31 +0900 |
|---|---|---|
| committer | git <[email protected]> | 2024-10-31 08:31:16 +0000 |
| commit | 27d77a9c73009c94864214c684faac38278398c2 () | |
| tree | 976194f0319b2d24a9c7ae2b71b13d600591a8b3 | |
| parent | 339a8dd5e7da99e82129bcb7f8191f870e0866aa (diff) | |
[ruby/openssl] pkcs7: remove default cipher from PKCS7.encrypt
Require that users explicitly specify the desired algorithm. In my opinion, we are not in a position to specify the default cipher. When OpenSSL::PKCS7.encrypt is given only two arguments, it uses "RC2-40-CBC" as the symmetric cipher algorithm. 40-bit RC2 is a US export-grade cipher and considered insecure. Although this is technically a breaking change, the impact should be minimal. Even when OpenSSL is compiled with RC2 support and the macro OPENSSL_NO_RC2 is not defined, it will not actually work on modern systems because RC2 is part of the legacy provider. https://.com/ruby/openssl/commit/439f456bfa
| -rw-r--r-- | ext/openssl/ossl_pkcs7.c | 28 | ||||
| -rw-r--r-- | test/openssl/test_pkcs7.rb | 5 |
2 files changed, 18 insertions, 15 deletions
@@ -259,7 +259,14 @@ ossl_pkcs7_s_sign(int argc, VALUE *argv, VALUE klass) /* * call-seq: - * PKCS7.encrypt(certs, data, [, cipher [, flags]]) => pkcs7 */ static VALUE ossl_pkcs7_s_encrypt(int argc, VALUE *argv, VALUE klass) @@ -273,21 +280,12 @@ ossl_pkcs7_s_encrypt(int argc, VALUE *argv, VALUE klass) PKCS7 *p7; rb_scan_args(argc, argv, "22", &certs, &data, &cipher, &flags); - if(NIL_P(cipher)){ -#if !defined(OPENSSL_NO_RC2) - ciph = EVP_rc2_40_cbc(); -#elif !defined(OPENSSL_NO_DES) - ciph = EVP_des_ede3_cbc(); -#elif !defined(OPENSSL_NO_RC2) - ciph = EVP_rc2_40_cbc(); -#elif !defined(OPENSSL_NO_AES) - ciph = EVP_EVP_aes_128_cbc(); -#else - ossl_raise(ePKCS7Error, "Must specify cipher"); -#endif - } - else ciph = ossl_evp_get_cipherbyname(cipher); flg = NIL_P(flags) ? 0 : NUM2INT(flags); ret = NewPKCS7(cPKCS7); in = ossl_obj2bio(&data); @@ -153,6 +153,11 @@ class OpenSSL::TestPKCS7 < OpenSSL::TestCase assert_equal(data, p7.decrypt(@rsa1024, @ee2_cert)) assert_equal(data, p7.decrypt(@rsa1024)) end def test_empty_signed_data_ruby_bug_19974 |