Title: [917] trunk/jopenssl/src/java/org/jruby/ext/openssl/Cipher.java:
Fix for JRUBY-2187, make sure that AES doesn'
t fail when we try to set a key longer than allowed.
- Revision
- 917
- Author
- olabini
- Date
- 2008-02-27 20:09:18 -0500 (Wed, 27 Feb 2008)
Log Message
Fix for JRUBY-2187, make sure that AES doesn't fail when we try to set a key longer than allowed. Instead truncate key length.
Modified Paths
Diff
Modified: trunk/jopenssl/src/java/org/jruby/ext/openssl/Cipher.java (916 => 917)
--- trunk/jopenssl/src/java/org/jruby/ext/openssl/Cipher.java 2008-02-27 20:24:29 UTC (rev 916)
+++ trunk/jopenssl/src/java/org/jruby/ext/openssl/Cipher.java 2008-02-28 01:09:18 UTC (rev 917)
@@ -267,6 +267,14 @@
ivLen = 8;
}
}
+
+ try {
+ if((javax.crypto.Cipher.getMaxAllowedKeyLength(name)/8) < keyLen) {
+ keyLen = javax.crypto.Cipher.getMaxAllowedKeyLength(name)/8;
+ }
+ } catch(Exception e) {
+ // I hate checked exceptions
+ }
return this;
}
@@ -466,8 +474,8 @@
ciphInited = true;
try {
- assert key.length * 8 == keyLen : "Key wrong length";
- assert iv.length * 8 == ivLen : "IV wrong length";
+ assert (key.length * 8 == keyLen) || (key.length == keyLen) : "Key wrong length";
+ assert (iv.length * 8 == ivLen) || (iv.length == ivLen): "IV wrong length";
if(!"ECB".equalsIgnoreCase(cryptoMode) && this.iv != null) {
this.ciph.init(encryptMode ? javax.crypto.Cipher.ENCRYPT_MODE : javax.crypto.Cipher.DECRYPT_MODE, new SimpleSecretKey(this.key), new IvParameterSpec(this.iv));
} else {
_______________________________________________
Jruby-extras-devel mailing list
[email protected]
http://rubyforge.org/mailman/listinfo/jruby-extras-devel
