method

auth_tag

v2_4_6 - Show latest stable - 0 notes - Class: Cipher

1_8_6_287
1_8_7_72
1_8_7_330
1_9_1_378
1_9_2_180
1_9_3_125
1_9_3_392
2_1_10 (0)
2_2_9 (0)
2_4_6 (38)
2_5_5 (0)
2_6_3 (0)
What's this?

auth_tag(p1 = v1) public

Gets the authentication tag generated by Authenticated Encryption Cipher modes (GCM for example). This tag may be stored along with the ciphertext, then set on the decryption cipher to authenticate the contents of the ciphertext against changes. If the optional integer parameter tag_len is given, the returned tag will be tag_len bytes long. If the parameter is omitted, the default length of 16 bytes or the length previously set by #auth_tag_len= will be used. For maximum security, the longest possible should be chosen.

The tag may only be retrieved after calling Cipher#final.

Show source

static VALUE
ossl_cipher_get_auth_tag(int argc, VALUE *argv, VALUE self)
{
    VALUE vtag_len, ret;
    EVP_CIPHER_CTX *ctx;
    int tag_len = 16;

    rb_scan_args(argc, argv, "01", &vtag_len);
    if (NIL_P(vtag_len))
        vtag_len = rb_attr_get(self, id_auth_tag_len);
    if (!NIL_P(vtag_len))
        tag_len = NUM2INT(vtag_len);

    GetCipher(self, ctx);

    if (!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_FLAG_AEAD_CIPHER))
        ossl_raise(eCipherError, "authentication tag not supported by this cipher");

    ret = rb_str_new(NULL, tag_len);
    if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, tag_len, RSTRING_PTR(ret)))
        ossl_raise(eCipherError, "retrieving the authentication tag failed");

    return ret;
}

auth_tag

Related methods