openssl 2.2.1 → 3.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (46) hide show
  1. checksums.yaml +4 -4
  2. data/CONTRIBUTING.md +32 -44
  3. data/History.md +103 -1
  4. data/ext/openssl/extconf.rb +24 -26
  5. data/ext/openssl/openssl_missing.c +0 -66
  6. data/ext/openssl/openssl_missing.h +26 -45
  7. data/ext/openssl/ossl.c +59 -46
  8. data/ext/openssl/ossl.h +20 -6
  9. data/ext/openssl/ossl_asn1.c +16 -4
  10. data/ext/openssl/ossl_bn.c +188 -126
  11. data/ext/openssl/ossl_cipher.c +11 -11
  12. data/ext/openssl/ossl_config.c +412 -41
  13. data/ext/openssl/ossl_config.h +4 -7
  14. data/ext/openssl/ossl_digest.c +9 -9
  15. data/ext/openssl/ossl_engine.c +16 -15
  16. data/ext/openssl/ossl_hmac.c +48 -135
  17. data/ext/openssl/ossl_kdf.c +8 -0
  18. data/ext/openssl/ossl_ocsp.c +3 -51
  19. data/ext/openssl/ossl_pkcs12.c +21 -3
  20. data/ext/openssl/ossl_pkcs7.c +42 -59
  21. data/ext/openssl/ossl_pkey.c +1102 -191
  22. data/ext/openssl/ossl_pkey.h +35 -72
  23. data/ext/openssl/ossl_pkey_dh.c +124 -334
  24. data/ext/openssl/ossl_pkey_dsa.c +93 -398
  25. data/ext/openssl/ossl_pkey_ec.c +126 -318
  26. data/ext/openssl/ossl_pkey_rsa.c +100 -487
  27. data/ext/openssl/ossl_ssl.c +256 -355
  28. data/ext/openssl/ossl_ssl_session.c +24 -29
  29. data/ext/openssl/ossl_ts.c +35 -20
  30. data/ext/openssl/ossl_x509.c +0 -6
  31. data/ext/openssl/ossl_x509cert.c +164 -8
  32. data/ext/openssl/ossl_x509crl.c +10 -7
  33. data/ext/openssl/ossl_x509ext.c +1 -2
  34. data/ext/openssl/ossl_x509name.c +9 -2
  35. data/ext/openssl/ossl_x509req.c +10 -7
  36. data/ext/openssl/ossl_x509store.c +154 -70
  37. data/lib/openssl/buffering.rb +9 -0
  38. data/lib/openssl/hmac.rb +65 -0
  39. data/lib/openssl/pkey.rb +417 -0
  40. data/lib/openssl/ssl.rb +7 -7
  41. data/lib/openssl/version.rb +1 -1
  42. data/lib/openssl/x509.rb +22 -0
  43. data/lib/openssl.rb +0 -1
  44. metadata +4 -76
  45. data/ext/openssl/ruby_missing.h +0 -24
  46. data/lib/openssl/config.rb +0 -501
@@ -10,7 +10,7 @@
10
10
  /* modified by Michal Rokos <m.rokos@sh.cvut.cz> */
11
11
  #include "ossl.h"
12
12
 
13
- #if HAVE_RB_EXT_RACTOR_SAFE
13
+ #ifdef HAVE_RB_EXT_RACTOR_SAFE
14
14
  #include <ruby/ractor.h>
15
15
  #endif
16
16
 
@@ -155,7 +155,7 @@ ossl_bn_value_ptr(volatile VALUE *ptr)
155
155
  * Private
156
156
  */
157
157
 
158
- #if HAVE_RB_EXT_RACTOR_SAFE
158
+ #ifdef HAVE_RB_EXT_RACTOR_SAFE
159
159
  void
160
160
  ossl_bn_ctx_free(void *ptr)
161
161
  {
@@ -223,12 +223,29 @@ ossl_bn_alloc(VALUE klass)
223
223
 
224
224
  /*
225
225
  * call-seq:
226
- * OpenSSL::BN.new(bn) => aBN
227
- * OpenSSL::BN.new(integer) => aBN
228
- * OpenSSL::BN.new(string) => aBN
229
- * OpenSSL::BN.new(string, 0 | 2 | 10 | 16) => aBN
226
+ * OpenSSL::BN.new(bn) -> aBN
227
+ * OpenSSL::BN.new(integer) -> aBN
228
+ * OpenSSL::BN.new(string, base = 10) -> aBN
229
+ *
230
+ * Construct a new \OpenSSL BIGNUM object.
231
+ *
232
+ * If +bn+ is an Integer or OpenSSL::BN, a new instance of OpenSSL::BN
233
+ * representing the same value is returned. See also Integer#to_bn for the
234
+ * short-hand.
230
235
  *
231
- * Construct a new OpenSSL BIGNUM object.
236
+ * If a String is given, the content will be parsed according to +base+.
237
+ *
238
+ * +string+::
239
+ * The string to be parsed.
240
+ * +base+::
241
+ * The format. Must be one of the following:
242
+ * - +0+ - MPI format. See the man page BN_mpi2bn(3) for details.
243
+ * - +2+ - Variable-length and big-endian binary encoding of a positive
244
+ * number.
245
+ * - +10+ - Decimal number representation, with a leading '-' for a negative
246
+ * number.
247
+ * - +16+ - Hexadeciaml number representation, with a leading '-' for a
248
+ * negative number.
232
249
  */
233
250
  static VALUE
234
251
  ossl_bn_initialize(int argc, VALUE *argv, VALUE self)
@@ -296,16 +313,21 @@ ossl_bn_initialize(int argc, VALUE *argv, VALUE self)
296
313
 
297
314
  /*
298
315
  * call-seq:
299
- * bn.to_s => string
300
- * bn.to_s(base) => string
316
+ * bn.to_s(base = 10) -> string
301
317
  *
302
- * === Parameters
303
- * * _base_ - Integer
304
- * Valid values:
305
- * * 0 - MPI
306
- * * 2 - binary
307
- * * 10 - the default
308
- * * 16 - hex
318
+ * Returns the string representation of the bignum.
319
+ *
320
+ * BN.new can parse the encoded string to convert back into an OpenSSL::BN.
321
+ *
322
+ * +base+::
323
+ * The format. Must be one of the following:
324
+ * - +0+ - MPI format. See the man page BN_bn2mpi(3) for details.
325
+ * - +2+ - Variable-length and big-endian binary encoding. The sign of
326
+ * the bignum is ignored.
327
+ * - +10+ - Decimal number representation, with a leading '-' for a negative
328
+ * bignum.
329
+ * - +16+ - Hexadeciaml number representation, with a leading '-' for a
330
+ * negative bignum.
309
331
  */
310
332
  static VALUE
311
333
  ossl_bn_to_s(int argc, VALUE *argv, VALUE self)
@@ -770,78 +792,64 @@ BIGNUM_SELF_SHIFT(lshift)
770
792
  */
771
793
  BIGNUM_SELF_SHIFT(rshift)
772
794
 
773
- #define BIGNUM_RAND(func) \
774
- static VALUE \
775
- ossl_bn_s_##func(int argc, VALUE *argv, VALUE klass) \
776
- { \
777
- BIGNUM *result; \
778
- int bottom = 0, top = 0, b; \
779
- VALUE bits, fill, odd, obj; \
780
- \
781
- switch (rb_scan_args(argc, argv, "12", &bits, &fill, &odd)) { \
782
- case 3: \
783
- bottom = (odd == Qtrue) ? 1 : 0; \
784
- /* FALLTHROUGH */ \
785
- case 2: \
786
- top = NUM2INT(fill); \
787
- } \
788
- b = NUM2INT(bits); \
789
- obj = NewBN(klass); \
790
- if (!(result = BN_new())) { \
791
- ossl_raise(eBNError, NULL); \
792
- } \
793
- if (BN_##func(result, b, top, bottom) <= 0) { \
794
- BN_free(result); \
795
- ossl_raise(eBNError, NULL); \
796
- } \
797
- SetBN(obj, result); \
798
- return obj; \
799
- }
800
-
801
- /*
802
- * Document-method: OpenSSL::BN.rand
803
- * BN.rand(bits [, fill [, odd]]) -> aBN
804
- */
805
- BIGNUM_RAND(rand)
806
-
807
- /*
808
- * Document-method: OpenSSL::BN.pseudo_rand
809
- * BN.pseudo_rand(bits [, fill [, odd]]) -> aBN
810
- */
811
- BIGNUM_RAND(pseudo_rand)
812
-
813
- #define BIGNUM_RAND_RANGE(func) \
814
- static VALUE \
815
- ossl_bn_s_##func##_range(VALUE klass, VALUE range) \
816
- { \
817
- BIGNUM *bn = GetBNPtr(range), *result; \
818
- VALUE obj = NewBN(klass); \
819
- if (!(result = BN_new())) { \
820
- ossl_raise(eBNError, NULL); \
821
- } \
822
- if (BN_##func##_range(result, bn) <= 0) { \
823
- BN_free(result); \
824
- ossl_raise(eBNError, NULL); \
825
- } \
826
- SetBN(obj, result); \
827
- return obj; \
828
- }
829
-
830
795
  /*
831
- * Document-method: OpenSSL::BN.rand_range
832
796
  * call-seq:
833
- * BN.rand_range(range) -> aBN
797
+ * BN.rand(bits [, fill [, odd]]) -> aBN
798
+ *
799
+ * Generates a cryptographically strong pseudo-random number of +bits+.
834
800
  *
801
+ * See also the man page BN_rand(3).
835
802
  */
836
- BIGNUM_RAND_RANGE(rand)
803
+ static VALUE
804
+ ossl_bn_s_rand(int argc, VALUE *argv, VALUE klass)
805
+ {
806
+ BIGNUM *result;
807
+ int bottom = 0, top = 0, b;
808
+ VALUE bits, fill, odd, obj;
809
+
810
+ switch (rb_scan_args(argc, argv, "12", &bits, &fill, &odd)) {
811
+ case 3:
812
+ bottom = (odd == Qtrue) ? 1 : 0;
813
+ /* FALLTHROUGH */
814
+ case 2:
815
+ top = NUM2INT(fill);
816
+ }
817
+ b = NUM2INT(bits);
818
+ obj = NewBN(klass);
819
+ if (!(result = BN_new())) {
820
+ ossl_raise(eBNError, "BN_new");
821
+ }
822
+ if (BN_rand(result, b, top, bottom) <= 0) {
823
+ BN_free(result);
824
+ ossl_raise(eBNError, "BN_rand");
825
+ }
826
+ SetBN(obj, result);
827
+ return obj;
828
+ }
837
829
 
838
830
  /*
839
- * Document-method: OpenSSL::BN.pseudo_rand_range
840
831
  * call-seq:
841
- * BN.pseudo_rand_range(range) -> aBN
832
+ * BN.rand_range(range) -> aBN
842
833
  *
834
+ * Generates a cryptographically strong pseudo-random number in the range
835
+ * 0...+range+.
836
+ *
837
+ * See also the man page BN_rand_range(3).
843
838
  */
844
- BIGNUM_RAND_RANGE(pseudo_rand)
839
+ static VALUE
840
+ ossl_bn_s_rand_range(VALUE klass, VALUE range)
841
+ {
842
+ BIGNUM *bn = GetBNPtr(range), *result;
843
+ VALUE obj = NewBN(klass);
844
+ if (!(result = BN_new()))
845
+ ossl_raise(eBNError, "BN_new");
846
+ if (BN_rand_range(result, bn) <= 0) {
847
+ BN_free(result);
848
+ ossl_raise(eBNError, "BN_rand_range");
849
+ }
850
+ SetBN(obj, result);
851
+ return obj;
852
+ }
845
853
 
846
854
  /*
847
855
  * call-seq:
@@ -936,7 +944,17 @@ ossl_bn_copy(VALUE self, VALUE other)
936
944
  static VALUE
937
945
  ossl_bn_uplus(VALUE self)
938
946
  {
939
- return self;
947
+ VALUE obj;
948
+ BIGNUM *bn1, *bn2;
949
+
950
+ GetBN(self, bn1);
951
+ obj = NewBN(cBN);
952
+ bn2 = BN_dup(bn1);
953
+ if (!bn2)
954
+ ossl_raise(eBNError, "BN_dup");
955
+ SetBN(obj, bn2);
956
+
957
+ return obj;
940
958
  }
941
959
 
942
960
  /*
@@ -960,6 +978,24 @@ ossl_bn_uminus(VALUE self)
960
978
  return obj;
961
979
  }
962
980
 
981
+ /*
982
+ * call-seq:
983
+ * bn.abs -> aBN
984
+ */
985
+ static VALUE
986
+ ossl_bn_abs(VALUE self)
987
+ {
988
+ BIGNUM *bn1;
989
+
990
+ GetBN(self, bn1);
991
+ if (BN_is_negative(bn1)) {
992
+ return ossl_bn_uminus(self);
993
+ }
994
+ else {
995
+ return ossl_bn_uplus(self);
996
+ }
997
+ }
998
+
963
999
  #define BIGNUM_CMP(func) \
964
1000
  static VALUE \
965
1001
  ossl_bn_##func(VALUE self, VALUE other) \
@@ -1068,34 +1104,29 @@ ossl_bn_hash(VALUE self)
1068
1104
  * bn.prime? => true | false
1069
1105
  * bn.prime?(checks) => true | false
1070
1106
  *
1071
- * Performs a Miller-Rabin probabilistic primality test with _checks_
1072
- * iterations. If _checks_ is not specified, a number of iterations is used
1073
- * that yields a false positive rate of at most 2^-80 for random input.
1107
+ * Performs a Miller-Rabin probabilistic primality test for +bn+.
1074
1108
  *
1075
- * === Parameters
1076
- * * _checks_ - integer
1109
+ * <b>+checks+ parameter is deprecated in version 3.0.</b> It has no effect.
1077
1110
  */
1078
1111
  static VALUE
1079
1112
  ossl_bn_is_prime(int argc, VALUE *argv, VALUE self)
1080
1113
  {
1081
1114
  BIGNUM *bn;
1082
- VALUE vchecks;
1083
- int checks = BN_prime_checks;
1115
+ int ret;
1084
1116
 
1085
- if (rb_scan_args(argc, argv, "01", &vchecks) == 1) {
1086
- checks = NUM2INT(vchecks);
1087
- }
1117
+ rb_check_arity(argc, 0, 1);
1088
1118
  GetBN(self, bn);
1089
- switch (BN_is_prime_ex(bn, checks, ossl_bn_ctx, NULL)) {
1090
- case 1:
1091
- return Qtrue;
1092
- case 0:
1093
- return Qfalse;
1094
- default:
1095
- ossl_raise(eBNError, NULL);
1096
- }
1097
- /* not reachable */
1098
- return Qnil;
1119
+
1120
+ #ifdef HAVE_BN_CHECK_PRIME
1121
+ ret = BN_check_prime(bn, ossl_bn_ctx, NULL);
1122
+ if (ret < 0)
1123
+ ossl_raise(eBNError, "BN_check_prime");
1124
+ #else
1125
+ ret = BN_is_prime_fasttest_ex(bn, BN_prime_checks, ossl_bn_ctx, 1, NULL);
1126
+ if (ret < 0)
1127
+ ossl_raise(eBNError, "BN_is_prime_fasttest_ex");
1128
+ #endif
1129
+ return ret ? Qtrue : Qfalse;
1099
1130
  }
1100
1131
 
1101
1132
  /*
@@ -1104,39 +1135,52 @@ ossl_bn_is_prime(int argc, VALUE *argv, VALUE self)
1104
1135
  * bn.prime_fasttest?(checks) => true | false
1105
1136
  * bn.prime_fasttest?(checks, trial_div) => true | false
1106
1137
  *
1107
- * Performs a Miller-Rabin primality test. This is same as #prime? except this
1108
- * first attempts trial divisions with some small primes.
1138
+ * Performs a Miller-Rabin probabilistic primality test for +bn+.
1109
1139
  *
1110
- * === Parameters
1111
- * * _checks_ - integer
1112
- * * _trial_div_ - boolean
1140
+ * <b>Deprecated in version 3.0.</b> Use #prime? instead.
1141
+ *
1142
+ * +checks+ and +trial_div+ parameters no longer have any effect.
1113
1143
  */
1114
1144
  static VALUE
1115
1145
  ossl_bn_is_prime_fasttest(int argc, VALUE *argv, VALUE self)
1146
+ {
1147
+ rb_check_arity(argc, 0, 2);
1148
+ return ossl_bn_is_prime(0, argv, self);
1149
+ }
1150
+
1151
+ /*
1152
+ * call-seq:
1153
+ * bn.get_flags(flags) => flags
1154
+ *
1155
+ * Returns the flags on the BN object.
1156
+ * The argument is used as a bit mask.
1157
+ *
1158
+ * === Parameters
1159
+ * * _flags_ - integer
1160
+ */
1161
+ static VALUE
1162
+ ossl_bn_get_flags(VALUE self, VALUE arg)
1116
1163
  {
1117
1164
  BIGNUM *bn;
1118
- VALUE vchecks, vtrivdiv;
1119
- int checks = BN_prime_checks, do_trial_division = 1;
1165
+ GetBN(self, bn);
1120
1166
 
1121
- rb_scan_args(argc, argv, "02", &vchecks, &vtrivdiv);
1167
+ return INT2NUM(BN_get_flags(bn, NUM2INT(arg)));
1168
+ }
1122
1169
 
1123
- if (!NIL_P(vchecks)) {
1124
- checks = NUM2INT(vchecks);
1125
- }
1170
+ /*
1171
+ * call-seq:
1172
+ * bn.set_flags(flags) => nil
1173
+ *
1174
+ * Enables the flags on the BN object.
1175
+ * Currently, the flags argument can contain zero of OpenSSL::BN::CONSTTIME.
1176
+ */
1177
+ static VALUE
1178
+ ossl_bn_set_flags(VALUE self, VALUE arg)
1179
+ {
1180
+ BIGNUM *bn;
1126
1181
  GetBN(self, bn);
1127
- /* handle true/false */
1128
- if (vtrivdiv == Qfalse) {
1129
- do_trial_division = 0;
1130
- }
1131
- switch (BN_is_prime_fasttest_ex(bn, checks, ossl_bn_ctx, do_trial_division, NULL)) {
1132
- case 1:
1133
- return Qtrue;
1134
- case 0:
1135
- return Qfalse;
1136
- default:
1137
- ossl_raise(eBNError, NULL);
1138
- }
1139
- /* not reachable */
1182
+
1183
+ BN_set_flags(bn, NUM2INT(arg));
1140
1184
  return Qnil;
1141
1185
  }
1142
1186
 
@@ -1176,6 +1220,7 @@ Init_ossl_bn(void)
1176
1220
 
1177
1221
  rb_define_method(cBN, "+@", ossl_bn_uplus, 0);
1178
1222
  rb_define_method(cBN, "-@", ossl_bn_uminus, 0);
1223
+ rb_define_method(cBN, "abs", ossl_bn_abs, 0);
1179
1224
 
1180
1225
  rb_define_method(cBN, "+", ossl_bn_add, 1);
1181
1226
  rb_define_method(cBN, "-", ossl_bn_sub, 1);
@@ -1219,9 +1264,9 @@ Init_ossl_bn(void)
1219
1264
  * get_word */
1220
1265
 
1221
1266
  rb_define_singleton_method(cBN, "rand", ossl_bn_s_rand, -1);
1222
- rb_define_singleton_method(cBN, "pseudo_rand", ossl_bn_s_pseudo_rand, -1);
1223
1267
  rb_define_singleton_method(cBN, "rand_range", ossl_bn_s_rand_range, 1);
1224
- rb_define_singleton_method(cBN, "pseudo_rand_range", ossl_bn_s_pseudo_rand_range, 1);
1268
+ rb_define_alias(rb_singleton_class(cBN), "pseudo_rand", "rand");
1269
+ rb_define_alias(rb_singleton_class(cBN), "pseudo_rand_range", "rand_range");
1225
1270
 
1226
1271
  rb_define_singleton_method(cBN, "generate_prime", ossl_bn_s_generate_prime, -1);
1227
1272
  rb_define_method(cBN, "prime?", ossl_bn_is_prime, -1);
@@ -1238,6 +1283,23 @@ Init_ossl_bn(void)
1238
1283
  /* lshift1 - DON'T IMPL. */
1239
1284
  /* rshift1 - DON'T IMPL. */
1240
1285
 
1286
+ rb_define_method(cBN, "get_flags", ossl_bn_get_flags, 1);
1287
+ rb_define_method(cBN, "set_flags", ossl_bn_set_flags, 1);
1288
+
1289
+ #ifdef BN_FLG_CONSTTIME
1290
+ rb_define_const(cBN, "CONSTTIME", INT2NUM(BN_FLG_CONSTTIME));
1291
+ #endif
1292
+ /* BN_FLG_MALLOCED and BN_FLG_STATIC_DATA seems for C programming.
1293
+ * Allowing them leads to memory leak.
1294
+ * So, for now, they are not exported
1295
+ #ifdef BN_FLG_MALLOCED
1296
+ rb_define_const(cBN, "MALLOCED", INT2NUM(BN_FLG_MALLOCED));
1297
+ #endif
1298
+ #ifdef BN_FLG_STATIC_DATA
1299
+ rb_define_const(cBN, "STATIC_DATA", INT2NUM(BN_FLG_STATIC_DATA));
1300
+ #endif
1301
+ */
1302
+
1241
1303
  /*
1242
1304
  * bn2bin
1243
1305
  * bin2bn
@@ -104,7 +104,7 @@ ossl_cipher_alloc(VALUE klass)
104
104
  * call-seq:
105
105
  * Cipher.new(string) -> cipher
106
106
  *
107
- * The string must contain a valid cipher name like "AES-256-CBC".
107
+ * The string must contain a valid cipher name like "aes-256-cbc".
108
108
  *
109
109
  * A list of cipher names is available by calling OpenSSL::Cipher.ciphers.
110
110
  */
@@ -149,11 +149,11 @@ ossl_cipher_copy(VALUE self, VALUE other)
149
149
  return self;
150
150
  }
151
151
 
152
- static void*
153
- add_cipher_name_to_ary(const OBJ_NAME *name, VALUE ary)
152
+ static void
153
+ add_cipher_name_to_ary(const OBJ_NAME *name, void *arg)
154
154
  {
155
+ VALUE ary = (VALUE)arg;
155
156
  rb_ary_push(ary, rb_str_new2(name->name));
156
- return NULL;
157
157
  }
158
158
 
159
159
  /*
@@ -169,7 +169,7 @@ ossl_s_ciphers(VALUE self)
169
169
 
170
170
  ary = rb_ary_new();
171
171
  OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
172
- (void(*)(const OBJ_NAME*,void*))add_cipher_name_to_ary,
172
+ add_cipher_name_to_ary,
173
173
  (void*)ary);
174
174
 
175
175
  return ary;
@@ -874,7 +874,7 @@ Init_ossl_cipher(void)
874
874
  * individual components name, key length and mode. Either all uppercase
875
875
  * or all lowercase strings may be used, for example:
876
876
  *
877
- * cipher = OpenSSL::Cipher.new('AES-128-CBC')
877
+ * cipher = OpenSSL::Cipher.new('aes-128-cbc')
878
878
  *
879
879
  * === Choosing either encryption or decryption mode
880
880
  *
@@ -904,7 +904,7 @@ Init_ossl_cipher(void)
904
904
  * without processing the password further. A simple and secure way to
905
905
  * create a key for a particular Cipher is
906
906
  *
907
- * cipher = OpenSSL::Cipher.new('AES-256-CFB')
907
+ * cipher = OpenSSL::Cipher.new('aes-256-cfb')
908
908
  * cipher.encrypt
909
909
  * key = cipher.random_key # also sets the generated key on the Cipher
910
910
  *
@@ -972,14 +972,14 @@ Init_ossl_cipher(void)
972
972
  *
973
973
  * data = "Very, very confidential data"
974
974
  *
975
- * cipher = OpenSSL::Cipher.new('AES-128-CBC')
975
+ * cipher = OpenSSL::Cipher.new('aes-128-cbc')
976
976
  * cipher.encrypt
977
977
  * key = cipher.random_key
978
978
  * iv = cipher.random_iv
979
979
  *
980
980
  * encrypted = cipher.update(data) + cipher.final
981
981
  * ...
982
- * decipher = OpenSSL::Cipher.new('AES-128-CBC')
982
+ * decipher = OpenSSL::Cipher.new('aes-128-cbc')
983
983
  * decipher.decrypt
984
984
  * decipher.key = key
985
985
  * decipher.iv = iv
@@ -1015,7 +1015,7 @@ Init_ossl_cipher(void)
1015
1015
  * not to reuse the _key_ and _nonce_ pair. Reusing an nonce ruins the
1016
1016
  * security guarantees of GCM mode.
1017
1017
  *
1018
- * cipher = OpenSSL::Cipher.new('AES-128-GCM').encrypt
1018
+ * cipher = OpenSSL::Cipher.new('aes-128-gcm').encrypt
1019
1019
  * cipher.key = key
1020
1020
  * cipher.iv = nonce
1021
1021
  * cipher.auth_data = auth_data
@@ -1031,7 +1031,7 @@ Init_ossl_cipher(void)
1031
1031
  * ciphertext with a probability of 1/256.
1032
1032
  *
1033
1033
  * raise "tag is truncated!" unless tag.bytesize == 16
1034
- * decipher = OpenSSL::Cipher.new('AES-128-GCM').decrypt
1034
+ * decipher = OpenSSL::Cipher.new('aes-128-gcm').decrypt
1035
1035
  * decipher.key = key
1036
1036
  * decipher.iv = nonce
1037
1037
  * decipher.auth_tag = tag