rubysl-openssl 2.2.1 → 2.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 632c3d85435c4df2102444ef385b965bbdea7b3e
-  data.tar.gz: 9463e3d090bd2637c824cbf683369014d2be2f5b
+  metadata.gz: 4d527aa0692ff6cf741dd5e8e022855cc612797c
+  data.tar.gz: a9c9310c961f1062af965b9bc87cfd70a182ae3e
 SHA512:
-  metadata.gz: 6ba772247db8461e4cbc59cb96c5ecf04a5f767c3a5de02723cba93e684d5102ace32f083e4eeb5719cf696df0700a651edaf36945d447247a82147e53d1470d
-  data.tar.gz: 131dbc5eb9a6f9a7ea7c271c63985c2a2a3b553fc8e81e240706ac0440bfa48b66d5f3578fac801aac8923967fae0f0bd7132bd0f4eff1168d5fe1ed2d13566f
+  metadata.gz: 28fd7bbf496c13cc35bb1f24ec162a21d9516b01666c5f2b9abf4277862547fbbd9fc60fb494b067a93c0167ec92a079dfad423ecac332c06e772713fa452e94
+  data.tar.gz: 8b33c0eeb9f3f028467fc08843820adc8c622a993b7df4b28015d11f05d91d0cc46a1f9e791a91bd04838d072cb1ba4c290c7c2d9494c9187316e160441531db

data/.travis.yml

@@ -4,11 +4,11 @@ env:
   - RUBYLIB=
 script: mspec spec
 rvm:
-  - 2.0.0
-  - rbx-2.2.1
+  - 2.2
+  - rbx-2
 matrix:
   exclude:
-    - rvm: 2.0.0
+    - rvm: 2.2
       env: RUBYLIB=lib
-    - rvm: rbx-2.2.1
+    - rvm: rbx-2
       env: RUBYLIB=

data/MRI_LICENSE

@@ -0,0 +1,56 @@
+Ruby is copyrighted free software by Yukihiro Matsumoto <matz@netlab.jp>.
+You can redistribute it and/or modify it under either the terms of the
+2-clause BSDL (see the file BSDL), or the conditions below:
+
+  1. You may make and give away verbatim copies of the source form of the
+     software without restriction, provided that you duplicate all of the
+     original copyright notices and associated disclaimers.
+
+  2. You may modify your copy of the software in any way, provided that
+     you do at least ONE of the following:
+
+       a) place your modifications in the Public Domain or otherwise
+          make them Freely Available, such as by posting said
+	  modifications to Usenet or an equivalent medium, or by allowing
+	  the author to include your modifications in the software.
+
+       b) use the modified software only within your corporation or
+          organization.
+
+       c) give non-standard binaries non-standard names, with
+          instructions on where to get the original software distribution.
+
+       d) make other distribution arrangements with the author.
+
+  3. You may distribute the software in object code or binary form,
+     provided that you do at least ONE of the following:
+
+       a) distribute the binaries and library files of the software,
+	  together with instructions (in the manual page or equivalent)
+	  on where to get the original distribution.
+
+       b) accompany the distribution with the machine-readable source of
+	  the software.
+
+       c) give non-standard binaries non-standard names, with
+          instructions on where to get the original software distribution.
+
+       d) make other distribution arrangements with the author.
+
+  4. You may modify and include the part of the software into any other
+     software (possibly commercial).  But some files in the distribution
+     are not written by the author, so that they are not under these terms.
+
+     For the list of those files and their copying conditions, see the
+     file LEGAL.
+
+  5. The scripts and library files supplied as input to or produced as 
+     output from the software do not automatically fall under the
+     copyright of the software, but belong to whomever generated them, 
+     and may be sold commercially, and may be aggregated with this
+     software.
+
+  6. THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR
+     IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
+     WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+     PURPOSE.

data/ext/rubysl/openssl/openssl_missing.c

@@ -1,5 +1,5 @@
 /*
- * $Id$
+ * $Id: openssl_missing.c 40625 2013-05-09 12:12:17Z akr $
  * 'OpenSSL for Ruby' project
  * Copyright (C) 2001-2002  Michal Rokos <m.rokos@sh.cvut.cz>
  * All rights reserved.

data/ext/rubysl/openssl/openssl_missing.h

@@ -1,5 +1,5 @@
 /*
- * $Id$
+ * $Id: openssl_missing.h 32230 2011-06-26 01:32:03Z emboss $
  * 'OpenSSL for Ruby' project
  * Copyright (C) 2001-2002  Michal Rokos <m.rokos@sh.cvut.cz>
  * All rights reserved.

data/ext/rubysl/openssl/ossl.c

@@ -1,5 +1,5 @@
 /*
- * $Id$
+ * $Id: ossl.c 47744 2014-09-30 05:25:32Z nobu $
  * 'OpenSSL for Ruby' project
  * Copyright (C) 2001-2002  Michal Rokos <m.rokos@sh.cvut.cz>
  * All rights reserved.
@@ -18,11 +18,12 @@ int
 string2hex(const unsigned char *buf, int buf_len, char **hexbuf, int *hexbuf_len)
 {
     static const char hex[]="0123456789abcdef";
-    int i, len = 2 * buf_len;
+    int i, len;
 
-    if (buf_len < 0 || len < buf_len) { /* PARANOIA? */
+    if (buf_len < 0 || buf_len > INT_MAX / 2) { /* PARANOIA? */
 	return -1;
     }
+    len = 2 * buf_len;
     if (!hexbuf) { /* if no buf, return calculated len */
 	if (hexbuf_len) {
 	    *hexbuf_len = len;
@@ -303,7 +304,7 @@ ossl_make_error(VALUE exc, const char *fmt, va_list args)
     e = ERR_peek_error();
 #endif
     if (fmt) {
-	str = rb_sprintf(fmt, args);
+	str = rb_vsprintf(fmt, args);
     }
     if (e) {
 	if (dOSSL == Qtrue) /* FULL INFO */
@@ -360,7 +361,7 @@ ossl_exc_new(VALUE exc, const char *fmt, ...)
  * Any errors you see here are probably due to a bug in ruby's OpenSSL implementation.
  */
 VALUE
-ossl_get_errors()
+ossl_get_errors(void)
 {
     VALUE ary;
     long e;
@@ -747,27 +748,27 @@ static void Init_ossl_locks(void)
  *
  * First set up the cipher for encryption
  *
- *   encrypter = OpenSSL::Cipher.new 'AES-128-CBC'
- *   encrypter.encrypt
- *   encrypter.pkcs5_keyivgen pass_phrase, salt
+ *   encryptor = OpenSSL::Cipher.new 'AES-128-CBC'
+ *   encryptor.encrypt
+ *   encryptor.pkcs5_keyivgen pass_phrase, salt
  *
  * Then pass the data you want to encrypt through
  *
- *   encrypted = encrypter.update 'top secret document'
- *   encrypted << encrypter.final
+ *   encrypted = encryptor.update 'top secret document'
+ *   encrypted << encryptor.final
  *
  * === Decryption
  *
  * Use a new Cipher instance set up for decryption
  *
- *   decrypter = OpenSSL::Cipher.new 'AES-128-CBC'
- *   decrypter.decrypt
- *   decrypter.pkcs5_keyivgen pass_phrase, salt
+ *   decryptor = OpenSSL::Cipher.new 'AES-128-CBC'
+ *   decryptor.decrypt
+ *   decryptor.pkcs5_keyivgen pass_phrase, salt
  *
  * Then pass the data you want to decrypt through
  *
- *   plain = decrypter.update encrypted
- *   plain << decrypter.final
+ *   plain = decryptor.update encrypted
+ *   plain << decryptor.final
  *
  * == X509 Certificates
  *
@@ -1033,7 +1034,7 @@ static void Init_ossl_locks(void)
  *
  */
 void
-Init_openssl()
+Init_openssl(void)
 {
     /*
      * Init timezone info

data/ext/rubysl/openssl/ossl.h

@@ -1,5 +1,5 @@
 /*
- * $Id$
+ * $Id: ossl.h 44582 2014-01-13 00:57:42Z nobu $
  * 'OpenSSL for Ruby' project
  * Copyright (C) 2001-2002  Michal Rokos <m.rokos@sh.cvut.cz>
  * All rights reserved.
@@ -95,15 +95,15 @@ extern VALUE eOSSLError;
  */
 #define OSSL_Check_Kind(obj, klass) do {\
   if (!rb_obj_is_kind_of((obj), (klass))) {\
-    ossl_raise(rb_eTypeError, "wrong argument (%s)! (Expected kind of %s)",\
-               rb_obj_classname(obj), RSTRING_PTR(rb_class_name(klass)));\
+    ossl_raise(rb_eTypeError, "wrong argument (%"PRIsVALUE")! (Expected kind of %"PRIsVALUE")",\
+               rb_obj_class(obj), (klass));\
   }\
 } while (0)
 
 #define OSSL_Check_Instance(obj, klass) do {\
   if (!rb_obj_is_instance_of((obj), (klass))) {\
-    ossl_raise(rb_eTypeError, "wrong argument (%s)! (Expected instance of %s)",\
-               rb_obj_classname(obj), RSTRING_PTR(rb_class_name(klass)));\
+    ossl_raise(rb_eTypeError, "wrong argument (%"PRIsVALUE")! (Expected instance of %"PRIsVALUE")",\
+               rb_obj_class(obj), (klass));\
   }\
 } while (0)
 
@@ -137,8 +137,8 @@ VALUE ossl_x509name_sk2ary(STACK_OF(X509_NAME) *names);
 VALUE ossl_buf2str(char *buf, int len);
 #define ossl_str_adjust(str, p) \
 do{\
-    int len = RSTRING_LENINT(str);\
-    int newlen = rb_long2int((p) - (unsigned char*)RSTRING_PTR(str));\
+    long len = RSTRING_LEN(str);\
+    long newlen = (long)((p) - (unsigned char*)RSTRING_PTR(str));\
     assert(newlen <= len);\
     rb_str_set_len((str), newlen);\
 }while(0)

data/ext/rubysl/openssl/ossl_asn1.c

@@ -1,5 +1,5 @@
 /*
- * $Id$
+ * $Id: ossl_asn1.c 47744 2014-09-30 05:25:32Z nobu $
  * 'OpenSSL for Ruby' team members
  * Copyright (C) 2003
  * All rights reserved.
@@ -495,7 +495,7 @@ typedef struct {
     VALUE *klass;
 } ossl_asn1_info_t;
 
-static ossl_asn1_info_t ossl_asn1_info[] = {
+static const ossl_asn1_info_t ossl_asn1_info[] = {
     { "EOC",               &cASN1EndOfContent,    },  /*  0 */
     { "BOOLEAN",           &cASN1Boolean,         },  /*  1 */
     { "INTEGER",           &cASN1Integer,         },  /*  2 */
@@ -529,7 +529,7 @@ static ossl_asn1_info_t ossl_asn1_info[] = {
     { "BMPSTRING",         &cASN1BMPString,       },  /* 30 */
 };
 
-int ossl_asn1_info_size = (sizeof(ossl_asn1_info)/sizeof(ossl_asn1_info[0]));
+enum {ossl_asn1_info_size = (sizeof(ossl_asn1_info)/sizeof(ossl_asn1_info[0]))};
 
 static VALUE class_tag_map;
 
@@ -624,7 +624,7 @@ ossl_asn1_default_tag(VALUE obj)
       	}
     	tmp_class = rb_class_superclass(tmp_class);
     }
-    ossl_raise(eASN1Error, "universal tag for %s not found",
+    ossl_raise(eASN1Error, "universal tag for %"PRIsVALUE" not found",
 	       rb_obj_class(obj));
 
     return -1; /* dummy */
@@ -1472,7 +1472,7 @@ OSSL_ASN1_IMPL_FACTORY_METHOD(Set)
 OSSL_ASN1_IMPL_FACTORY_METHOD(EndOfContent)
 
 void
-Init_ossl_asn1()
+Init_ossl_asn1(void)
 {
     VALUE ary;
     int i;

data/ext/rubysl/openssl/ossl_asn1.h

@@ -1,5 +1,5 @@
 /*
- * $Id$
+ * $Id: ossl_asn1.h 27437 2010-04-22 08:04:13Z nobu $
  * 'OpenSSL for Ruby' team members
  * Copyright (C) 2003
  * All rights reserved.

data/ext/rubysl/openssl/ossl_bio.c

@@ -1,5 +1,5 @@
 /*
- * $Id$
+ * $Id: ossl_bio.c 47042 2014-08-03 01:56:01Z nobu $
  * 'OpenSSL for Ruby' team members
  * Copyright (C) 2003
  * All rights reserved.
@@ -18,7 +18,7 @@ ossl_obj2bio(VALUE obj)
 {
     BIO *bio;
 
-    if (TYPE(obj) == T_FILE) {
+    if (RB_TYPE_P(obj, T_FILE)) {
 	rb_io_t *fptr;
 	FILE *fp;
 	int fd;

data/ext/rubysl/openssl/ossl_bio.h

@@ -1,5 +1,5 @@
 /*
- * $Id$
+ * $Id: ossl_bio.h 25189 2009-10-02 12:04:37Z akr $
  * 'OpenSSL for Ruby' team members
  * Copyright (C) 2003
  * All rights reserved.

data/ext/rubysl/openssl/ossl_bn.c

@@ -1,5 +1,5 @@
 /*
- * $Id$
+ * $Id: ossl_bn.c 48662 2014-12-01 06:38:04Z nobu $
  * 'OpenSSL for Ruby' project
  * Copyright (C) 2001-2002  Technorama team <oss-ruby@technorama.net>
  * All rights reserved.
@@ -15,11 +15,11 @@
   if (!(bn)) { \
     ossl_raise(rb_eRuntimeError, "BN wasn't initialized!"); \
   } \
-  (obj) = Data_Wrap_Struct((klass), 0, BN_clear_free, (bn)); \
+  (obj) = TypedData_Wrap_Struct((klass), &ossl_bn_type, (bn)); \
 } while (0)
 
 #define GetBN(obj, bn) do { \
-  Data_Get_Struct((obj), BIGNUM, (bn)); \
+  TypedData_Get_Struct((obj), BIGNUM, &ossl_bn_type, (bn)); \
   if (!(bn)) { \
     ossl_raise(rb_eRuntimeError, "BN wasn't initialized!"); \
   } \
@@ -30,6 +30,25 @@
   GetBN((obj), (bn)); \
 } while (0)
 
+static void
+ossl_bn_free(void *ptr)
+{
+    BN_clear_free(ptr);
+}
+
+static size_t
+ossl_bn_size(const void *ptr)
+{
+    return sizeof(BIGNUM);
+}
+
+static const rb_data_type_t ossl_bn_type = {
+    "OpenSSL/BN",
+    {0, ossl_bn_free, ossl_bn_size,},
+    0, 0,
+    RUBY_TYPED_FREE_IMMEDIATELY,
+};
+
 /*
  * Classes
  */
@@ -140,19 +159,24 @@ ossl_bn_initialize(int argc, VALUE *argv, VALUE self)
 	return self;
     }
     else if (RB_TYPE_P(str, T_BIGNUM)) {
-        int len = rb_big_bytes_used(str);
-        unsigned char* bin = (unsigned char*)XMALLOC(len);
+        size_t len = rb_absint_size(str, NULL);
+	unsigned char *bin;
+	VALUE buf;
+        int sign;
 
-        rb_big_pack(str, (unsigned long*)bin, len / sizeof(long));
+        if (INT_MAX < len) {
+            rb_raise(eBNError, "bignum too long");
+        }
+        bin = (unsigned char*)ALLOCV_N(unsigned char, buf, len);
+        sign = rb_integer_pack(str, bin, len, 1, 0, INTEGER_PACK_BIG_ENDIAN);
 
-        GetBN(self, bn);
-	if (!BN_bin2bn(bin, len, bn)) {
-	    XFREE(bin);
+	GetBN(self, bn);
+	if (!BN_bin2bn(bin, (int)len, bn)) {
+	    ALLOCV_END(buf);
 	    ossl_raise(eBNError, NULL);
 	}
-        XFREE(bin);
-
-	if (!RBIGNUM_SIGN(str)) BN_set_negative(bn, 1);
+	ALLOCV_END(buf);
+	if (sign < 0) BN_set_negative(bn, 1);
 	return self;
     }
     if (RTEST(rb_obj_is_kind_of(str, cBN))) {
@@ -768,7 +792,7 @@ ossl_bn_is_prime_fasttest(int argc, VALUE *argv, VALUE self)
  * (NOTE: ordering of methods is the same as in 'man bn')
  */
 void
-Init_ossl_bn()
+Init_ossl_bn(void)
 {
 #if 0
     mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */

data/ext/rubysl/openssl/ossl_bn.h

@@ -1,5 +1,5 @@
 /*
- * $Id$
+ * $Id: ossl_bn.h 25189 2009-10-02 12:04:37Z akr $
  * 'OpenSSL for Ruby' project
  * Copyright (C) 2001-2002  Michal Rokos <m.rokos@sh.cvut.cz>
  * All rights reserved.

data/ext/rubysl/openssl/ossl_cipher.c

@@ -1,5 +1,5 @@
 /*
- * $Id$
+ * $Id: ossl_cipher.c 48923 2014-12-23 02:42:16Z nobu $
  * 'OpenSSL for Ruby' project
  * Copyright (C) 2001-2002  Michal Rokos <m.rokos@sh.cvut.cz>
  * All rights reserved.
@@ -11,13 +11,13 @@
 #include "ossl.h"
 
 #define WrapCipher(obj, klass, ctx) \
-    (obj) = Data_Wrap_Struct((klass), 0, ossl_cipher_free, (ctx))
+    (obj) = TypedData_Wrap_Struct((klass), &ossl_cipher_type, (ctx))
 #define MakeCipher(obj, klass, ctx) \
-    (obj) = Data_Make_Struct((klass), EVP_CIPHER_CTX, 0, ossl_cipher_free, (ctx))
+    (obj) = TypedData_Make_Struct((klass), EVP_CIPHER_CTX, &ossl_cipher_type, (ctx))
 #define AllocCipher(obj, ctx) \
-    memset(DATA_PTR(obj) = (ctx) = ALLOC(EVP_CIPHER_CTX), 0, sizeof(EVP_CIPHER_CTX))
+    (DATA_PTR(obj) = (ctx) = ZALLOC(EVP_CIPHER_CTX))
 #define GetCipherInit(obj, ctx) do { \
-    Data_Get_Struct((obj), EVP_CIPHER_CTX, (ctx)); \
+    TypedData_Get_Struct((obj), EVP_CIPHER_CTX, &ossl_cipher_type, (ctx)); \
 } while (0)
 #define GetCipher(obj, ctx) do { \
     GetCipherInit((obj), (ctx)); \
@@ -37,6 +37,15 @@ VALUE cCipher;
 VALUE eCipherError;
 
 static VALUE ossl_cipher_alloc(VALUE klass);
+static void ossl_cipher_free(void *ptr);
+static size_t ossl_cipher_memsize(const void *ptr);
+
+static const rb_data_type_t ossl_cipher_type = {
+    "OpenSSL/Cipher",
+    {0, ossl_cipher_free, ossl_cipher_memsize,},
+    0, 0,
+    RUBY_TYPED_FREE_IMMEDIATELY,
+};
 
 /*
  * PUBLIC
@@ -70,14 +79,22 @@ ossl_cipher_new(const EVP_CIPHER *cipher)
  * PRIVATE
  */
 static void
-ossl_cipher_free(EVP_CIPHER_CTX *ctx)
+ossl_cipher_free(void *ptr)
 {
+    EVP_CIPHER_CTX *ctx = ptr;
     if (ctx) {
 	EVP_CIPHER_CTX_cleanup(ctx);
 	ruby_xfree(ctx);
     }
 }
 
+static size_t
+ossl_cipher_memsize(const void *ptr)
+{
+    const EVP_CIPHER_CTX *ctx = ptr;
+    return ctx ? sizeof(*ctx) : 0;
+}
+
 static VALUE
 ossl_cipher_alloc(VALUE klass)
 {
@@ -158,7 +175,7 @@ add_cipher_name_to_ary(const OBJ_NAME *name, VALUE ary)
 #ifdef HAVE_OBJ_NAME_DO_ALL_SORTED
 /*
  *  call-seq:
- *     Cipher.ciphers -> array[string...]
+ *     OpenSSL::Cipher.ciphers -> array[string...]
  *
  *  Returns the names of all available ciphers in an array.
  */
@@ -183,7 +200,7 @@ ossl_s_ciphers(VALUE self)
  *     cipher.reset -> self
  *
  *  Fully resets the internal state of the Cipher. By using this, the same
- *  Cipher instance may be used several times for en- or decryption tasks.
+ *  Cipher instance may be used several times for encryption or decryption tasks.
  *
  *  Internally calls EVP_CipherInit_ex(ctx, NULL, NULL, NULL, NULL, -1).
  */
@@ -214,8 +231,8 @@ ossl_cipher_init(int argc, VALUE *argv, VALUE self, int mode)
 	 * keeping this behaviour for backward compatibility.
 	 */
 	VALUE cname  = rb_class_path(rb_obj_class(self));
-	rb_warn("arguments for %s#encrypt and %s#decrypt were deprecated; "
-                "use %s#pkcs5_keyivgen to derive key and IV",
+	rb_warn("arguments for %"PRIsVALUE"#encrypt and %"PRIsVALUE"#decrypt were deprecated; "
+                "use %"PRIsVALUE"#pkcs5_keyivgen to derive key and IV",
                 cname, cname, cname);
 	StringValue(pass);
 	GetCipher(self, ctx);
@@ -329,6 +346,33 @@ ossl_cipher_pkcs5_keyivgen(int argc, VALUE *argv, VALUE self)
     return Qnil;
 }
 
+static int
+ossl_cipher_update_long(EVP_CIPHER_CTX *ctx, unsigned char *out, long *out_len_ptr,
+			const unsigned char *in, long in_len)
+{
+    int out_part_len;
+    long out_len = 0;
+#define UPDATE_LENGTH_LIMIT INT_MAX
+
+#if SIZEOF_LONG > UPDATE_LENGTH_LIMIT
+    if (in_len > UPDATE_LENGTH_LIMIT) {
+	const int in_part_len = (UPDATE_LENGTH_LIMIT / 2 + 1) & ~1;
+	do {
+	    if (!EVP_CipherUpdate(ctx, out ? (out + out_len) : 0,
+				  &out_part_len, in, in_part_len))
+		return 0;
+	    out_len += out_part_len;
+	    in += in_part_len;
+	} while ((in_len -= in_part_len) > UPDATE_LENGTH_LIMIT);
+    }
+#endif
+    if (!EVP_CipherUpdate(ctx, out ? (out + out_len) : 0,
+			  &out_part_len, in, (int)in_len))
+	return 0;
+    if (out_len_ptr) *out_len_ptr = out_len += out_part_len;
+    return 1;
+}
+
 /*
  *  call-seq:
  *     cipher.update(data [, buffer]) -> string or buffer
@@ -347,17 +391,21 @@ ossl_cipher_update(int argc, VALUE *argv, VALUE self)
 {
     EVP_CIPHER_CTX *ctx;
     unsigned char *in;
-    int in_len, out_len;
+    long in_len, out_len;
     VALUE data, str;
 
     rb_scan_args(argc, argv, "11", &data, &str);
 
     StringValue(data);
     in = (unsigned char *)RSTRING_PTR(data);
-    if ((in_len = RSTRING_LENINT(data)) == 0)
+    if ((in_len = RSTRING_LEN(data)) == 0)
         ossl_raise(rb_eArgError, "data must not be empty");
     GetCipher(self, ctx);
     out_len = in_len+EVP_CIPHER_CTX_block_size(ctx);
+    if (out_len <= 0) {
+	ossl_raise(rb_eRangeError,
+		   "data too big to make output buffer: %ld bytes", in_len);
+    }
 
     if (NIL_P(str)) {
         str = rb_str_new(0, out_len);
@@ -366,7 +414,7 @@ ossl_cipher_update(int argc, VALUE *argv, VALUE self)
         rb_str_resize(str, out_len);
     }
 
-    if (!EVP_CipherUpdate(ctx, (unsigned char *)RSTRING_PTR(str), &out_len, in, in_len))
+    if (!ossl_cipher_update_long(ctx, (unsigned char *)RSTRING_PTR(str), &out_len, in, in_len))
 	ossl_raise(eCipherError, NULL);
     assert(out_len < RSTRING_LEN(str));
     rb_str_set_len(str, out_len);
@@ -506,17 +554,16 @@ ossl_cipher_set_auth_data(VALUE self, VALUE data)
 {
     EVP_CIPHER_CTX *ctx;
     unsigned char *in;
-    int in_len;
-    int out_len;
+    long in_len, out_len;
 
     StringValue(data);
 
     in = (unsigned char *) RSTRING_PTR(data);
-    in_len = RSTRING_LENINT(data);
+    in_len = RSTRING_LEN(data);
 
     GetCipher(self, ctx);
 
-    if (!EVP_CipherUpdate(ctx, NULL, &out_len, in, in_len))
+    if (!ossl_cipher_update_long(ctx, NULL, &out_len, in, in_len))
         ossl_raise(eCipherError, "couldn't set additional authenticated data");
 
     return data;