From 822318552d505b224f6b0db7d09172423d598a04 Mon Sep 17 00:00:00 2001
From: Jeff Dwyer <jdwyah@gmail.com>
Date: Tue, 7 Oct 2025 08:13:27 -0400
Subject: [PATCH 1/2] fix vulnerability to SSL truncation attack

---
 lib/reforge/encryption.rb | 21 +++++++++++++++------
 1 file changed, 15 insertions(+), 6 deletions(-)

diff --git a/lib/reforge/encryption.rb b/lib/reforge/encryption.rb
index 4954cd0..b84f817 100644
--- a/lib/reforge/encryption.rb
+++ b/lib/reforge/encryption.rb
@@ -4,6 +4,7 @@ module Reforge
   class Encryption
     CIPHER_TYPE = "aes-256-gcm" # 32/12
     SEPARATOR = "--"
+    AUTH_TAG_LENGTH = 16
 
     # Hexadecimal format ensures that generated keys are representable with
     # plain text
@@ -32,22 +33,30 @@ def encrypt(clear_text)
       encrypted = cipher.update(clear_text)
       encrypted << cipher.final
       tag = cipher.auth_tag
-
+      
       # pack and join
       [encrypted, iv, tag].map { |p| p.unpack("H*")[0] }.join(SEPARATOR)
     end
 
     def decrypt(encrypted_string)
-      unpacked_parts = encrypted_string.split(SEPARATOR).map { |p| [p].pack("H*") }
+      encrypted_data, iv, auth_tag = encrypted_string.split(SEPARATOR).map { |p| [p].pack("H*") }
+      
+      # Currently the OpenSSL bindings do not raise an error if auth_tag is
+      # truncated, which would allow an attacker to easily forge it. See
+      # https://github.com/ruby/openssl/issues/63
+      if auth_tag.bytesize != AUTH_TAG_LENGTH
+        raise "truncated auth_tag"
+      end
 
       cipher = OpenSSL::Cipher.new(CIPHER_TYPE)
       cipher.decrypt
       cipher.key = @key
-      cipher.iv = unpacked_parts[1]
-      cipher.auth_tag = unpacked_parts[2]
-
+      cipher.iv = iv
+  
+      cipher.auth_tag = auth_tag
+     
       # and decrypt it
-      decrypted = cipher.update(unpacked_parts[0])
+      decrypted = cipher.update(encrypted_data)
       decrypted << cipher.final
       decrypted
     end

From b0ad318cac1d298bf7393b939aa89d492755c385 Mon Sep 17 00:00:00 2001
From: Jeff Dwyer <jdwyah@gmail.com>
Date: Tue, 7 Oct 2025 08:15:12 -0400
Subject: [PATCH 2/2] 1.11.2

---
 CHANGELOG.md        | 4 ++++
 VERSION             | 2 +-
 sdk-reforge.gemspec | 6 +++---
 3 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d1a5c9c..2043dfd 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Changelog
 
+## 1.11.2 - 2025-10-07
+
+- Address OpenSSL issue with vulnerability to truncation attack
+
 ## 1.11.1 - 2025-10-06
 
 - quiet logging for SSE reconnections
diff --git a/VERSION b/VERSION
index 720c738..0c9cb69 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-1.11.1
+1.11.2
\ No newline at end of file
diff --git a/sdk-reforge.gemspec b/sdk-reforge.gemspec
index 1eee29a..09394eb 100644
--- a/sdk-reforge.gemspec
+++ b/sdk-reforge.gemspec
@@ -2,16 +2,16 @@
 # DO NOT EDIT THIS FILE DIRECTLY
 # Instead, edit Juwelier::Tasks in Rakefile, and run 'rake gemspec'
 # -*- encoding: utf-8 -*-
-# stub: sdk-reforge 1.11.1 ruby lib
+# stub: sdk-reforge 1.11.2 ruby lib
 
 Gem::Specification.new do |s|
   s.name = "sdk-reforge".freeze
-  s.version = "1.11.1"
+  s.version = "1.11.2"
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0".freeze) if s.respond_to? :required_rubygems_version=
   s.require_paths = ["lib".freeze]
   s.authors = ["Jeff Dwyer".freeze]
-  s.date = "2025-10-06"
+  s.date = "2025-10-07"
   s.description = "Feature Flags, Live Config as a service".freeze
   s.email = "jeff.dwyer@reforge.com.cloud".freeze
   s.extra_rdoc_files = [