encryptor 1.3.0 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -3,7 +3,7 @@ module Encryptor
3
3
  module String
4
4
  # Returns a new string containing the encrypted version of itself
5
5
  def encrypt(options = {})
6
- Encryptor.encrypt(options.merge(:value => self))
6
+ Encryptor.encrypt(options.merge(value: self))
7
7
  end
8
8
 
9
9
  # Replaces the contents of a string with the encrypted version of itself
@@ -13,11 +13,11 @@ module Encryptor
13
13
 
14
14
  # Returns a new string containing the decrypted version of itself
15
15
  def decrypt(options = {})
16
- Encryptor.decrypt(options.merge(:value => self))
16
+ Encryptor.decrypt(options.merge(value: self))
17
17
  end
18
18
 
19
19
  # Replaces the contents of a string with the decrypted version of itself
20
- def decrypt!(options ={})
20
+ def decrypt!(options = {})
21
21
  replace decrypt(options)
22
22
  end
23
23
  end
@@ -1,8 +1,8 @@
1
1
  module Encryptor
2
2
  # Contains information about this gem's version
3
3
  module Version
4
- MAJOR = 1
5
- MINOR = 3
4
+ MAJOR = 2
5
+ MINOR = 0
6
6
  PATCH = 0
7
7
 
8
8
  # Returns a version string by joining <tt>MAJOR</tt>, <tt>MINOR</tt>, and <tt>PATCH</tt> with <tt>'.'</tt>
@@ -5,7 +5,7 @@ require File.expand_path('../test_helper', __FILE__)
5
5
  # for data stored in databases and allows consumers of the gem to upgrade with
6
6
  # confidence in the future.
7
7
  #
8
- class CompatibilityTest < Test::Unit::TestCase
8
+ class CompatibilityTest < Minitest::Test
9
9
  ALGORITHM = 'aes-256-cbc'
10
10
 
11
11
  def self.base64_encode(value)
@@ -21,10 +21,11 @@ class CompatibilityTest < Test::Unit::TestCase
21
21
  key = Digest::SHA256.hexdigest('my-fixed-key')
22
22
  iv = Digest::SHA256.hexdigest('my-fixed-iv')
23
23
  result = Encryptor.encrypt(
24
- :algorithm => ALGORITHM,
25
- :value => 'my-fixed-input',
26
- :key => key,
27
- :iv => iv
24
+ algorithm: ALGORITHM,
25
+ value: 'my-fixed-input',
26
+ key: key,
27
+ iv: iv,
28
+ insecure_mode: true
28
29
  )
29
30
  assert_equal 'nGuyGniksFXnMYj/eCxXKQ==', self.class.base64_encode(result)
30
31
  end
@@ -32,9 +33,10 @@ class CompatibilityTest < Test::Unit::TestCase
32
33
  def test_encrypt_without_iv
33
34
  key = Digest::SHA256.hexdigest('my-fixed-key')
34
35
  result = Encryptor.encrypt(
35
- :algorithm => ALGORITHM,
36
- :value => 'my-fixed-input',
37
- :key => key
36
+ algorithm: ALGORITHM,
37
+ value: 'my-fixed-input',
38
+ key: key,
39
+ insecure_mode: true
38
40
  )
39
41
  assert_equal 'XbwHRMFWqR5M80kgwRcEEg==', self.class.base64_encode(result)
40
42
  end
@@ -43,10 +45,11 @@ class CompatibilityTest < Test::Unit::TestCase
43
45
  key = Digest::SHA256.hexdigest('my-fixed-key')
44
46
  iv = Digest::SHA256.hexdigest('my-fixed-iv')
45
47
  result = Encryptor.decrypt(
46
- :algorithm => ALGORITHM,
47
- :value => self.class.base64_decode('nGuyGniksFXnMYj/eCxXKQ=='),
48
- :key => key,
49
- :iv => iv
48
+ algorithm: ALGORITHM,
49
+ value: self.class.base64_decode('nGuyGniksFXnMYj/eCxXKQ=='),
50
+ key: key,
51
+ iv: iv,
52
+ insecure_mode: true
50
53
  )
51
54
  assert_equal 'my-fixed-input', result
52
55
  end
@@ -54,9 +57,10 @@ class CompatibilityTest < Test::Unit::TestCase
54
57
  def test_decrypt_without_iv
55
58
  key = Digest::SHA256.hexdigest('my-fixed-key')
56
59
  result = Encryptor.decrypt(
57
- :algorithm => ALGORITHM,
58
- :value => self.class.base64_decode('XbwHRMFWqR5M80kgwRcEEg=='),
59
- :key => key
60
+ algorithm: ALGORITHM,
61
+ value: self.class.base64_decode('XbwHRMFWqR5M80kgwRcEEg=='),
62
+ key: key,
63
+ insecure_mode: true
60
64
  )
61
65
  assert_equal 'my-fixed-input', result
62
66
  end
@@ -66,11 +70,11 @@ class CompatibilityTest < Test::Unit::TestCase
66
70
  iv = Digest::SHA256.hexdigest('my-fixed-iv')
67
71
  salt = 'my-fixed-salt'
68
72
  result = Encryptor.encrypt(
69
- :algorithm => ALGORITHM,
70
- :value => 'my-fixed-input',
71
- :key => key,
72
- :iv => iv,
73
- :salt => salt
73
+ algorithm: ALGORITHM,
74
+ value: 'my-fixed-input',
75
+ key: key,
76
+ iv: iv,
77
+ salt: salt
74
78
  )
75
79
  assert_equal 'DENuQSh9b0eW8GN3YLzLGw==', self.class.base64_encode(result)
76
80
  end
@@ -80,11 +84,11 @@ class CompatibilityTest < Test::Unit::TestCase
80
84
  iv = Digest::SHA256.hexdigest('my-fixed-iv')
81
85
  salt = 'my-fixed-salt'
82
86
  result = Encryptor.decrypt(
83
- :algorithm => ALGORITHM,
84
- :value => self.class.base64_decode('DENuQSh9b0eW8GN3YLzLGw=='),
85
- :key => key,
86
- :iv => iv,
87
- :salt => salt
87
+ algorithm: ALGORITHM,
88
+ value: self.class.base64_decode('DENuQSh9b0eW8GN3YLzLGw=='),
89
+ key: key,
90
+ iv: iv,
91
+ salt: salt
88
92
  )
89
93
  assert_equal 'my-fixed-input', result
90
94
  end
@@ -0,0 +1,60 @@
1
+ require 'test_helper'
2
+
3
+ class EncryptorStringTest < Minitest::Test
4
+
5
+ original_value = StringWithEncryptor.new
6
+ key = SecureRandom.random_bytes(64)
7
+ iv = SecureRandom.random_bytes(64)
8
+ salt = Time.now.to_i.to_s
9
+ original_value << SecureRandom.random_bytes(64)
10
+ auth_data = SecureRandom.random_bytes(64)
11
+ wrong_auth_tag = SecureRandom.random_bytes(16)
12
+
13
+ OpenSSLHelper::ALGORITHMS.each do |algorithm|
14
+ encrypted_value_with_iv = StringWithEncryptor.new
15
+ encrypted_value_without_iv = StringWithEncryptor.new
16
+ encrypted_value_with_iv << Encryptor.encrypt(value: original_value, key: key, iv: iv, salt: salt, algorithm: algorithm)
17
+ encrypted_value_without_iv << Encryptor.encrypt(value: original_value, key: key, algorithm: algorithm, insecure_mode: true)
18
+
19
+ define_method "test_should_call_encrypt_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
20
+ assert_equal encrypted_value_with_iv, original_value.encrypt(key: key, iv: iv, salt: salt, algorithm: algorithm)
21
+ end
22
+
23
+ define_method "test_should_call_encrypt_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
24
+ assert_equal encrypted_value_without_iv, original_value.encrypt(key: key, algorithm: algorithm, insecure_mode: true)
25
+ end
26
+
27
+ define_method "test_should_call_decrypt_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
28
+ assert_equal original_value, encrypted_value_with_iv.decrypt(key: key, iv: iv, salt: salt, algorithm: algorithm)
29
+ end
30
+
31
+ define_method "test_should_call_decrypt_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
32
+ assert_equal original_value, encrypted_value_without_iv.decrypt(key: key, algorithm: algorithm, insecure_mode: true)
33
+ end
34
+
35
+ define_method "test_string_encrypt!_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
36
+ original_value_dup = original_value.dup
37
+ original_value_dup.encrypt!(key: key, iv: iv, salt: salt, algorithm: algorithm)
38
+ assert_equal original_value.encrypt(key: key, iv: iv, salt: salt, algorithm: algorithm), original_value_dup
39
+ end
40
+
41
+ define_method "test_string_encrypt!_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
42
+ original_value_dup = original_value.dup
43
+ original_value_dup.encrypt!(key: key, algorithm: algorithm, insecure_mode: true)
44
+ assert_equal original_value.encrypt(key: key, algorithm: algorithm, insecure_mode: true), original_value_dup
45
+ end
46
+
47
+ define_method "test_string_decrypt!_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
48
+ encrypted_value_with_iv_dup = encrypted_value_with_iv.dup
49
+ encrypted_value_with_iv_dup.decrypt!(key: key, iv: iv, salt: salt, algorithm: algorithm)
50
+ assert_equal original_value, encrypted_value_with_iv_dup
51
+ end
52
+
53
+ define_method "test_string_decrypt!_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
54
+ encrypted_value_without_iv_dup = encrypted_value_without_iv.dup
55
+ encrypted_value_without_iv_dup.decrypt!(key: key, algorithm: algorithm, insecure_mode: true)
56
+ assert_equal original_value, encrypted_value_without_iv_dup
57
+ end
58
+ end
59
+
60
+ end
@@ -1,89 +1,50 @@
1
- require File.expand_path('../test_helper', __FILE__)
2
- require File.expand_path('../openssl_helper', __FILE__)
1
+ require 'test_helper'
3
2
 
4
3
  # Tests for new preferred salted encryption mode
5
4
  #
6
- class EncryptorTest < Test::Unit::TestCase
5
+ class EncryptorTest < Minitest::Test
7
6
 
8
- key = Digest::SHA256.hexdigest(([Time.now.to_s] * rand(3)).join)
9
- iv = Digest::SHA256.hexdigest(([Time.now.to_s] * rand(3)).join)
10
- salt = Time.now.to_i.to_s
11
- original_value = Digest::SHA256.hexdigest(([Time.now.to_s] * rand(3)).join)
7
+ key = SecureRandom.random_bytes(32)
8
+ iv = SecureRandom.random_bytes(16)
9
+ salt = SecureRandom.random_bytes(16)
10
+ original_value = SecureRandom.random_bytes(64)
11
+ auth_data = SecureRandom.random_bytes(64)
12
+ wrong_auth_tag = SecureRandom.random_bytes(16)
12
13
 
13
14
  OpenSSLHelper::ALGORITHMS.each do |algorithm|
14
- encrypted_value_with_iv = Encryptor.encrypt(:value => original_value, :key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
15
- encrypted_value_without_iv = Encryptor.encrypt(:value => original_value, :key => key, :algorithm => algorithm)
15
+ encrypted_value_with_iv = Encryptor.encrypt(value: original_value, key: key, iv: iv, salt: salt, algorithm: algorithm)
16
+ encrypted_value_without_iv = Encryptor.encrypt(value: original_value, key: key, algorithm: algorithm, insecure_mode: true)
16
17
 
17
18
  define_method "test_should_crypt_with_the_#{algorithm}_algorithm_with_iv" do
18
- assert_not_equal original_value, encrypted_value_with_iv
19
- assert_not_equal encrypted_value_without_iv, encrypted_value_with_iv
20
- assert_equal original_value, Encryptor.decrypt(:value => encrypted_value_with_iv, :key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
19
+ refute_equal original_value, encrypted_value_with_iv
20
+ refute_equal encrypted_value_without_iv, encrypted_value_with_iv
21
+ assert_equal original_value, Encryptor.decrypt(value: encrypted_value_with_iv, key: key, iv: iv, salt: salt, algorithm: algorithm)
21
22
  end
22
23
 
23
24
  define_method "test_should_crypt_with_the_#{algorithm}_algorithm_without_iv" do
24
- assert_not_equal original_value, encrypted_value_without_iv
25
- assert_equal original_value, Encryptor.decrypt(:value => encrypted_value_without_iv, :key => key, :algorithm => algorithm)
25
+ refute_equal original_value, encrypted_value_without_iv
26
+ assert_equal original_value, Encryptor.decrypt(value: encrypted_value_without_iv, key: key, algorithm: algorithm, insecure_mode: true)
26
27
  end
27
28
 
28
29
  define_method "test_should_encrypt_with_the_#{algorithm}_algorithm_with_iv_with_the_first_arg_as_the_value" do
29
- assert_equal encrypted_value_with_iv, Encryptor.encrypt(original_value, :key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
30
+ assert_equal encrypted_value_with_iv, Encryptor.encrypt(original_value, key: key, iv: iv, salt: salt, algorithm: algorithm)
30
31
  end
31
32
 
32
33
  define_method "test_should_encrypt_with_the_#{algorithm}_algorithm_without_iv_with_the_first_arg_as_the_value" do
33
- assert_equal encrypted_value_without_iv, Encryptor.encrypt(original_value, :key => key, :algorithm => algorithm)
34
+ assert_equal encrypted_value_without_iv, Encryptor.encrypt(original_value, key: key, algorithm: algorithm, insecure_mode: true)
34
35
  end
35
36
 
36
37
  define_method "test_should_decrypt_with_the_#{algorithm}_algorithm_with_iv_with_the_first_arg_as_the_value" do
37
- assert_equal original_value, Encryptor.decrypt(encrypted_value_with_iv, :key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
38
+ assert_equal original_value, Encryptor.decrypt(encrypted_value_with_iv, key: key, iv: iv, salt: salt, algorithm: algorithm)
38
39
  end
39
40
 
40
41
  define_method "test_should_decrypt_with_the_#{algorithm}_algorithm_without_iv_with_the_first_arg_as_the_value" do
41
- assert_equal original_value, Encryptor.decrypt(encrypted_value_without_iv, :key => key, :algorithm => algorithm)
42
- end
43
-
44
- define_method "test_should_call_encrypt_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
45
- assert_equal encrypted_value_with_iv, original_value.encrypt(:key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
46
- end
47
-
48
- define_method "test_should_call_encrypt_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
49
- assert_equal encrypted_value_without_iv, original_value.encrypt(:key => key, :algorithm => algorithm)
50
- end
51
-
52
- define_method "test_should_call_decrypt_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
53
- assert_equal original_value, encrypted_value_with_iv.decrypt(:key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
54
- end
55
-
56
- define_method "test_should_call_decrypt_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
57
- assert_equal original_value, encrypted_value_without_iv.decrypt(:key => key, :algorithm => algorithm)
58
- end
59
-
60
- define_method "test_string_encrypt!_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
61
- original_value_dup = original_value.dup
62
- original_value_dup.encrypt!(:key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
63
- assert_equal original_value.encrypt(:key => key, :iv => iv, :salt => salt, :algorithm => algorithm), original_value_dup
64
- end
65
-
66
- define_method "test_string_encrypt!_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
67
- original_value_dup = original_value.dup
68
- original_value_dup.encrypt!(:key => key, :algorithm => algorithm)
69
- assert_equal original_value.encrypt(:key => key, :algorithm => algorithm), original_value_dup
70
- end
71
-
72
- define_method "test_string_decrypt!_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
73
- encrypted_value_with_iv_dup = encrypted_value_with_iv.dup
74
- encrypted_value_with_iv_dup.decrypt!(:key => key, :iv => iv, :salt => salt, :algorithm => algorithm)
75
- assert_equal original_value, encrypted_value_with_iv_dup
76
- end
77
-
78
- define_method "test_string_decrypt!_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
79
- encrypted_value_without_iv_dup = encrypted_value_without_iv.dup
80
- encrypted_value_without_iv_dup.decrypt!(:key => key, :algorithm => algorithm)
81
- assert_equal original_value, encrypted_value_without_iv_dup
42
+ assert_equal original_value, Encryptor.decrypt(encrypted_value_without_iv, key: key, algorithm: algorithm, insecure_mode: true)
82
43
  end
83
44
  end
84
45
 
85
46
  define_method 'test_should_use_the_default_algorithm_if_one_is_not_specified' do
86
- assert_equal Encryptor.encrypt(:value => original_value, :key => key, :algorithm => Encryptor.default_options[:algorithm]), Encryptor.encrypt(:value => original_value, :key => key)
47
+ assert_equal Encryptor.encrypt(value: original_value, key: key, salt: salt, iv: iv, algorithm: Encryptor.default_options[:algorithm]), Encryptor.encrypt(value: original_value, key: key, salt: salt, iv: iv)
87
48
  end
88
49
 
89
50
  def test_should_have_a_default_algorithm
@@ -92,17 +53,48 @@ class EncryptorTest < Test::Unit::TestCase
92
53
  end
93
54
 
94
55
  def test_should_raise_argument_error_if_key_is_not_specified
95
- assert_raises(ArgumentError) { Encryptor.encrypt('some value') }
96
- assert_raises(ArgumentError) { Encryptor.decrypt('some encrypted string') }
97
- assert_raises(ArgumentError) { Encryptor.encrypt('some value', :key => '') }
98
- assert_raises(ArgumentError) { Encryptor.decrypt('some encrypted string', :key => '') }
56
+ assert_raises(ArgumentError, "must specify a key") { Encryptor.encrypt('some value') }
57
+ assert_raises(ArgumentError, "must specify a key") { Encryptor.decrypt('some encrypted string') }
58
+ end
59
+
60
+ def test_should_raise_argument_error_if_key_is_too_short
61
+ assert_raises(ArgumentError, "key must be 32 bytes or longer") { Encryptor.encrypt('some value', key: '') }
62
+ assert_raises(ArgumentError, "key must be 32 bytes or longer") { Encryptor.decrypt('some encrypted string', key: '') }
99
63
  end
100
64
 
101
- def test_should_yield_block_with_cipher_and_options
65
+ define_method 'test_should_raise_argument_error_if_iv_is_not_specified' do
66
+ assert_raises(ArgumentError, "must specify an iv") { Encryptor.encrypt('some value', key: key) }
67
+ assert_raises(ArgumentError, "must specify an iv") { Encryptor.decrypt('some encrypted string', key: key) }
68
+ end
69
+
70
+ define_method 'test_should_raise_argument_error_if_iv_is_too_short' do
71
+ assert_raises(ArgumentError, "iv must be 16 bytes or longer") { Encryptor.encrypt('some value', key: key, iv: 'a') }
72
+ assert_raises(ArgumentError, "iv must be 16 bytes or longer") { Encryptor.decrypt('some encrypted string', key: key, iv: 'a') }
73
+ end
74
+
75
+ define_method 'test_should_yield_block_with_cipher_and_options' do
102
76
  called = false
103
- Encryptor.encrypt('some value', :key => 'some key') { |cipher, options| called = true }
77
+ Encryptor.encrypt('some value', key: key, iv: iv, salt: salt) { |cipher, options| called = true }
104
78
  assert called
105
79
  end
106
80
 
81
+ OpenSSLHelper::AUTHENTICATED_ENCRYPTION_ALGORITHMS.each do |algorithm|
82
+
83
+ define_method 'test_should_use_the_default_authentication_data_if_it_is_not_specified' do
84
+ encrypted_value = Encryptor.encrypt(value: original_value, key: key, iv: iv, salt: salt, algorithm: algorithm)
85
+ decrypted_value = Encryptor.decrypt(value: encrypted_value, key: key, iv: iv, salt: salt, algorithm: algorithm)
86
+ refute_equal original_value, encrypted_value
87
+ assert_equal original_value, decrypted_value
88
+ assert_raises(OpenSSL::Cipher::CipherError) { Encryptor.decrypt(value: encrypted_value[0..-17] + wrong_auth_tag, key: key, iv: iv, salt: salt, algorithm: algorithm) }
89
+ end
90
+
91
+ define_method 'test_should_use_authentication_data_if_it_is_specified' do
92
+ encrypted_value = Encryptor.encrypt(value: original_value, key: key, iv: iv, salt: salt, algorithm: algorithm, auth_data: auth_data)
93
+ decrypted_value = Encryptor.decrypt(value: encrypted_value, key: key, iv: iv, salt: salt, algorithm: algorithm, auth_data: auth_data)
94
+ refute_equal original_value, encrypted_value
95
+ assert_equal original_value, decrypted_value
96
+ assert_raises(OpenSSL::Cipher::CipherError) { Encryptor.decrypt(value: encrypted_value[0..-17] + wrong_auth_tag, key: key, iv: iv, salt: salt, algorithm: algorithm) }
97
+ end
98
+ end
107
99
  end
108
100
 
@@ -0,0 +1,56 @@
1
+ require 'test_helper'
2
+
3
+ class LegacyEncryptorStringTest < Minitest::Test
4
+
5
+ key = SecureRandom.random_bytes(64)
6
+ iv = SecureRandom.random_bytes(64)
7
+ original_value = StringWithEncryptor.new
8
+ original_value << SecureRandom.random_bytes(64)
9
+
10
+ OpenSSLHelper::ALGORITHMS.each do |algorithm|
11
+ encrypted_value_with_iv = StringWithEncryptor.new
12
+ encrypted_value_with_iv << Encryptor.encrypt(value: original_value, key: key, iv: iv, algorithm: algorithm, insecure_mode: true)
13
+ encrypted_value_without_iv = StringWithEncryptor.new
14
+ encrypted_value_without_iv << Encryptor.encrypt(value: original_value, key: key, algorithm: algorithm, insecure_mode: true)
15
+
16
+ define_method "test_should_call_encrypt_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
17
+ assert_equal encrypted_value_with_iv, original_value.encrypt(key: key, iv: iv, algorithm: algorithm, insecure_mode: true)
18
+ end
19
+
20
+ define_method "test_should_call_encrypt_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
21
+ assert_equal encrypted_value_without_iv, original_value.encrypt(key: key, algorithm: algorithm, insecure_mode: true)
22
+ end
23
+
24
+ define_method "test_should_call_decrypt_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
25
+ assert_equal original_value, encrypted_value_with_iv.decrypt(key: key, iv: iv, algorithm: algorithm, insecure_mode: true)
26
+ end
27
+
28
+ define_method "test_should_call_decrypt_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
29
+ assert_equal original_value, encrypted_value_without_iv.decrypt(key: key, algorithm: algorithm, insecure_mode: true)
30
+ end
31
+
32
+ define_method "test_string_encrypt!_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
33
+ original_value_dup = original_value.dup
34
+ original_value_dup.encrypt!(key: key, iv: iv, algorithm: algorithm, insecure_mode: true)
35
+ assert_equal original_value.encrypt(key: key, iv: iv, algorithm: algorithm, insecure_mode: true), original_value_dup
36
+ end
37
+
38
+ define_method "test_string_encrypt!_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
39
+ original_value_dup = original_value.dup
40
+ original_value_dup.encrypt!(key: key, algorithm: algorithm, insecure_mode: true)
41
+ assert_equal original_value.encrypt(key: key, algorithm: algorithm, insecure_mode: true), original_value_dup
42
+ end
43
+
44
+ define_method "test_string_decrypt!_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
45
+ encrypted_value_with_iv_dup = encrypted_value_with_iv.dup
46
+ encrypted_value_with_iv_dup.decrypt!(key: key, iv: iv, algorithm: algorithm, insecure_mode: true)
47
+ assert_equal original_value, encrypted_value_with_iv_dup
48
+ end
49
+
50
+ define_method "test_string_decrypt!_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
51
+ encrypted_value_without_iv_dup = encrypted_value_without_iv.dup
52
+ encrypted_value_without_iv_dup.decrypt!(key: key, algorithm: algorithm, insecure_mode: true)
53
+ assert_equal original_value, encrypted_value_without_iv_dup
54
+ end
55
+ end
56
+ end
@@ -1,88 +1,47 @@
1
- require File.expand_path('../test_helper', __FILE__)
2
- require File.expand_path('../openssl_helper', __FILE__)
1
+ require 'test_helper'
3
2
 
4
3
  # Tests for legacy (non-salted) encryption mode
5
4
  #
6
- class LegacyEncryptorTest < Test::Unit::TestCase
5
+ class LegacyEncryptorTest < Minitest::Test
7
6
 
8
- key = Digest::SHA256.hexdigest(([Time.now.to_s] * rand(3)).join)
9
- iv = Digest::SHA256.hexdigest(([Time.now.to_s] * rand(3)).join)
10
- original_value = Digest::SHA256.hexdigest(([Time.now.to_s] * rand(3)).join)
7
+ key = SecureRandom.random_bytes(64)
8
+ iv = SecureRandom.random_bytes(64)
9
+ original_value = SecureRandom.random_bytes(64)
11
10
 
12
11
  OpenSSLHelper::ALGORITHMS.each do |algorithm|
13
- encrypted_value_with_iv = Encryptor.encrypt(:value => original_value, :key => key, :iv => iv, :algorithm => algorithm)
14
- encrypted_value_without_iv = Encryptor.encrypt(:value => original_value, :key => key, :algorithm => algorithm)
12
+ encrypted_value_with_iv = Encryptor.encrypt(value: original_value, key: key, iv: iv, algorithm: algorithm, insecure_mode: true)
13
+ encrypted_value_without_iv = Encryptor.encrypt(value: original_value, key: key, algorithm: algorithm, insecure_mode: true)
15
14
 
16
15
  define_method "test_should_crypt_with_the_#{algorithm}_algorithm_with_iv" do
17
- assert_not_equal original_value, encrypted_value_with_iv
18
- assert_not_equal encrypted_value_without_iv, encrypted_value_with_iv
19
- assert_equal original_value, Encryptor.decrypt(:value => encrypted_value_with_iv, :key => key, :iv => iv, :algorithm => algorithm)
16
+ refute_equal original_value, encrypted_value_with_iv
17
+ refute_equal encrypted_value_without_iv, encrypted_value_with_iv
18
+ assert_equal original_value, Encryptor.decrypt(value: encrypted_value_with_iv, key: key, iv: iv, algorithm: algorithm, insecure_mode: true)
20
19
  end
21
20
 
22
21
  define_method "test_should_crypt_with_the_#{algorithm}_algorithm_without_iv" do
23
- assert_not_equal original_value, encrypted_value_without_iv
24
- assert_equal original_value, Encryptor.decrypt(:value => encrypted_value_without_iv, :key => key, :algorithm => algorithm)
22
+ refute_equal original_value, encrypted_value_without_iv
23
+ assert_equal original_value, Encryptor.decrypt(value: encrypted_value_without_iv, key: key, algorithm: algorithm, insecure_mode: true)
25
24
  end
26
25
 
27
26
  define_method "test_should_encrypt_with_the_#{algorithm}_algorithm_with_iv_with_the_first_arg_as_the_value" do
28
- assert_equal encrypted_value_with_iv, Encryptor.encrypt(original_value, :key => key, :iv => iv, :algorithm => algorithm)
27
+ assert_equal encrypted_value_with_iv, Encryptor.encrypt(original_value, key: key, iv: iv, algorithm: algorithm, insecure_mode: true)
29
28
  end
30
29
 
31
30
  define_method "test_should_encrypt_with_the_#{algorithm}_algorithm_without_iv_with_the_first_arg_as_the_value" do
32
- assert_equal encrypted_value_without_iv, Encryptor.encrypt(original_value, :key => key, :algorithm => algorithm)
31
+ assert_equal encrypted_value_without_iv, Encryptor.encrypt(original_value, key: key, algorithm: algorithm, insecure_mode: true)
33
32
  end
34
33
 
35
34
  define_method "test_should_decrypt_with_the_#{algorithm}_algorithm_with_iv_with_the_first_arg_as_the_value" do
36
- assert_equal original_value, Encryptor.decrypt(encrypted_value_with_iv, :key => key, :iv => iv, :algorithm => algorithm)
35
+ assert_equal original_value, Encryptor.decrypt(encrypted_value_with_iv, key: key, iv: iv, algorithm: algorithm, insecure_mode: true)
37
36
  end
38
37
 
39
38
  define_method "test_should_decrypt_with_the_#{algorithm}_algorithm_without_iv_with_the_first_arg_as_the_value" do
40
- assert_equal original_value, Encryptor.decrypt(encrypted_value_without_iv, :key => key, :algorithm => algorithm)
41
- end
42
-
43
- define_method "test_should_call_encrypt_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
44
- assert_equal encrypted_value_with_iv, original_value.encrypt(:key => key, :iv => iv, :algorithm => algorithm)
45
- end
46
-
47
- define_method "test_should_call_encrypt_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
48
- assert_equal encrypted_value_without_iv, original_value.encrypt(:key => key, :algorithm => algorithm)
49
- end
50
-
51
- define_method "test_should_call_decrypt_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
52
- assert_equal original_value, encrypted_value_with_iv.decrypt(:key => key, :iv => iv, :algorithm => algorithm)
53
- end
54
-
55
- define_method "test_should_call_decrypt_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
56
- assert_equal original_value, encrypted_value_without_iv.decrypt(:key => key, :algorithm => algorithm)
57
- end
58
-
59
- define_method "test_string_encrypt!_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
60
- original_value_dup = original_value.dup
61
- original_value_dup.encrypt!(:key => key, :iv => iv, :algorithm => algorithm)
62
- assert_equal original_value.encrypt(:key => key, :iv => iv, :algorithm => algorithm), original_value_dup
63
- end
64
-
65
- define_method "test_string_encrypt!_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
66
- original_value_dup = original_value.dup
67
- original_value_dup.encrypt!(:key => key, :algorithm => algorithm)
68
- assert_equal original_value.encrypt(:key => key, :algorithm => algorithm), original_value_dup
69
- end
70
-
71
- define_method "test_string_decrypt!_on_a_string_with_the_#{algorithm}_algorithm_with_iv" do
72
- encrypted_value_with_iv_dup = encrypted_value_with_iv.dup
73
- encrypted_value_with_iv_dup.decrypt!(:key => key, :iv => iv, :algorithm => algorithm)
74
- assert_equal original_value, encrypted_value_with_iv_dup
75
- end
76
-
77
- define_method "test_string_decrypt!_on_a_string_with_the_#{algorithm}_algorithm_without_iv" do
78
- encrypted_value_without_iv_dup = encrypted_value_without_iv.dup
79
- encrypted_value_without_iv_dup.decrypt!(:key => key, :algorithm => algorithm)
80
- assert_equal original_value, encrypted_value_without_iv_dup
39
+ assert_equal original_value, Encryptor.decrypt(encrypted_value_without_iv, key: key, algorithm: algorithm, insecure_mode: true)
81
40
  end
82
41
  end
83
42
 
84
43
  define_method 'test_should_use_the_default_algorithm_if_one_is_not_specified' do
85
- assert_equal Encryptor.encrypt(:value => original_value, :key => key, :algorithm => Encryptor.default_options[:algorithm]), Encryptor.encrypt(:value => original_value, :key => key)
44
+ assert_equal Encryptor.encrypt(value: original_value, key: key, algorithm: Encryptor.default_options[:algorithm], insecure_mode: true), Encryptor.encrypt(value: original_value, key: key, insecure_mode: true)
86
45
  end
87
46
 
88
47
  def test_should_have_a_default_algorithm
@@ -91,15 +50,15 @@ class LegacyEncryptorTest < Test::Unit::TestCase
91
50
  end
92
51
 
93
52
  def test_should_raise_argument_error_if_key_is_not_specified
94
- assert_raises(ArgumentError) { Encryptor.encrypt('some value') }
95
- assert_raises(ArgumentError) { Encryptor.decrypt('some encrypted string') }
96
- assert_raises(ArgumentError) { Encryptor.encrypt('some value', :key => '') }
97
- assert_raises(ArgumentError) { Encryptor.decrypt('some encrypted string', :key => '') }
53
+ assert_raises(ArgumentError) { Encryptor.encrypt('some value', insecure_mode: true) }
54
+ assert_raises(ArgumentError) { Encryptor.decrypt('some encrypted string', insecure_mode: true) }
55
+ assert_raises(ArgumentError) { Encryptor.encrypt('some value', key: '', insecure_mode: true) }
56
+ assert_raises(ArgumentError) { Encryptor.decrypt('some encrypted string', key: '', insecure_mode: true) }
98
57
  end
99
58
 
100
59
  def test_should_yield_block_with_cipher_and_options
101
60
  called = false
102
- Encryptor.encrypt('some value', :key => 'some key') { |cipher, options| called = true }
61
+ Encryptor.encrypt('some value', key: 'some key', insecure_mode: true) { |cipher, options| called = true }
103
62
  assert called
104
63
  end
105
64