rails--rails/activesupport/test/message_encryptor_test.rb

require "abstract_unit"
require "openssl"
require "active_support/time"
require "active_support/json"

class MessageEncryptorTest < ActiveSupport::TestCase
  class JSONSerializer
    def dump(value)
      ActiveSupport::JSON.encode(value)
    end

    def load(value)
      ActiveSupport::JSON.decode(value)
    end
  end

  def setup
    @secret    = SecureRandom.random_bytes(32)
    @verifier  = ActiveSupport::MessageVerifier.new(@secret, :serializer => ActiveSupport::MessageEncryptor::NullSerializer)
    @encryptor = ActiveSupport::MessageEncryptor.new(@secret)
    @data = { :some => "data", :now => Time.local(2010) }
  end

  def test_encrypting_twice_yields_differing_cipher_text
    first_message = @encryptor.encrypt_and_sign(@data).split("--").first
    second_message = @encryptor.encrypt_and_sign(@data).split("--").first
    assert_not_equal first_message, second_message
  end

  def test_messing_with_either_encrypted_values_causes_failure
    text, iv = @verifier.verify(@encryptor.encrypt_and_sign(@data)).split("--")
    assert_not_decrypted([iv, text] * "--")
    assert_not_decrypted([text, munge(iv)] * "--")
    assert_not_decrypted([munge(text), iv] * "--")
    assert_not_decrypted([munge(text), munge(iv)] * "--")
  end

  def test_messing_with_verified_values_causes_failures
    text, iv = @encryptor.encrypt_and_sign(@data).split("--")
    assert_not_verified([iv, text] * "--")
    assert_not_verified([text, munge(iv)] * "--")
    assert_not_verified([munge(text), iv] * "--")
    assert_not_verified([munge(text), munge(iv)] * "--")
  end

  def test_signed_round_tripping
    message = @encryptor.encrypt_and_sign(@data)
    assert_equal @data, @encryptor.decrypt_and_verify(message)
  end

  def test_alternative_serialization_method
    prev = ActiveSupport.use_standard_json_time_format
    ActiveSupport.use_standard_json_time_format = true
    encryptor = ActiveSupport::MessageEncryptor.new(SecureRandom.random_bytes(32), SecureRandom.random_bytes(128), :serializer => JSONSerializer.new)
    message = encryptor.encrypt_and_sign({ :foo => 123, "bar" => Time.utc(2010) })
    exp = { "foo" => 123, "bar" => "2010-01-01T00:00:00.000Z" }
    assert_equal exp, encryptor.decrypt_and_verify(message)
  ensure
    ActiveSupport.use_standard_json_time_format = prev
  end

  def test_message_obeys_strict_encoding
    bad_encoding_characters = "\n!@#"
    message, iv = @encryptor.encrypt_and_sign("This is a very \n\nhumble string"+bad_encoding_characters)

    assert_not_decrypted("#{::Base64.encode64 message.to_s}--#{::Base64.encode64 iv.to_s}")
    assert_not_verified("#{::Base64.encode64 message.to_s}--#{::Base64.encode64 iv.to_s}")

    assert_not_decrypted([iv,  message] * bad_encoding_characters)
    assert_not_verified([iv,  message] * bad_encoding_characters)
  end

  def test_aead_mode_encryption
    encryptor = ActiveSupport::MessageEncryptor.new(@secret, cipher: "aes-256-gcm")
    message = encryptor.encrypt_and_sign(@data)
    assert_equal @data, encryptor.decrypt_and_verify(message)
  end

  def test_messing_with_aead_values_causes_failures
    encryptor = ActiveSupport::MessageEncryptor.new(@secret, cipher: "aes-256-gcm")
    text, iv, auth_tag = encryptor.encrypt_and_sign(@data).split("--")
    assert_not_decrypted([iv, text, auth_tag] * "--")
    assert_not_decrypted([munge(text), iv, auth_tag] * "--")
    assert_not_decrypted([text, munge(iv), auth_tag] * "--")
    assert_not_decrypted([text, iv, munge(auth_tag)] * "--")
    assert_not_decrypted([munge(text), munge(iv), munge(auth_tag)] * "--")
    assert_not_decrypted([text, iv] * "--")
    assert_not_decrypted([text, iv, auth_tag[0..-2]] * "--")
  end

  private

  def assert_not_decrypted(value)
    assert_raise(ActiveSupport::MessageEncryptor::InvalidMessage) do
      @encryptor.decrypt_and_verify(@verifier.generate(value))
    end
  end

  def assert_not_verified(value)
    assert_raise(ActiveSupport::MessageVerifier::InvalidSignature) do
      @encryptor.decrypt_and_verify(value)
    end
  end

  def munge(base64_string)
    bits = ::Base64.strict_decode64(base64_string)
    bits.reverse!
    ::Base64.strict_encode64(bits)
  end
end
applies new string literal convention in activesupport/test The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default. 2016-08-06 12:03:25 -04:00			`require "abstract_unit"`
			`require "openssl"`
			`require "active_support/time"`
			`require "active_support/json"`
Add a MessageEncryptor, just like MessageVerifier but using symmetric key encryption. The use of encryption prevents people from seeing any potentially secret values you've used. It also supports and encrypt_and_sign model to prevent people from tampering with the bits and creating random junk that gets fed to A motivated coder could use this to add an :encrypt=>true option to the cookie store. 2008-11-25 14:27:54 -05:00
Test deprecation warning when not using an options hash as second parameter. 2011-09-15 15:51:30 -04:00			`class MessageEncryptorTest < ActiveSupport::TestCase`
Implement API suggestions of pull request. 2011-09-15 13:15:21 -04:00			`class JSONSerializer`
			`def dump(value)`
			`ActiveSupport::JSON.encode(value)`
			`end`
Deprecated ActiveSupport::MessageEncryptor#encrypt and decrypt. 2011-11-09 16:48:56 -05:00
Implement API suggestions of pull request. 2011-09-15 13:15:21 -04:00			`def load(value)`
			`ActiveSupport::JSON.decode(value)`
			`end`
			`end`
Deprecated ActiveSupport::MessageEncryptor#encrypt and decrypt. 2011-11-09 16:48:56 -05:00
Add a MessageEncryptor, just like MessageVerifier but using symmetric key encryption. The use of encryption prevents people from seeing any potentially secret values you've used. It also supports and encrypt_and_sign model to prevent people from tampering with the bits and creating random junk that gets fed to A motivated coder could use this to add an :encrypt=>true option to the cookie store. 2008-11-25 14:27:54 -05:00			`def setup`
We default to using aes-256-cbc as our verification/signing cipher. It can accept key lengths of 128, 192 or 256-bit, whereas currently we were providing twice the acceptable value. ruby < 2.4 allowed accepting these values, as extra key bits were ignored. Since https://github.com/ruby/ruby/commit/ce635262f53b760284d56bb1027baebaaec175d1 this now has a strict checking on key length. Default to key length 32 bytes, to match the compatible length for aes-256-cbc Fixes #25185 2016-05-29 14:07:22 -04:00			`@secret = SecureRandom.random_bytes(32)`
Don't marshal dump twice when using encryptor. 2011-11-09 17:11:46 -05:00			`@verifier = ActiveSupport::MessageVerifier.new(@secret, :serializer => ActiveSupport::MessageEncryptor::NullSerializer)`
Deprecated ActiveSupport::MessageEncryptor#encrypt and decrypt. 2011-11-09 16:48:56 -05:00			`@encryptor = ActiveSupport::MessageEncryptor.new(@secret)`
Ruby 1.9.2: marshaling round-trips Time#zone 2010-03-29 01:51:48 -04:00			`@data = { :some => "data", :now => Time.local(2010) }`
Add a MessageEncryptor, just like MessageVerifier but using symmetric key encryption. The use of encryption prevents people from seeing any potentially secret values you've used. It also supports and encrypt_and_sign model to prevent people from tampering with the bits and creating random junk that gets fed to A motivated coder could use this to add an :encrypt=>true option to the cookie store. 2008-11-25 14:27:54 -05:00			`end`
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;) 2010-08-14 01:13:00 -04:00
Add a MessageEncryptor, just like MessageVerifier but using symmetric key encryption. The use of encryption prevents people from seeing any potentially secret values you've used. It also supports and encrypt_and_sign model to prevent people from tampering with the bits and creating random junk that gets fed to A motivated coder could use this to add an :encrypt=>true option to the cookie store. 2008-11-25 14:27:54 -05:00			`def test_encrypting_twice_yields_differing_cipher_text`
s/messqage/message/ in message_encryptor_test.rb 2013-01-09 16:32:35 -05:00			`first_message = @encryptor.encrypt_and_sign(@data).split("--").first`
Deprecated ActiveSupport::MessageEncryptor#encrypt and decrypt. 2011-11-09 16:48:56 -05:00			`second_message = @encryptor.encrypt_and_sign(@data).split("--").first`
s/messqage/message/ in message_encryptor_test.rb 2013-01-09 16:32:35 -05:00			`assert_not_equal first_message, second_message`
Add a MessageEncryptor, just like MessageVerifier but using symmetric key encryption. The use of encryption prevents people from seeing any potentially secret values you've used. It also supports and encrypt_and_sign model to prevent people from tampering with the bits and creating random junk that gets fed to A motivated coder could use this to add an :encrypt=>true option to the cookie store. 2008-11-25 14:27:54 -05:00			`end`
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;) 2010-08-14 01:13:00 -04:00
Deprecated ActiveSupport::MessageEncryptor#encrypt and decrypt. 2011-11-09 16:48:56 -05:00			`def test_messing_with_either_encrypted_values_causes_failure`
			`text, iv = @verifier.verify(@encryptor.encrypt_and_sign(@data)).split("--")`
Add a MessageEncryptor, just like MessageVerifier but using symmetric key encryption. The use of encryption prevents people from seeing any potentially secret values you've used. It also supports and encrypt_and_sign model to prevent people from tampering with the bits and creating random junk that gets fed to A motivated coder could use this to add an :encrypt=>true option to the cookie store. 2008-11-25 14:27:54 -05:00			`assert_not_decrypted([iv, text] * "--")`
			`assert_not_decrypted([text, munge(iv)] * "--")`
			`assert_not_decrypted([munge(text), iv] * "--")`
			`assert_not_decrypted([munge(text), munge(iv)] * "--")`
			`end`
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;) 2010-08-14 01:13:00 -04:00
Deprecated ActiveSupport::MessageEncryptor#encrypt and decrypt. 2011-11-09 16:48:56 -05:00			`def test_messing_with_verified_values_causes_failures`
			`text, iv = @encryptor.encrypt_and_sign(@data).split("--")`
			`assert_not_verified([iv, text] * "--")`
			`assert_not_verified([text, munge(iv)] * "--")`
			`assert_not_verified([munge(text), iv] * "--")`
			`assert_not_verified([munge(text), munge(iv)] * "--")`
			`end`

Add a MessageEncryptor, just like MessageVerifier but using symmetric key encryption. The use of encryption prevents people from seeing any potentially secret values you've used. It also supports and encrypt_and_sign model to prevent people from tampering with the bits and creating random junk that gets fed to A motivated coder could use this to add an :encrypt=>true option to the cookie store. 2008-11-25 14:27:54 -05:00			`def test_signed_round_tripping`
			`message = @encryptor.encrypt_and_sign(@data)`
			`assert_equal @data, @encryptor.decrypt_and_verify(message)`
			`end`
Deprecated ActiveSupport::MessageEncryptor#encrypt and decrypt. 2011-11-09 16:48:56 -05:00
Custom serializers and deserializers in MessageVerifier and MessageEncryptor. By default, these classes use Marshal for serializing and deserializing messages. Unfortunately, the Marshal format is closely associated with Ruby internals and even changes between different interpreters. This makes the resulting message very hard to impossible to unserialize messages generated by these classes in other environments like node.js. This patch solves this by allowing you to set your own custom serializer and deserializer lambda functions. By default, it still uses Marshal to be backwards compatible. 2011-09-15 08:28:53 -04:00			`def test_alternative_serialization_method`
Fixed bad tests to clean up after themselves. 2013-05-03 18:37:18 -04:00			`prev = ActiveSupport.use_standard_json_time_format`
			`ActiveSupport.use_standard_json_time_format = true`
We default to using aes-256-cbc as our verification/signing cipher. It can accept key lengths of 128, 192 or 256-bit, whereas currently we were providing twice the acceptable value. ruby < 2.4 allowed accepting these values, as extra key bits were ignored. Since https://github.com/ruby/ruby/commit/ce635262f53b760284d56bb1027baebaaec175d1 this now has a strict checking on key length. Default to key length 32 bytes, to match the compatible length for aes-256-cbc Fixes #25185 2016-05-29 14:07:22 -04:00			`encryptor = ActiveSupport::MessageEncryptor.new(SecureRandom.random_bytes(32), SecureRandom.random_bytes(128), :serializer => JSONSerializer.new)`
applies new string literal convention in activesupport/test The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default. 2016-08-06 12:03:25 -04:00			`message = encryptor.encrypt_and_sign({ :foo => 123, "bar" => Time.utc(2010) })`
Standardize all JSON encoded times to use 3 decimal fractional seconds 2013-11-07 10:35:49 -05:00			`exp = { "foo" => 123, "bar" => "2010-01-01T00:00:00.000Z" }`
Fixed bad tests to clean up after themselves. 2013-05-03 18:37:18 -04:00			`assert_equal exp, encryptor.decrypt_and_verify(message)`
			`ensure`
			`ActiveSupport.use_standard_json_time_format = prev`
Custom serializers and deserializers in MessageVerifier and MessageEncryptor. By default, these classes use Marshal for serializing and deserializing messages. Unfortunately, the Marshal format is closely associated with Ruby internals and even changes between different interpreters. This makes the resulting message very hard to impossible to unserialize messages generated by these classes in other environments like node.js. This patch solves this by allowing you to set your own custom serializer and deserializer lambda functions. By default, it still uses Marshal to be backwards compatible. 2011-09-15 08:28:53 -04:00			`end`
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;) 2010-08-14 01:13:00 -04:00
Use `Base.strict_decode64` instead of `Base.decode64` just as we do in encoding; Also reduce extra object allocation by creating string directly instead of join on Array 2013-05-15 10:11:04 -04:00			`def test_message_obeys_strict_encoding`
			`bad_encoding_characters = "\n!@#"`
			`message, iv = @encryptor.encrypt_and_sign("This is a very \n\nhumble string"+bad_encoding_characters)`

			`assert_not_decrypted("#{::Base64.encode64 message.to_s}--#{::Base64.encode64 iv.to_s}")`
			`assert_not_verified("#{::Base64.encode64 message.to_s}--#{::Base64.encode64 iv.to_s}")`

			`assert_not_decrypted([iv, message] * bad_encoding_characters)`
			`assert_not_verified([iv, message] * bad_encoding_characters)`
			`end`

Allow MessageEncryptor to take advantage of authenticated encryption modes AEAD modes like `aes-256-gcm` provide both confidentiality and data authenticity, eliminating the need to use MessageVerifier to check if the encrypted data has been tampered with. Signed-off-by: Jeremy Daer <jeremydaer@gmail.com> 2016-07-18 07:48:58 -04:00			`def test_aead_mode_encryption`
applies new string literal convention in activesupport/test The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default. 2016-08-06 12:03:25 -04:00			`encryptor = ActiveSupport::MessageEncryptor.new(@secret, cipher: "aes-256-gcm")`
Allow MessageEncryptor to take advantage of authenticated encryption modes AEAD modes like `aes-256-gcm` provide both confidentiality and data authenticity, eliminating the need to use MessageVerifier to check if the encrypted data has been tampered with. Signed-off-by: Jeremy Daer <jeremydaer@gmail.com> 2016-07-18 07:48:58 -04:00			`message = encryptor.encrypt_and_sign(@data)`
			`assert_equal @data, encryptor.decrypt_and_verify(message)`
			`end`

			`def test_messing_with_aead_values_causes_failures`
applies new string literal convention in activesupport/test The current code base is not uniform. After some discussion, we have chosen to go with double quotes by default. 2016-08-06 12:03:25 -04:00			`encryptor = ActiveSupport::MessageEncryptor.new(@secret, cipher: "aes-256-gcm")`
Allow MessageEncryptor to take advantage of authenticated encryption modes AEAD modes like `aes-256-gcm` provide both confidentiality and data authenticity, eliminating the need to use MessageVerifier to check if the encrypted data has been tampered with. Signed-off-by: Jeremy Daer <jeremydaer@gmail.com> 2016-07-18 07:48:58 -04:00			`text, iv, auth_tag = encryptor.encrypt_and_sign(@data).split("--")`
			`assert_not_decrypted([iv, text, auth_tag] * "--")`
			`assert_not_decrypted([munge(text), iv, auth_tag] * "--")`
			`assert_not_decrypted([text, munge(iv), auth_tag] * "--")`
			`assert_not_decrypted([text, iv, munge(auth_tag)] * "--")`
			`assert_not_decrypted([munge(text), munge(iv), munge(auth_tag)] * "--")`
			`assert_not_decrypted([text, iv] * "--")`
			`assert_not_decrypted([text, iv, auth_tag[0..-2]] * "--")`
			`end`

Add a MessageEncryptor, just like MessageVerifier but using symmetric key encryption. The use of encryption prevents people from seeing any potentially secret values you've used. It also supports and encrypt_and_sign model to prevent people from tampering with the bits and creating random junk that gets fed to A motivated coder could use this to add an :encrypt=>true option to the cookie store. 2008-11-25 14:27:54 -05:00			`private`
Deprecated ActiveSupport::MessageEncryptor#encrypt and decrypt. 2011-11-09 16:48:56 -05:00
			`def assert_not_decrypted(value)`
			`assert_raise(ActiveSupport::MessageEncryptor::InvalidMessage) do`
			`@encryptor.decrypt_and_verify(@verifier.generate(value))`
Add a MessageEncryptor, just like MessageVerifier but using symmetric key encryption. The use of encryption prevents people from seeing any potentially secret values you've used. It also supports and encrypt_and_sign model to prevent people from tampering with the bits and creating random junk that gets fed to A motivated coder could use this to add an :encrypt=>true option to the cookie store. 2008-11-25 14:27:54 -05:00			`end`
Deprecated ActiveSupport::MessageEncryptor#encrypt and decrypt. 2011-11-09 16:48:56 -05:00			`end`
Deletes trailing whitespaces (over text files only find * -type f -exec sed 's/[ \t]*$//' -i {} \;) 2010-08-14 01:13:00 -04:00
Deprecated ActiveSupport::MessageEncryptor#encrypt and decrypt. 2011-11-09 16:48:56 -05:00			`def assert_not_verified(value)`
			`assert_raise(ActiveSupport::MessageVerifier::InvalidSignature) do`
			`@encryptor.decrypt_and_verify(value)`
Add a MessageEncryptor, just like MessageVerifier but using symmetric key encryption. The use of encryption prevents people from seeing any potentially secret values you've used. It also supports and encrypt_and_sign model to prevent people from tampering with the bits and creating random junk that gets fed to A motivated coder could use this to add an :encrypt=>true option to the cookie store. 2008-11-25 14:27:54 -05:00			`end`
Deprecated ActiveSupport::MessageEncryptor#encrypt and decrypt. 2011-11-09 16:48:56 -05:00			`end`
repair the activesupport message encryptor tests for me, do so in the same way as jeremy did with message verifier [#4517 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net> 2010-05-01 08:40:02 -04:00
Deprecated ActiveSupport::MessageEncryptor#encrypt and decrypt. 2011-11-09 16:48:56 -05:00			`def munge(base64_string)`
Use `Base.strict_decode64` instead of `Base.decode64` just as we do in encoding; Also reduce extra object allocation by creating string directly instead of join on Array 2013-05-15 10:11:04 -04:00			`bits = ::Base64.strict_decode64(base64_string)`
Deprecated ActiveSupport::MessageEncryptor#encrypt and decrypt. 2011-11-09 16:48:56 -05:00			`bits.reverse!`
remove ActiveSupport::Base64 in favor of ::Base64 2012-01-01 12:57:55 -05:00			`::Base64.strict_encode64(bits)`
Deprecated ActiveSupport::MessageEncryptor#encrypt and decrypt. 2011-11-09 16:48:56 -05:00			`end`
repair the activesupport message encryptor tests for me, do so in the same way as jeremy did with message verifier [#4517 state:committed] Signed-off-by: Jeremy Kemper <jeremy@bitsweat.net> 2010-05-01 08:40:02 -04:00			`end`