Pad encryption keys with UTF-8 0 instead of \0 char

2018-11-28 12:00:17 +01:00 · 2018-11-28 12:00:17 +01:00 · 4c7665f2f9
parent b7f35e8939
commit 4c7665f2f9
3 changed files with 8 additions and 8 deletions
--- a/lib/gitlab/utils.rb
+++ b/lib/gitlab/utils.rb
@ -28,7 +28,7 @@ module Gitlab
        end
      end

-      truncated + ("\0" * (bytes - truncated.bytesize))
+      truncated + ('0' * (bytes - truncated.bytesize))
    end

    # Append path to host, making sure there's one single / in between
--- a/spec/config/settings_spec.rb
+++ b/spec/config/settings_spec.rb
@ -24,7 +24,7 @@ describe Settings do

      it 'expands db key base secret to 12 bytes' do
        expect(described_class.attr_encrypted_db_key_base_12)
-          .to eq(('a' * 10) + ("\0" * 2))
+          .to eq(('a' * 10) + ('0' * 2))
      end
    end

@ -53,7 +53,7 @@ describe Settings do
      end

      it 'expands db key base secret to 32 bytes' do
-        expanded_key_base = ('a' * 10) + ("\0" * 22)
+        expanded_key_base = ('a' * 10) + ('0' * 22)

        expect(expanded_key_base.bytesize).to eq 32
        expect(described_class.attr_encrypted_db_key_base_32)
@ -84,7 +84,7 @@ describe Settings do
      it 'does not use more than 32 bytes' do
        db_key_base = described_class.attr_encrypted_db_key_base_32

-        expect(db_key_base).to eq '❤❤❤❤❤❤' + ("\0" * 14)
+        expect(db_key_base).to eq '❤❤❤❤❤❤' + ('0' * 14)
        expect(db_key_base.bytesize).to eq 32
      end
    end
@ -99,7 +99,7 @@ describe Settings do
      it 'does not use more than 32 bytes' do
        db_key_base = described_class.attr_encrypted_db_key_base_32

-        expect(db_key_base).to eq(('❤' * 10) + ("\0" * 2))
+        expect(db_key_base).to eq(('❤' * 10) + ('0' * 2))
        expect(db_key_base.bytesize).to eq 32
      end
    end
--- a/spec/lib/gitlab/utils_spec.rb
+++ b/spec/lib/gitlab/utils_spec.rb
@ -134,7 +134,7 @@ describe Gitlab::Utils do
        transformed = described_class.ensure_utf8_size('a' * 10, bytes: 32)

        expect(transformed.bytesize).to eq 32
-        expect(transformed).to eq(('a' * 10) + ("\0" * 22))
+        expect(transformed).to eq(('a' * 10) + ('0' * 22))
      end
    end

@ -151,7 +151,7 @@ describe Gitlab::Utils do
      it 'backfills string with null characters' do
        transformed = described_class.ensure_utf8_size('❤' * 6, bytes: 32)

-        expect(transformed).to eq '❤❤❤❤❤❤' + ("\0" * 14)
+        expect(transformed).to eq '❤❤❤❤❤❤' + ('0' * 14)
        expect(transformed.bytesize).to eq 32
      end
    end
@ -160,7 +160,7 @@ describe Gitlab::Utils do
      it 'truncates string to 32 characters and backfills it if needed' do
        transformed = described_class.ensure_utf8_size('❤' * 18, bytes: 32)

-        expect(transformed).to eq(('❤' * 10) + ("\0" * 2))
+        expect(transformed).to eq(('❤' * 10) + ('0' * 2))
        expect(transformed.bytesize).to eq 32
      end
    end