2019-09-10 08:08:23 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
require 'rails_helper'
|
|
|
|
|
2019-09-13 13:14:28 -04:00
|
|
|
RSpec.describe RSAKey do
|
|
|
|
subject { create :rsa_key }
|
2019-09-10 08:08:23 -04:00
|
|
|
|
2019-09-13 17:45:49 -04:00
|
|
|
it_behaves_like 'asymmetric_key'
|
2019-09-13 16:48:33 -04:00
|
|
|
|
2019-09-10 08:08:23 -04:00
|
|
|
describe '#bits' do
|
|
|
|
it { is_expected.to validate_inclusion_of(:bits).in_array([2048, 4096]) }
|
|
|
|
end
|
2019-09-11 17:12:14 -04:00
|
|
|
|
2019-09-13 19:20:47 -04:00
|
|
|
describe '#curve' do
|
|
|
|
it { is_expected.to validate_absence_of :curve }
|
|
|
|
end
|
|
|
|
|
2019-09-11 23:21:17 -04:00
|
|
|
describe '#encrypt_private_key_pem' do
|
2019-09-13 13:14:28 -04:00
|
|
|
subject { create :rsa_key, private_key_pem: cleartext }
|
2019-09-11 23:21:17 -04:00
|
|
|
|
|
|
|
let(:cleartext) { OpenSSL::PKey::RSA.new.to_pem.freeze }
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.encrypt_private_key_pem).to be_instance_of String
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.encrypt_private_key_pem).to be_frozen
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.encrypt_private_key_pem).to \
|
|
|
|
equal subject.private_key_pem_secret
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect { subject.encrypt_private_key_pem }.to \
|
|
|
|
change(subject, :private_key_pem_iv)
|
|
|
|
.from(nil)
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect { subject.encrypt_private_key_pem }.to \
|
|
|
|
change(subject, :private_key_pem_secret)
|
|
|
|
.from(nil)
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect { subject.encrypt_private_key_pem }.to \
|
|
|
|
change(subject, :private_key_pem_ciphertext)
|
|
|
|
.from(nil)
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'after call' do
|
|
|
|
before { subject.encrypt_private_key_pem }
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem).to be_instance_of String
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem_iv).to be_instance_of String
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem_secret).to be_instance_of String
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem_ciphertext).to be_instance_of String
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem).to be_frozen
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem_iv).to be_frozen
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem_secret).to be_frozen
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem_ciphertext).to be_frozen
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem).to eq cleartext
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem_iv).not_to be_blank
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem_secret).not_to be_blank
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem_ciphertext).not_to be_blank
|
|
|
|
end
|
2019-09-11 23:30:54 -04:00
|
|
|
|
|
|
|
specify do
|
|
|
|
cipher = OpenSSL::Cipher::AES256.new
|
|
|
|
cipher.encrypt
|
|
|
|
|
|
|
|
cipher.iv = subject.private_key_pem_iv
|
|
|
|
cipher.key = subject.private_key_pem_secret
|
|
|
|
|
|
|
|
ciphertext = [
|
|
|
|
cipher.update(cleartext),
|
|
|
|
cipher.final,
|
|
|
|
].join.freeze
|
|
|
|
|
|
|
|
expect(subject.private_key_pem_ciphertext).to eq ciphertext
|
|
|
|
end
|
2019-09-11 23:21:17 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2019-09-11 22:29:35 -04:00
|
|
|
describe '#decrypt_private_key_pem' do
|
2019-09-11 23:02:54 -04:00
|
|
|
subject do
|
|
|
|
create(
|
2019-09-13 13:14:28 -04:00
|
|
|
:rsa_key,
|
2019-09-11 23:02:54 -04:00
|
|
|
private_key_pem_iv: iv,
|
|
|
|
private_key_pem_secret: secret,
|
|
|
|
private_key_pem_ciphertext: ciphertext,
|
|
|
|
)
|
|
|
|
end
|
|
|
|
|
2019-09-11 23:21:17 -04:00
|
|
|
let(:cleartext) { OpenSSL::PKey::RSA.new.to_pem.freeze }
|
2019-09-11 22:29:35 -04:00
|
|
|
|
2019-09-11 23:02:54 -04:00
|
|
|
let!(:cipher) { OpenSSL::Cipher::AES256.new.tap(&:encrypt) }
|
2019-09-11 22:29:35 -04:00
|
|
|
|
2019-09-11 23:02:54 -04:00
|
|
|
let!(:iv) { cipher.random_iv.freeze }
|
|
|
|
let!(:secret) { cipher.random_key.freeze }
|
2019-09-11 22:29:35 -04:00
|
|
|
|
2019-09-11 23:02:54 -04:00
|
|
|
let!(:ciphertext) { [cipher.update(cleartext), cipher.final].join.freeze }
|
2019-09-11 22:29:35 -04:00
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.decrypt_private_key_pem).to be_instance_of String
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.decrypt_private_key_pem).to be_frozen
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.decrypt_private_key_pem).to equal subject.private_key_pem
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect { subject.decrypt_private_key_pem }.to \
|
|
|
|
change(subject, :private_key_pem)
|
|
|
|
.from(nil)
|
|
|
|
.to(cleartext)
|
|
|
|
end
|
2019-09-11 23:02:54 -04:00
|
|
|
|
|
|
|
context 'after call' do
|
|
|
|
before { subject.decrypt_private_key_pem }
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem).to be_instance_of String
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem_iv).to be_instance_of String
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem_secret).to be_instance_of String
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem_ciphertext).to be_instance_of String
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem).to be_frozen
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem_iv).to be_frozen
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem_secret).to be_frozen
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem_ciphertext).to be_frozen
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem).to eq cleartext
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem_iv).to equal iv
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem_secret).to equal secret
|
|
|
|
end
|
|
|
|
|
|
|
|
specify do
|
|
|
|
expect(subject.private_key_pem_ciphertext).to equal ciphertext
|
|
|
|
end
|
|
|
|
end
|
2019-09-11 22:29:35 -04:00
|
|
|
end
|
2019-09-10 08:08:23 -04:00
|
|
|
end
|