Fix cookies/session tests broken after merging key rotation.

Based on, yet closes https://github.com/rails/rails/pull/30708

Fix the session test by properly truncating the legacy encryption
key for cbc encryption. Borrowed straight from 👆.

Fix the cookies test a little differently than the PR. Basically
keep every config within the config block.

[ Michael Coyne & Kasper Timm Hansen ]

1 files changed, 3 insertions, 2 deletions

diff --git a/actionpack/lib/action_dispatch/middleware/cookies.rb b/actionpack/lib/action_dispatch/middleware/cookies.rb
index baffe200bc..0213987c99 100644
--- a/actionpack/lib/action_dispatch/middleware/cookies.rb
+++ b/actionpack/lib/action_dispatch/middleware/cookies.rb
@@ -608,10 +608,11 @@ module ActionDispatch
         end
 
         if upgrade_legacy_hmac_aes_cbc_cookies?
-          secret = request.key_generator.generate_key(request.encrypted_cookie_salt)
+          legacy_cipher = "aes-256-cbc"
+          secret = request.key_generator.generate_key(request.encrypted_cookie_salt, ActiveSupport::MessageEncryptor.key_len(legacy_cipher))
           sign_secret = request.key_generator.generate_key(request.encrypted_signed_cookie_salt)
 
-          @encryptor.rotate secret, sign_secret, cipher: "aes-256-cbc", digest: digest, serializer: SERIALIZER
+          @encryptor.rotate(secret, sign_secret, cipher: legacy_cipher, digest: digest, serializer: SERIALIZER)
         end
 
         if upgrade_legacy_signed_cookies?