diff options
author | Vipul A M <vipulnsward@gmail.com> | 2016-05-29 11:07:22 -0700 |
---|---|---|
committer | Vipul A M <vipulnsward@gmail.com> | 2016-06-27 17:43:55 -0700 |
commit | 8ee269cf51c58b0600a3fa536219637f240e888d (patch) | |
tree | 67b005a5f950d13b3e21bb2aacb759318d8ac46d /activesupport/test/message_encryptor_test.rb | |
parent | cf8605ad28192af81af08296d4f170076362d281 (diff) | |
download | rails-8ee269cf51c58b0600a3fa536219637f240e888d.tar.gz rails-8ee269cf51c58b0600a3fa536219637f240e888d.tar.bz2 rails-8ee269cf51c58b0600a3fa536219637f240e888d.zip |
We default to using aes-256-cbc as our verification/signing cipher. It can accept key lengths of 128, 192 or 256-bit, whereas currently we were providing twice the acceptable value.
ruby < 2.4 allowed accepting these values, as extra key bits were ignored. Since https://github.com/ruby/ruby/commit/ce635262f53b760284d56bb1027baebaaec175d1 this now has a strict checking on key length.
Default to key length 32 bytes, to match the compatible length for aes-256-cbc
Fixes #25185
Diffstat (limited to 'activesupport/test/message_encryptor_test.rb')
-rw-r--r-- | activesupport/test/message_encryptor_test.rb | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/activesupport/test/message_encryptor_test.rb b/activesupport/test/message_encryptor_test.rb index eb71369397..a1ff4c1d3e 100644 --- a/activesupport/test/message_encryptor_test.rb +++ b/activesupport/test/message_encryptor_test.rb @@ -15,7 +15,7 @@ class MessageEncryptorTest < ActiveSupport::TestCase end def setup - @secret = SecureRandom.hex(64) + @secret = SecureRandom.random_bytes(32) @verifier = ActiveSupport::MessageVerifier.new(@secret, :serializer => ActiveSupport::MessageEncryptor::NullSerializer) @encryptor = ActiveSupport::MessageEncryptor.new(@secret) @data = { :some => "data", :now => Time.local(2010) } @@ -51,7 +51,7 @@ class MessageEncryptorTest < ActiveSupport::TestCase def test_alternative_serialization_method prev = ActiveSupport.use_standard_json_time_format ActiveSupport.use_standard_json_time_format = true - encryptor = ActiveSupport::MessageEncryptor.new(SecureRandom.hex(64), SecureRandom.hex(64), :serializer => JSONSerializer.new) + encryptor = ActiveSupport::MessageEncryptor.new(SecureRandom.random_bytes(32), SecureRandom.random_bytes(128), :serializer => JSONSerializer.new) message = encryptor.encrypt_and_sign({ :foo => 123, 'bar' => Time.utc(2010) }) exp = { "foo" => 123, "bar" => "2010-01-01T00:00:00.000Z" } assert_equal exp, encryptor.decrypt_and_verify(message) |