Merge remote-tracking branch 'upstream/master'

1 files changed, 54 insertions, 20 deletions

diff --git a/activesupport/test/message_encryptor_test.rb b/activesupport/test/message_encryptor_test.rb
index e45d5ecd59..3e6a5c6602 100644
--- a/activesupport/test/message_encryptor_test.rb
+++ b/activesupport/test/message_encryptor_test.rb
@@ -8,50 +8,84 @@ rescue LoadError, NameError
 else
 
 require 'active_support/time'
+require 'active_support/json'
 
-class MessageEncryptorTest < Test::Unit::TestCase
-  def setup
-    @encryptor = ActiveSupport::MessageEncryptor.new(SecureRandom.hex(64))
-    @data = { :some => "data", :now => Time.local(2010) }
+class MessageEncryptorTest < ActiveSupport::TestCase
+  class JSONSerializer
+    def dump(value)
+      ActiveSupport::JSON.encode(value)
+    end
+
+    def load(value)
+      ActiveSupport::JSON.decode(value)
+    end
   end
 
-  def test_simple_round_tripping
-    message = @encryptor.encrypt(@data)
-    assert_equal @data, @encryptor.decrypt(message)
+  def setup
+    @secret    = SecureRandom.hex(64)
+    @verifier  = ActiveSupport::MessageVerifier.new(@secret, :serializer => ActiveSupport::MessageEncryptor::NullSerializer)
+    @encryptor = ActiveSupport::MessageEncryptor.new(@secret)
+    @data = { :some => "data", :now => Time.local(2010) }
   end
 
   def test_encrypting_twice_yields_differing_cipher_text
-    first_messqage = @encryptor.encrypt(@data)
-    second_message = @encryptor.encrypt(@data)
+    first_messqage = @encryptor.encrypt_and_sign(@data).split("--").first
+    second_message = @encryptor.encrypt_and_sign(@data).split("--").first
     assert_not_equal first_messqage, second_message
   end
 
-  def test_messing_with_either_value_causes_failure
-    text, iv = @encryptor.encrypt(@data).split("--")
+  def test_messing_with_either_encrypted_values_causes_failure
+    text, iv = @verifier.verify(@encryptor.encrypt_and_sign(@data)).split("--")
     assert_not_decrypted([iv, text] * "--")
     assert_not_decrypted([text, munge(iv)] * "--")
     assert_not_decrypted([munge(text), iv] * "--")
     assert_not_decrypted([munge(text), munge(iv)] * "--")
   end
 
+  def test_messing_with_verified_values_causes_failures
+    text, iv = @encryptor.encrypt_and_sign(@data).split("--")
+    assert_not_verified([iv, text] * "--")
+    assert_not_verified([text, munge(iv)] * "--")
+    assert_not_verified([munge(text), iv] * "--")
+    assert_not_verified([munge(text), munge(iv)] * "--")
+  end
+
   def test_signed_round_tripping
     message = @encryptor.encrypt_and_sign(@data)
     assert_equal @data, @encryptor.decrypt_and_verify(message)
   end
 
+  def test_alternative_serialization_method
+    encryptor = ActiveSupport::MessageEncryptor.new(SecureRandom.hex(64), :serializer => JSONSerializer.new)
+    message = encryptor.encrypt_and_sign({ :foo => 123, 'bar' => Time.utc(2010) })
+    assert_equal encryptor.decrypt_and_verify(message), { "foo" => 123, "bar" => "2010-01-01T00:00:00Z" }
+  end
+
+  def test_digest_algorithm_as_second_parameter_deprecation
+    assert_deprecated(/options hash/) do
+      ActiveSupport::MessageEncryptor.new(SecureRandom.hex(64), 'aes-256-cbc')
+    end
+  end
 
   private
-    def assert_not_decrypted(value)
-      assert_raise(ActiveSupport::MessageEncryptor::InvalidMessage) do
-        @encryptor.decrypt(value)
-      end
+
+  def assert_not_decrypted(value)
+    assert_raise(ActiveSupport::MessageEncryptor::InvalidMessage) do
+      @encryptor.decrypt_and_verify(@verifier.generate(value))
     end
+  end
 
-    def munge(base64_string)
-      bits = ActiveSupport::Base64.decode64(base64_string)
-      bits.reverse!
-      ActiveSupport::Base64.encode64s(bits)
+  def assert_not_verified(value)
+    assert_raise(ActiveSupport::MessageVerifier::InvalidSignature) do
+      @encryptor.decrypt_and_verify(value)
     end
-end
+  end
 
+  def munge(base64_string)
+    bits = ActiveSupport::Base64.decode64(base64_string)
+    bits.reverse!
+    ActiveSupport::Base64.encode64s(bits)
+  end
 end
+
+end
\ No newline at end of file