diff options
author | Kasper Timm Hansen <kaspth@gmail.com> | 2017-09-24 20:06:38 +0200 |
---|---|---|
committer | Kasper Timm Hansen <kaspth@gmail.com> | 2017-09-24 21:00:03 +0200 |
commit | b5aa2e0c495b310cbef90b2185ef28cd00745b23 (patch) | |
tree | d2137a7daf3328540dfb01e973d6585478ffeb3d /activesupport/test/message_encryptor_test.rb | |
parent | 20ba2e762ceab098371122b0c02b4a90239d2ace (diff) | |
download | rails-b5aa2e0c495b310cbef90b2185ef28cd00745b23.tar.gz rails-b5aa2e0c495b310cbef90b2185ef28cd00745b23.tar.bz2 rails-b5aa2e0c495b310cbef90b2185ef28cd00745b23.zip |
Remove advanced key generator rotations from verifier/encryptor.
Noticed that verifiers and encryptors never once mentioned key generators
and salts but only concerned themselves with generated secrets.
Clears up the confusing naming around raw_key and secret as well. And
makes the rotation API follow the constructor signature to the letter.
Diffstat (limited to 'activesupport/test/message_encryptor_test.rb')
-rw-r--r-- | activesupport/test/message_encryptor_test.rb | 128 |
1 files changed, 34 insertions, 94 deletions
diff --git a/activesupport/test/message_encryptor_test.rb b/activesupport/test/message_encryptor_test.rb index 915038c854..8fde3928dc 100644 --- a/activesupport/test/message_encryptor_test.rb +++ b/activesupport/test/message_encryptor_test.rb @@ -115,134 +115,70 @@ class MessageEncryptorTest < ActiveSupport::TestCase assert_equal "Ruby on Rails", encryptor.decrypt_and_verify(encrypted_message) end - def test_with_rotated_raw_key - old_raw_key = SecureRandom.random_bytes(32) - old_encryptor = ActiveSupport::MessageEncryptor.new(old_raw_key, cipher: "aes-256-gcm") - old_message = old_encryptor.encrypt_and_sign("message encrypted with old raw key") + def test_rotating_secret + old_message = ActiveSupport::MessageEncryptor.new(secrets[:old], cipher: "aes-256-gcm").encrypt_and_sign("old") encryptor = ActiveSupport::MessageEncryptor.new(@secret, cipher: "aes-256-gcm") - encryptor.rotate raw_key: old_raw_key + encryptor.rotate secrets[:old] - assert_equal "message encrypted with old raw key", encryptor.decrypt_and_verify(old_message) + assert_equal "old", encryptor.decrypt_and_verify(old_message) end def test_rotating_serializer - old_raw_key = SecureRandom.random_bytes(32) - - old_message = ActiveSupport::MessageEncryptor.new(old_raw_key, cipher: "aes-256-gcm", serializer: JSON). + old_message = ActiveSupport::MessageEncryptor.new(secrets[:old], cipher: "aes-256-gcm", serializer: JSON). encrypt_and_sign(ahoy: :hoy) encryptor = ActiveSupport::MessageEncryptor.new(@secret, cipher: "aes-256-gcm", serializer: JSON) - encryptor.rotate raw_key: old_raw_key + encryptor.rotate secrets[:old] assert_equal({ "ahoy" => "hoy" }, encryptor.decrypt_and_verify(old_message)) end - def test_with_rotated_secret_and_salt - old_secret, old_salt = SecureRandom.random_bytes(32), "old salt" - old_raw_key = ActiveSupport::KeyGenerator.new(old_secret, iterations: 1000).generate_key(old_salt, 32) - - old_encryptor = ActiveSupport::MessageEncryptor.new(old_raw_key, cipher: "aes-256-gcm") - old_message = old_encryptor.encrypt_and_sign("message encrypted with old secret and salt") - - encryptor = ActiveSupport::MessageEncryptor.new(@secret, cipher: "aes-256-gcm") - encryptor.rotate secret: old_secret, salt: old_salt - - assert_equal "message encrypted with old secret and salt", encryptor.decrypt_and_verify(old_message) - end - - def test_with_rotated_key_generator - old_key_gen, old_salt = ActiveSupport::KeyGenerator.new(SecureRandom.random_bytes(32), iterations: 256), "old salt" - - old_raw_key = old_key_gen.generate_key(old_salt, 32) - old_encryptor = ActiveSupport::MessageEncryptor.new(old_raw_key, cipher: "aes-256-gcm") - old_message = old_encryptor.encrypt_and_sign("message encrypted with old key generator and salt") - - encryptor = ActiveSupport::MessageEncryptor.new(@secret, cipher: "aes-256-gcm") - encryptor.rotate key_generator: old_key_gen, salt: old_salt - - assert_equal "message encrypted with old key generator and salt", encryptor.decrypt_and_verify(old_message) - end - - def test_with_rotated_aes_cbc_encryptor_with_raw_keys - old_raw_key, old_raw_signed_key = SecureRandom.random_bytes(32), SecureRandom.random_bytes(16) - - old_encryptor = ActiveSupport::MessageEncryptor.new(old_raw_key, old_raw_signed_key, cipher: "aes-256-cbc", digest: "SHA1") - old_message = old_encryptor.encrypt_and_sign("message encrypted with old raw keys") - - encryptor = ActiveSupport::MessageEncryptor.new(@secret) - encryptor.rotate raw_key: old_raw_key, raw_signed_key: old_raw_signed_key, cipher: "aes-256-cbc", digest: "SHA1" - - assert_equal "message encrypted with old raw keys", encryptor.decrypt_and_verify(old_message) - end - - def test_with_rotated_aes_cbc_encryptor_with_secret_and_salts - old_secret, old_salt, old_signed_salt = SecureRandom.random_bytes(32), "old salt", "old signed salt" - - old_key_gen = ActiveSupport::KeyGenerator.new(old_secret, iterations: 1000) - old_raw_key = old_key_gen.generate_key(old_salt, 32) - old_raw_signed_key = old_key_gen.generate_key(old_signed_salt) - - old_encryptor = ActiveSupport::MessageEncryptor.new(old_raw_key, old_raw_signed_key, cipher: "aes-256-cbc", digest: "SHA1") - old_message = old_encryptor.encrypt_and_sign("message encrypted with old secret and salts") + def test_rotating_aes_cbc_secrets + old_encryptor = ActiveSupport::MessageEncryptor.new(secrets[:old], "old sign", cipher: "aes-256-cbc") + old_message = old_encryptor.encrypt_and_sign("old") encryptor = ActiveSupport::MessageEncryptor.new(@secret) - encryptor.rotate secret: old_secret, salt: old_salt, signed_salt: old_signed_salt, cipher: "aes-256-cbc", digest: "SHA1" + encryptor.rotate secrets[:old], "old sign", cipher: "aes-256-cbc" - assert_equal "message encrypted with old secret and salts", encryptor.decrypt_and_verify(old_message) + assert_equal "old", encryptor.decrypt_and_verify(old_message) end - def test_with_rotating_multiple_encryptors - older_raw_key, older_raw_signed_key = SecureRandom.random_bytes(32), SecureRandom.random_bytes(16) - old_raw_key, old_raw_signed_key = SecureRandom.random_bytes(32), SecureRandom.random_bytes(16) - - older_encryptor = ActiveSupport::MessageEncryptor.new(older_raw_key, older_raw_signed_key, cipher: "aes-256-cbc", digest: "SHA1") - older_message = older_encryptor.encrypt_and_sign("message encrypted with older raw key") - - old_encryptor = ActiveSupport::MessageEncryptor.new(old_raw_key, old_raw_signed_key, cipher: "aes-256-cbc", digest: "SHA1") - old_message = old_encryptor.encrypt_and_sign("message encrypted with old raw key") + def test_multiple_rotations + older_message = ActiveSupport::MessageEncryptor.new(secrets[:older], "older sign").encrypt_and_sign("older") + old_message = ActiveSupport::MessageEncryptor.new(secrets[:old], "old sign").encrypt_and_sign("old") encryptor = ActiveSupport::MessageEncryptor.new(@secret) - encryptor.rotate raw_key: old_raw_key, raw_signed_key: old_raw_signed_key, cipher: "aes-256-cbc", digest: "SHA1" - encryptor.rotate raw_key: older_raw_key, raw_signed_key: older_raw_signed_key, cipher: "aes-256-cbc", digest: "SHA1" + encryptor.rotate secrets[:old], "old sign" + encryptor.rotate secrets[:older], "older sign" - assert_equal "encrypted message", encryptor.decrypt_and_verify(encryptor.encrypt_and_sign("encrypted message")) - assert_equal "message encrypted with old raw key", encryptor.decrypt_and_verify(old_message) - assert_equal "message encrypted with older raw key", encryptor.decrypt_and_verify(older_message) + assert_equal "new", encryptor.decrypt_and_verify(encryptor.encrypt_and_sign("new")) + assert_equal "old", encryptor.decrypt_and_verify(old_message) + assert_equal "older", encryptor.decrypt_and_verify(older_message) end - def test_on_rotation_instance_callback_is_called_and_returns_modified_messages - callback_ran, message = nil, nil - - older_raw_key, older_raw_signed_key = SecureRandom.random_bytes(32), SecureRandom.random_bytes(16) - old_raw_key, old_raw_signed_key = SecureRandom.random_bytes(32), SecureRandom.random_bytes(16) - - older_encryptor = ActiveSupport::MessageEncryptor.new(older_raw_key, older_raw_signed_key, cipher: "aes-256-cbc", digest: "SHA1") - older_message = older_encryptor.encrypt_and_sign(encoded: "message") + def test_on_rotation_is_called_and_returns_modified_messages + older_message = ActiveSupport::MessageEncryptor.new(secrets[:older], "older sign").encrypt_and_sign(encoded: "message") encryptor = ActiveSupport::MessageEncryptor.new(@secret) - encryptor.rotate raw_key: old_raw_key, raw_signed_key: old_raw_signed_key, cipher: "aes-256-cbc", digest: "SHA1" - encryptor.rotate raw_key: older_raw_key, raw_signed_key: older_raw_signed_key, cipher: "aes-256-cbc", digest: "SHA1" + encryptor.rotate secrets[:old] + encryptor.rotate secrets[:older], "older sign" - message = encryptor.decrypt_and_verify(older_message, on_rotation: proc { callback_ran = true }) + rotated = false + message = encryptor.decrypt_and_verify(older_message, on_rotation: proc { rotated = true }) - assert callback_ran, "callback was ran" assert_equal({ encoded: "message" }, message) + assert rotated end def test_with_rotated_metadata - old_secret, old_salt = SecureRandom.random_bytes(32), "old salt" - old_raw_key = ActiveSupport::KeyGenerator.new(old_secret, iterations: 1000).generate_key(old_salt, 32) - - old_encryptor = ActiveSupport::MessageEncryptor.new(old_raw_key, cipher: "aes-256-gcm") - old_message = old_encryptor.encrypt_and_sign( - "message encrypted with old secret, salt, and metadata", purpose: "rotation") + old_message = ActiveSupport::MessageEncryptor.new(secrets[:old], cipher: "aes-256-gcm"). + encrypt_and_sign("metadata", purpose: :rotation) encryptor = ActiveSupport::MessageEncryptor.new(@secret, cipher: "aes-256-gcm") - encryptor.rotate secret: old_secret, salt: old_salt + encryptor.rotate secrets[:old] - assert_equal "message encrypted with old secret, salt, and metadata", - encryptor.decrypt_and_verify(old_message, purpose: "rotation") + assert_equal "metadata", encryptor.decrypt_and_verify(old_message, purpose: :rotation) end private @@ -264,6 +200,10 @@ class MessageEncryptorTest < ActiveSupport::TestCase end end + def secrets + @secrets ||= Hash.new { |h,k| h[k] = SecureRandom.random_bytes(32) } + end + def munge(base64_string) bits = ::Base64.strict_decode64(base64_string) bits.reverse! |