spec/symmetric_spec.rb in slosilo-0.0.0 vs spec/symmetric_spec.rb in slosilo-0.1.2

@@ -1,94 +1,51 @@
 require 'spec_helper'
 
 describe Slosilo::Symmetric do
   # TODO transform it to class methods only?
   let(:plaintext) { "quick brown fox jumped over the lazy dog" }
-  let(:auth_data) { "some record id" }
-  let(:key) { "^\xBAIv\xDB1\x0Fi\x04\x11\xFD\x14\xA7\xCD\xDFf\x93\xFE\x93}\v\x01\x11\x98\x14\xE0;\xC1\xE2 v\xA5".force_encoding("ASCII-8BIT") }
-  let(:iv) { "\xD9\xABn\x01b\xFA\xBD\xC2\xE5\xEA\x01\xAC".force_encoding("ASCII-8BIT") }
-  let(:ciphertext) { "G^W1\x9C\xD4\xCC\x87\xD3\xFF\x86[\x0E3\xC0\xC8^\xD9\xABn\x01b\xFA\xBD\xC2\xE5\xEA\x01\xAC\x9E\xB9:\xF7\xD4ebeq\xDC \xC0sG\xA4\xAE,\xB8A|\x97\xBC\xFD\x85\xE1\xB93\x95>\xBD\n\x05\xFB\x15\x1F\x06#3M9".force_encoding('ASCII-8BIT') }
-
+  let(:key) { "^\xBAIv\xDB1\x0Fi\x04\x11\xFD\x14\xA7\xCD\xDFf\x93\xFE\x93}\v\x01\x11\x98\x14\xE0;\xC1\xE2 v\xA5" }
+  let(:iv) { "\xA1\xFA#z\x16\x80R\xCC|\x0Fyc\xB7j\x17\xED" }
+  let(:ciphertext) { "\xA1\xFA#z\x16\x80R\xCC|\x0Fyc\xB7j\x17\xED\x15\xC9r\xC9\xEE\xB9\xBC5\xB7\ni\x0F\f\xC8X\x80 h\a\xF4\xA6\xE3\x15\x9D\xF1-\xE5\bs\xF6\x02Z\x0F\xCD|S\x1A\xAA\x9At\xEFT\x17\xA5lT\x8C\xF3" }
   describe '#encrypt' do
-    it "encrypts with AES-256-GCM" do
-      allow(subject).to receive_messages random_iv: iv
-      expect(subject.encrypt(plaintext, key: key, aad: auth_data)).to eq(ciphertext)
+    it "encrypts with AES-256-CBC" do
+      subject.stub random_iv: iv
+      subject.encrypt(plaintext, key: key).should == ciphertext
     end
   end
-
+  
   describe '#decrypt' do
-
-    it "doesn't fail when called by multiple threads" do
-      threads = []
-
-      begin
-        # Verify we can successfuly decrypt using many threads without OpenSSL
-        # errors.
-        1000.times do
-          threads << Thread.new do
-            100.times do
-              expect(
-                subject.decrypt(ciphertext, key: key, aad: auth_data)
-              ).to eq(plaintext)
-            end
-          end
-        end
-      ensure
-        threads.each(&:join)
-      end
+    it "decrypts with AES-256-CBC" do
+      subject.decrypt(ciphertext, key: key).should == plaintext
     end
-
-    it "decrypts with AES-256-GCM" do
-      expect(subject.decrypt(ciphertext, key: key, aad: auth_data)).to eq(plaintext)
-    end
-
-
-    context "when the ciphertext has been messed with" do
-      let(:ciphertext) {  "pwnd!" } # maybe we should do something more realistic like add some padding?
-      it "raises an exception" do
-        expect{ subject.decrypt(ciphertext, key: key, aad: auth_data)}.to raise_exception /Invalid version/
+    
+    context "when ciphertext happens to end in a zero" do
+      let(:ciphertext) { "\x7F\xD6\xEAb\xE56\a\xD3\xC5\xF2J\n\x8C\x8Fg\xB7-\\\x8A\fh\x18\xC8\x91\xB9 \x97\xC9\x12\xE6\xA6\xAE\xB1I\x1E\x80\xAB\xD8\xDC\xBD\xB6\xCD\x9A\xA3MH\xA8\xB0\xC7\xDA\x87\xA7c\xD75,\xD2A\xB8\x9E\xE3o\x04\x00" }
+      let(:key) { "4pSuk1rAQyuHA5uUYaj0X0BsiPCFb9Nc8J03XA6V5/Y" }
+      it "works correctly" do
+        subject.decrypt(ciphertext, key: key).should == "R6KNTQ4aUivojbaqhgAqj1I4PaF8h/5/YcENy4uNbfk="
       end
-      context "by adding a trailing 0" do
-        let(:new_ciphertext){ ciphertext + '\0' }
-        it "raises an exception" do
-          expect{ subject.decrypt(new_ciphertext, key: key, aad: auth_data) }.to raise_exception /Invalid version/
-        end
-      end
     end
 
-    context "when no auth_data is given" do
-      let(:auth_data){""}
-      let(:ciphertext){ "Gm\xDAT\xE8I\x9F\xB7\xDC\xBB\x84\xD3Q#\x1F\xF4\x8C\aV\x93\x8F_\xC7\xBC87\xC9U\xF1\xAF\x8A\xD62\x1C5H\x86\x17\x19=B~Y*\xBC\x9D\eJeTx\x1F\x02l\t\t\xD3e\xA4\x11\x13y*\x95\x9F\xCD\xC4@\x9C"}
-
-      it "decrypts the message" do
-        expect(subject.decrypt(ciphertext, key: key, aad: auth_data)).to eq(plaintext)
+    context "when the iv ends in space" do
+      let(:ciphertext) { "\xC0\xDA#\xE9\xE1\xFD\xEDJ\xADs4P\xA9\xD6\x92 \xF7\xF8_M\xF6\x16\xC2i$\x8BT^\b\xA1\xB2L&\xE9\x80\x02[]6i\x9B\xD3\xC3\xED\xA9\xD1\x94\xE8\x15\xFD\xDA\xFEUj\xC5upH*\xBF\x82\x15le" }
+      let(:key) { "4pSuk1rAQyuHA5uUYaj0X0BsiPCFb9Nc8J03XA6V5/Y" }
+      it "works correctly" do
+        subject.decrypt(ciphertext, key: key).should == "zGptmL3vd4obi1vqSiWHt/Ias2k+6qDtuq9vdow8jNA="
       end
-
-      context "and the ciphertext has been messed with" do
-        it "raises an exception" do
-          expect{ subject.decrypt(ciphertext + "\0\0\0", key: key, aad: auth_data)}.to raise_exception OpenSSL::Cipher::CipherError
-        end
-      end
     end
-
-    context "when the auth data doesn't match" do
-      let(:auth_data){ "asdf" }
-      it "raises an exception" do
-        expect{ subject.decrypt(ciphertext, key: key, aad: auth_data)}.to raise_exception OpenSSL::Cipher::CipherError
-      end
-    end
   end
-
+  
   describe '#random_iv' do
     it "generates a random iv" do
-      expect_any_instance_of(OpenSSL::Cipher).to receive(:random_iv).and_return :iv
-      expect(subject.random_iv).to eq(:iv)
+      OpenSSL::Cipher.any_instance.should_receive(:random_iv).and_return :iv
+      subject.random_iv.should == :iv
     end
   end
 
   describe '#random_key' do
     it "generates a random key" do
-      expect_any_instance_of(OpenSSL::Cipher).to receive(:random_key).and_return :key
-      expect(subject.random_key).to eq(:key)
+      OpenSSL::Cipher.any_instance.should_receive(:random_key).and_return :key
+      subject.random_key.should == :key
     end
   end
 end