Merge pull request #8 from cheerful/ruby-2.4-and-above-support

Ruby 2.4+ Support

.travis.yml

@@ -1,20 +1,19 @@
 sudo: false
 language: ruby
 rvm:
-  - 1.8.7
-  - ree
-  - 1.9.2
-  - 1.9.3-p551
-  - 2.0.0-p598
   - 2.1.0
   - 2.1.5
   - 2.2.0
   - 2.2.1
   - 2.2.1-clang
+  - 2.4.3
+  - 2.5.5
+  - 2.6.2
   - ruby-head
   - ruby-head-clang
   - jruby-19mode
   - jruby-head
+bundler_args: --binstubs rake
 notifications:
   recipients:
     - thomas@slash7.com

README.md

@@ -20,7 +20,7 @@ that doesn't have other authentication or persistence mechanisms (like cookies):
   * Links that come with an expiration date (à la S3)
   * Mini-apps that don't persist data on the server
 
-Works with Ruby 1.8, 1.9 and 2.0.
+Works with Ruby 2.1+
 
 **Important**: As a general guideline, URL lengths shouldn't exceed about 2000
 characters in length, as URLs longer than that will not work in some browsers
@@ -29,7 +29,7 @@ with URLcrypt.
 
 **WORD OF WARNING: THERE IS NO GUARANTEE WHATSOEVER THAT THIS GEM IS ACTUALLY SECURE AND WORKS. USE AT YOUR OWN RISK.**
 
-URLcrypt is an extraction from [Freckle Time Tracking](http://letsfreckle.com/),
+URLcrypt is an extraction from [Noko Time Tracking](https://nokotime.com),
 where it is used to generate URLs for dynamically generated images in emails.
 
 Patches are welcome; please include tests!

lib/URLcrypt.rb

@@ -72,7 +72,7 @@ def self.encrypt(data)
     def self.cipher(mode)
       cipher = OpenSSL::Cipher.new('aes-256-cbc')
       cipher.send(mode)
-      cipher.key = @key
+      cipher.key = @key.byteslice(0,cipher.key_len)
       cipher
     end
 

test/URLcrypt_test.rb

@@ -1,37 +1,7 @@
 # encoding: utf-8
-require 'bundler'
-Bundler.require(:default, :test)
-
-require 'coveralls'
-Coveralls.wear!
-
-require 'test/unit'
-
-class TestURLcrypt < Test::Unit::TestCase
-
-  require 'URLcrypt'
-
-  def assert_bytes_equal(string1, string2)
-    bytes1 = string1.bytes.to_a.join(':')
-    bytes2 = string2.bytes.to_a.join(':')
-    assert_equal(bytes1, bytes2)
-  end
-
-  def assert_decoding(encoded, plain)
-    decoded = URLcrypt.decode(encoded)
-    assert_bytes_equal(plain, decoded)
-  end
-
-  def assert_encoding(encoded, plain)
-    actual = URLcrypt.encode(plain)
-    assert_bytes_equal(encoded, actual)
-  end
-
-  def assert_encode_and_decode(encoded, plain)
-    assert_encoding(encoded, plain)
-    assert_decoding(encoded, plain)
-  end
+require 'test_helper'
 
+class TestURLcrypt < TestClass
   def test_empty_string
     assert_encode_and_decode('', '')
   end
@@ -41,11 +11,11 @@ def test_encode
       '111gc86f4nxw5zj1b3qmhpb14n5h25l4m7111',
       "\0\0awesome \n ü string\0\0")
   end
-  
+
   def test_invalid_encoding
     assert_decoding('ZZZZZ', '')
   end
-  
+
   def test_arbitrary_byte_strings
     0.step(1500,17) do |n|
       original = (0..n).map{rand(256).chr}.join
@@ -55,10 +25,12 @@ def test_arbitrary_byte_strings
   end
 
   def test_encryption
-    # this key was generated via rake secret in a rails app, the pack() converts it into a byte array
-    URLcrypt::key =
-['d25883a27b9a639da85ea7e159b661218799c9efa63069fac13a6778c954fb6d721968887a19bdb01af8f59eb5a90d256bd9903355c20b0b4b39bf4048b9b17b'].pack('H*')
-
+    # pack() converts this secret into a byte array
+    secret = ['d25883a27b9a639da85ea7e159b661218799c9efa63069fac13a6778c954fb6d'].pack('H*')
+    URLcrypt::key = secret
+
+    assert_equal  OpenSSL::Cipher.new('aes-256-cbc').key_len, secret.bytesize
+
     original  = "hello world!"
     encrypted = URLcrypt::encrypt(original)
     assert_equal(URLcrypt::decrypt(encrypted), original)

test/regression_test.rb

@@ -0,0 +1,36 @@
+# encoding: utf-8
+class URLcryptRegressionTest < TestClass
+  def test_encryption_and_decryption
+    original = '{"some":"json_data","token":"dfsfsdfsdf"}'
+    encrypted = URLcrypt.encrypt(original)
+
+    encrypted = URLcrypt::encrypt(original)
+    assert_equal(URLcrypt::decrypt(encrypted), original)
+  end
+
+  def test_encryption_with_too_long_key
+    # this key was generated via rake secret in a rails app, the pack() converts it into a byte array
+    secret = ['d25883a27b9a639da85ea7e159b661218799c9efa63069fac13a6778c954fb6d721968887a19bdb01af8f59eb5a90d256bd9903355c20b0b4b39bf4048b9b17b'].pack('H*')
+    URLcrypt::key = secret
+
+    assert OpenSSL::Cipher.new('aes-256-cbc').key_len < secret.bytesize
+
+    original  = "hello world!"
+    encrypted = URLcrypt::encrypt(original)
+    assert_equal(URLcrypt::decrypt(encrypted), original)
+  end
+
+  def test_encryption_and_decryption_with_too_long_key
+    # this key was generated via rake secret in a rails app, the pack() converts it into a byte array
+    secret = ['d25883a27b9a639da85ea7e159b661218799c9efa63069fac13a6778c954fb6d721968887a19bdb01af8f59eb5a90d256bd9903355c20b0b4b39bf4048b9b17b'].pack('H*')
+    URLcrypt::key = secret
+
+    assert OpenSSL::Cipher.new('aes-256-cbc').key_len < secret.bytesize
+
+    original = '{"some":"json_data","token":"dfsfsdfsdf"}'
+    encrypted = URLcrypt.encrypt(original)
+
+    encrypted = URLcrypt::encrypt(original)
+    assert_equal(URLcrypt::decrypt(encrypted), original)
+  end
+end

test/test_helper.rb

@@ -0,0 +1,33 @@
+# encoding: utf-8
+require 'bundler'
+Bundler.require(:default, :test)
+
+require 'coveralls'
+Coveralls.wear!
+
+require 'test/unit'
+
+class TestClass < Test::Unit::TestCase
+  require 'URLcrypt'
+
+  def assert_bytes_equal(string1, string2)
+    bytes1 = string1.bytes.to_a.join(':')
+    bytes2 = string2.bytes.to_a.join(':')
+    assert_equal(bytes1, bytes2)
+  end
+
+  def assert_decoding(encoded, plain)
+    decoded = URLcrypt.decode(encoded)
+    assert_bytes_equal(plain, decoded)
+  end
+
+  def assert_encoding(encoded, plain)
+    actual = URLcrypt.encode(plain)
+    assert_bytes_equal(encoded, actual)
+  end
+
+  def assert_encode_and_decode(encoded, plain)
+    assert_encoding(encoded, plain)
+    assert_decoding(encoded, plain)
+  end
+end