Test using GCM with IV option failing

Related to https://github.com/attr-encrypted/encryptor/pull/22 , https://github.com/attr-encrypted/encryptor/pull/22#issuecomment-250591572 and https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842432

Ruby version: 2.3.3
Debian bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=880276
Complete log: http://aws-logs.debian.net/2017/10/30/ruby-encryptor_3.0.0-1_unstable.log

Relevant Log
```
Run options: -v --seed 47501

# Running:

EncryptorTest#test_should_raise_argument_error_if_key_is_not_specified = 0.00 s = .
EncryptorTest#test_should_use_the_default_authentication_data_if_it_is_not_specified = 0.01 s = .
EncryptorTest#test_should_use_authentication_data_if_it_is_specified = 0.01 s = .
EncryptorTest#test_should_use_the_default_algorithm_if_one_is_not_specified = 0.01 s = .
EncryptorTest#test_should_use_iv_to_initialize_encryption = 0.01 s = .
EncryptorTest#test_should_yield_block_with_cipher_and_options = 0.00 s = .
EncryptorTest#test_should_raise_argument_error_if_iv_is_not_specified = 0.00 s = .
EncryptorTest#test_should_raise_argument_error_if_key_is_too_short = 0.00 s = .
EncryptorTest#test_should_have_a_default_algorithm = 0.00 s = .
EncryptorTest#test_should_raise_argument_error_if_iv_is_too_short = 0.00 s = .
LegacyEncryptorTest#test_should_raise_argument_error_if_key_is_not_specified = 0.00 s = .
LegacyEncryptorTest#test_should_use_the_default_algorithm_if_one_is_not_specified = 0.00 s = .
LegacyEncryptorTest#test_should_yield_block_with_cipher_and_options = 0.00 s = .
LegacyEncryptorTest#test_should_have_a_default_algorithm = 0.00 s = .
CompatibilityTest#test_encrypt_with_iv = 0.00 s = .
CompatibilityTest#test_ciphertext_encrypted_with_v2_decrypts_with_v2_gcm_iv_option = 0.00 s = E
CompatibilityTest#test_decrypt_without_iv = 0.00 s = .
CompatibilityTest#test_encrypt_with_iv_and_salt = 0.00 s = .
CompatibilityTest#test_encrypt_without_iv = 0.00 s = .
CompatibilityTest#test_decrypt_with_iv_and_salt = 0.00 s = .
CompatibilityTest#test_ciphertext_encrypted_with_v2_does_not_decrypt_without_v2_gcm_iv_option = 0.00 s = .
CompatibilityTest#test_decrypt_with_iv = 0.00 s = .

Finished in 0.051692s, 425.6001 runs/s, 696.4365 assertions/s.

  1) Error:
CompatibilityTest#test_ciphertext_encrypted_with_v2_decrypts_with_v2_gcm_iv_option:
OpenSSL::Cipher::CipherError: 
    /<<PKGBUILDDIR>>/lib/encryptor.rb:98:in `final'
    /<<PKGBUILDDIR>>/lib/encryptor.rb:98:in `crypt'
    /<<PKGBUILDDIR>>/lib/encryptor.rb:49:in `decrypt'
    /<<PKGBUILDDIR>>/test/compatibility_test.rb:98:in `test_ciphertext_encrypted_with_v2_decrypts_with_v2_gcm_iv_option'
    /usr/lib/ruby/vendor_ruby/minitest/test.rb:107:in `block (3 levels) in run'
    /usr/lib/ruby/vendor_ruby/minitest/test.rb:204:in `capture_exceptions'
    /usr/lib/ruby/vendor_ruby/minitest/test.rb:104:in `block (2 levels) in run'
    /usr/lib/ruby/vendor_ruby/minitest/test.rb:255:in `time_it'
    /usr/lib/ruby/vendor_ruby/minitest/test.rb:103:in `block in run'
    /usr/lib/ruby/vendor_ruby/minitest.rb:350:in `on_signal'
    /usr/lib/ruby/vendor_ruby/minitest/test.rb:275:in `with_info_handler'
    /usr/lib/ruby/vendor_ruby/minitest/test.rb:102:in `run'
    /usr/lib/ruby/vendor_ruby/minitest.rb:839:in `run_one_method'
    /usr/lib/ruby/vendor_ruby/minitest.rb:324:in `run_one_method'
    /usr/lib/ruby/vendor_ruby/minitest.rb:311:in `block (2 levels) in run'
    /usr/lib/ruby/vendor_ruby/minitest.rb:310:in `each'
    /usr/lib/ruby/vendor_ruby/minitest.rb:310:in `block in run'
    /usr/lib/ruby/vendor_ruby/minitest.rb:350:in `on_signal'
    /usr/lib/ruby/vendor_ruby/minitest.rb:337:in `with_info_handler'
    /usr/lib/ruby/vendor_ruby/minitest.rb:309:in `run'
    /usr/lib/ruby/vendor_ruby/minitest.rb:159:in `block in __run'
    /usr/lib/ruby/vendor_ruby/minitest.rb:159:in `map'
    /usr/lib/ruby/vendor_ruby/minitest.rb:159:in `__run'
    /usr/lib/ruby/vendor_ruby/minitest.rb:136:in `run'
    /usr/lib/ruby/vendor_ruby/minitest.rb:63:in `block in autorun'

22 runs, 36 assertions, 0 failures, 1 errors, 0 skips
rake aborted!
Command failed with status (1): [ruby -w -I"test"  "/usr/lib/ruby/vendor_ruby/rake/rake_test_loader.rb" "test/compatibility_test.rb" "test/encryptor_string_test.rb" "test/encryptor_test.rb" "test/legacy_encryptor_string_test.rb" "test/legacy_encryptor_test.rb" -v]
```

My understanding is that CVE-2016-7798 was fixed in Ruby 2.3.3 itself. And with https://github.com/attr-encrypted/encryptor/pull/22 , this was fixed also on encryptor end. I don't understand much of the code, but was the [comment](https://github.com/attr-encrypted/encryptor/pull/22#issuecomment-250594110)
> Hopefully there won't be too much fallout

actually anticipating something like the above log? If so, what can we do to fix it?

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Test using GCM with IV option failing #31

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Test using GCM with IV option failing #31

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions