Fix decryption IV

presidentbeef · presidentbeef · commit 7e25fd0f6cdc · 2020-03-18T09:12:58.000-07:00
diff --git a/lib/encryption.rb b/lib/encryption.rb
@@ -15,7 +15,7 @@ def self.decrypt_sensitive_value(val = "")
      aes = OpenSSL::Cipher.new(cipher_type)
      aes.decrypt
      aes.key = key[0..31]
-     aes.iv = iv[0.15] if iv != nil
+     aes.iv = iv[0..15] if iv != nil
      decoded = Base64.strict_decode64("#{val}")
      aes.update("#{decoded}") + aes.final
   end
diff --git a/spec/lib/encryption_spec.rb b/spec/lib/encryption_spec.rb
@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+require "spec_helper"
+require_relative "../../lib/encryption"
+
+describe Encryption do
+  let(:value) {
+    allow(Encryption).to receive(:key).and_return(SecureRandom.bytes(32))
+    allow(Encryption).to receive(:iv).and_return(SecureRandom.bytes(16))
+
+    "OMG PII"
+  }
+
+  it "encrypts values" do
+    encrypted = Encryption.encrypt_sensitive_value(value)
+    expect(Base64.decode64(encrypted)).not_to eq(value)
+  end
+
+  it "decrypts values" do
+    encrypted = Encryption.encrypt_sensitive_value(value)
+    decrypted = Encryption.decrypt_sensitive_value(encrypted)
+
+    expect(decrypted).to eq(value)
+  end
+end
