# frozen_string_literal: false require 'test/unit' require 'securerandom' require 'tempfile' # This testcase does NOT aim to test cryptographically strongness and randomness. class TestSecureRandom < Test::Unit::TestCase def setup @it = SecureRandom end def test_s_random_bytes assert_equal(16, @it.random_bytes.size) assert_equal(Encoding::ASCII_8BIT, @it.random_bytes.encoding) 65.times do |idx| assert_equal(idx, @it.random_bytes(idx).size) end end # This test took 2 minutes on my machine. # And 65536 times loop could not be enough for forcing PID recycle. if false def test_s_random_bytes_is_fork_safe begin require 'openssl' rescue LoadError return end SecureRandom.random_bytes(8) pid, v1 = forking_random_bytes assert(check_forking_random_bytes(pid, v1), 'Process ID not recycled?') end def forking_random_bytes r, w = IO.pipe pid = fork { r.close w.write SecureRandom.random_bytes(8) w.close } w.close v = r.read(8) r.close Process.waitpid2(pid) [pid, v] end def check_forking_random_bytes(target_pid, target) 65536.times do pid = fork { if $$ == target_pid v2 = SecureRandom.random_bytes(8) if v2 == target exit(1) else exit(2) end end exit(3) } pid, status = Process.waitpid2(pid) case status.exitstatus when 1 raise 'returned same sequence for same PID' when 2 return true end end false # not recycled? end end def test_s_hex s = @it.hex assert_equal(16 * 2, s.size) assert_match(/\A\h+\z/, s) 33.times do |idx| s = @it.hex(idx) assert_equal(idx * 2, s.size) assert_match(/\A\h*\z/, s) end end def test_hex_encoding assert_equal(Encoding::US_ASCII, @it.hex.encoding) end def test_s_base64 assert_equal(16, @it.base64.unpack('m*')[0].size) 17.times do |idx| assert_equal(idx, @it.base64(idx).unpack('m*')[0].size) end end def test_s_urlsafe_base64 safe = /[\n+\/]/ 65.times do |idx| assert_not_match(safe, @it.urlsafe_base64(idx)) end # base64 can include unsafe byte assert((0..10000).any? {|idx| safe =~ @it.base64(idx)}, "None of base64(0..10000) is url-safe") end def test_s_random_number_float 101.times do v = @it.random_number assert_in_range(0.0...1.0, v) end end def test_s_random_number_float_by_zero 101.times do v = @it.random_number(0) assert_in_range(0.0...1.0, v) end end def test_s_random_number_int 101.times do |idx| next if idx.zero? v = @it.random_number(idx) assert_in_range(0...idx, v) end end def test_s_random_number_not_default msg = "SecureRandom#random_number should not be affected by srand" seed = srand(0) x = @it.random_number(1000) 10.times do|i| srand(0) return unless @it.random_number(1000) == x end srand(0) assert_not_equal(x, @it.random_number(1000), msg) ensure srand(seed) if seed end def test_uuid uuid = @it.uuid assert_equal(36, uuid.size) # Check time_hi_and_version and clock_seq_hi_res bits (RFC 4122 4.4) assert_equal('4', uuid[14]) assert_include(%w'8 9 a b', uuid[19]) assert_match(/\A\h{8}-\h{4}-\h{4}-\h{4}-\h{12}\z/, uuid) end def test_alphanumeric 65.times do |n| an = @it.alphanumeric(n) assert_match(/\A[0-9a-zA-Z]*\z/, an) assert_equal(n, an.length) end end def protect begin yield rescue NotImplementedError # ignore end end def remove_feature(basename) $LOADED_FEATURES.delete_if { |path| if File.basename(path) == basename $LOAD_PATH.any? { |dir| File.exist?(File.join(dir, basename)) } end } end def assert_in_range(range, result, mesg = nil) assert(range.cover?(result), message(mesg) {"Expected #{result} to be in #{range}"}) end def test_with_openssl begin require 'openssl' rescue LoadError return end assert_equal(Encoding::ASCII_8BIT, @it.send(:gen_random_openssl, 16).encoding) 65.times do |idx| assert_equal(idx, @it.send(:gen_random_openssl, idx).size) end end def test_repeated_gen_random assert_nothing_raised NoMethodError, '[ruby-core:92633] [Bug #15847]' do @it.gen_random(1) @it.gen_random(1) end end end