From f71b933767876228b1cb66172133889af3a497b9 Mon Sep 17 00:00:00 2001
From: Matthijs van Henten <matthijs+foo@technischepartij.nl>
Date: Tue, 18 Oct 2016 13:30:25 +0000
Subject: [PATCH] retrofit c9/crypt to accept arrays of secrets

---
 node_modules/c9/crypt.js      | 29 ++++++++++++++------
 node_modules/c9/crypt_test.js | 50 +++++++++++++++++++++++++++--------
 package.json                  |  2 +-
 3 files changed, 61 insertions(+), 20 deletions(-)

diff --git a/node_modules/c9/crypt.js b/node_modules/c9/crypt.js
index 9630bb53..638b974e 100644
--- a/node_modules/c9/crypt.js
+++ b/node_modules/c9/crypt.js
@@ -1,22 +1,35 @@
 var crypto = require("crypto");
 
 exports.crypt = function(sessionId, secret) {
+    secret = [].concat(secret);
+    secret = secret[1] || secret[0];
+
     var cipher = crypto.createCipher("aes256", secret);
+
     return (
-        cipher.update(sessionId, "ascii", "base64") + 
+        cipher.update(sessionId, "ascii", "base64") +
         cipher.final("base64")
     ).replace(/\=+$/, "");
 };
 
 exports.decrypt = function(encrypted, secret) {
-    var cipher = crypto.createDecipher("aes256", secret);
-    
-    var data = [
-        cipher.update(encrypted, "base64", "ascii"),
-        cipher.final("ascii")
-    ];
+    var secrets = [].concat(secret);
 
-    return data.join("").replace(/\=+$/, "");
+    var data;
+
+    for (var i = 0; i < secrets.length; i++) {
+        secret = secrets[i];
+        var cipher = crypto.createDecipher("aes256", secret);
+
+        try {
+            data = [
+                cipher.update(encrypted, "base64", "ascii"),
+                cipher.final("ascii")
+            ];
+        }
+        catch (err) { /** ignore failed decrypt **/ }
+        if (data) return data.join("").replace(/\=+$/, "");
+    }
 };
 
 exports.uid = function(length) {
diff --git a/node_modules/c9/crypt_test.js b/node_modules/c9/crypt_test.js
index 542f21e9..9c11861e 100644
--- a/node_modules/c9/crypt_test.js
+++ b/node_modules/c9/crypt_test.js
@@ -1,25 +1,53 @@
 "use strict";
-
 "use server";
 
+require("c9/inline-mocha")(module);
+
 var assert = require("assert");
 var crypt = require("./crypt");
 
-module.exports = {
-
-    name: "cookie crypt",
-    
-    "test encrpyt and decrypt should return input" : function() {
+describe("c9/crypt", function() {
+    it("encrpyt and decrypt should return input", function() {
         var sessionId = "vOcRVvhaBBauiYexVvWyJpPb.AqmabaXkhpmlR8AUkORJHu%2FB7WA57EsDqzled0VoKAg";
         var secret = "geheim";
-        
+
         assert.equal(crypt.crypt(sessionId, secret), "C+kRJ4UWhmjgqo7DVv31cJLfZ9LIPLZB7OuMdN8i07ZdZHKlusCClMKaqBEwHDiKH3uFKf8IUZOxoVHU6+eNrkLArr32HrBDLr8qfnKfAgY");
-        
+
         assert.equal(
             crypt.decrypt(crypt.crypt(sessionId, secret), secret),
             sessionId
         );
-    }
-};
+    });
 
-!module.parent && require("asyncjs").test.testcase(module.exports).exec();
+
+    it("Should accept an array for decrypt", function() {
+        var message = Math.random().toString(36);
+        var secret = "swordfish";
+
+        var crypted = crypt.crypt(message, secret);
+        var plaintext = crypt.decrypt(crypted, [Math.random().toString(36), Math.random().toString(36), secret]);
+
+        assert.equal(plaintext, message, "Got message back");
+    });
+
+    it("Should accept an array for crypt", function() {
+        var message = Math.random().toString(36);
+        var secret = ["letmein", "swordfish"];
+
+        var crypted = crypt.crypt(message, secret);
+        var plaintext = crypt.decrypt(crypted, secret);
+
+        assert.equal(plaintext, message, "Got message back");
+    });
+
+    it("Should prefer the #1st secret", function() {
+        var message = Math.random().toString(36);
+        var secret = ["letmein", "swordfish", "princess"];
+
+        var crypted = crypt.crypt(message, secret);
+
+        assert.ok(!crypt.decrypt(crypted, secret[0]), "String was not encrypted with the #1st secret");
+        assert.ok(!crypt.decrypt(crypted, secret[2]), "String was not encrypted with the #3rd secret");
+        assert.equal(crypt.decrypt(crypted, secret[1]), message, "Got message back");
+    });
+});
diff --git a/package.json b/package.json
index 44145cd5..aa57587b 100644
--- a/package.json
+++ b/package.json
@@ -95,7 +95,7 @@
         "c9.ide.imgeditor": "#612e75ef4f",
         "c9.ide.immediate": "#0b0ee744f9",
         "c9.ide.installer": "#2921efaf6d",
-        "c9.ide.language.python": "#9fba572b1a",
+        "c9.ide.language.python": "#e1b6ce0937",
         "c9.ide.language.go": "#6ce1c7a7ef",
         "c9.ide.navigate": "#5d5707058c",
         "c9.ide.newresource": "#981a408a7b",