Allow upper case algorithm name

lib/onelogin/ruby-saml/utils.rb

@@ -37,10 +37,10 @@ def self.is_cert_expired(cert)
       #                            current time.
       #
       # @return [Integer] The new timestamp, after the duration is applied.
-      # 
+      #
       def self.parse_duration(duration, timestamp=Time.now.utc)
         matches = duration.match(DURATION_FORMAT)
-      
+
         if matches.nil?
           raise Exception.new("Invalid ISO 8601 duration")
         end
@@ -296,9 +296,9 @@ def self.retrieve_plaintext(cipher_text, symmetric_key, algorithm)
           when 'http://www.w3.org/2001/04/xmlenc#aes128-cbc' then cipher = OpenSSL::Cipher.new('AES-128-CBC').decrypt
           when 'http://www.w3.org/2001/04/xmlenc#aes192-cbc' then cipher = OpenSSL::Cipher.new('AES-192-CBC').decrypt
           when 'http://www.w3.org/2001/04/xmlenc#aes256-cbc' then cipher = OpenSSL::Cipher.new('AES-256-CBC').decrypt
-          when 'http://www.w3.org/2009/xmlenc11#aes128-gcm' then auth_cipher = OpenSSL::Cipher.new('AES-128-GCM').decrypt
-          when 'http://www.w3.org/2009/xmlenc11#aes192-gcm' then auth_cipher = OpenSSL::Cipher.new('AES-192-GCM').decrypt
-          when 'http://www.w3.org/2009/xmlenc11#aes256-gcm' then auth_cipher = OpenSSL::Cipher.new('AES-256-GCM').decrypt
+          when 'http://www.w3.org/2009/xmlenc11#aes128-gcm' then auth_cipher = OpenSSL::Cipher.new('aes-128-gcm').decrypt
+          when 'http://www.w3.org/2009/xmlenc11#aes192-gcm' then auth_cipher = OpenSSL::Cipher.new('aes-192-gcm').decrypt
+          when 'http://www.w3.org/2009/xmlenc11#aes256-gcm' then auth_cipher = OpenSSL::Cipher.new('aes-256-gcm').decrypt
           when 'http://www.w3.org/2001/04/xmlenc#rsa-1_5' then rsa = symmetric_key
           when 'http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p' then oaep = symmetric_key
         end

test/utils_test.rb

@@ -47,7 +47,6 @@ class UtilsTest < Minitest::Test
       invalid_chained_certificate1 = read_certificate("invalid_chained_certificate1")
       assert_equal formatted_chained_certificate, OneLogin::RubySaml::Utils.format_cert(invalid_chained_certificate1)
     end
-
   end
 
   describe ".format_private_key" do
@@ -157,6 +156,36 @@ class UtilsTest < Minitest::Test
     end
   end
 
+  describe "#retrieve_plaintext" do
+    it "uses the correct cipher with algorithm" do
+      cipher_text = ''
+      symmetric_key = ''
+      algorithm = 'http://www.w3.org/2001/04/xmlenc#aes128-cbc'
+
+      cipher = stub(decrypt: nil)
+
+      OpenSSL::Cipher.expects(:new).with('AES-128-CBC').returns(cipher)
+
+      retrieve_plaintext = OneLogin::RubySaml::Utils.retrieve_plaintext(cipher_text, symmetric_key, algorithm)
+
+      assert_equal '', retrieve_plaintext
+    end
+
+    it "uses the correct cipher with upcase algorithm" do
+      cipher_text = ''
+      symmetric_key = ''
+      algorithm = 'http://www.w3.org/2009/xmlenc11#aes256-gcm'
+
+      cipher = stub(decrypt: nil)
+
+      OpenSSL::Cipher.expects(:new).with('aes-256-gcm').returns(cipher)
+
+      retrieve_plaintext = OneLogin::RubySaml::Utils.retrieve_plaintext(cipher_text, symmetric_key, algorithm)
+
+      assert_equal '', retrieve_plaintext
+    end
+  end
+
   describe "Utils" do
 
     describe ".uuid" do
@@ -253,7 +282,6 @@ class UtilsTest < Minitest::Test
         element = REXML::Document.new('<element></element>').elements.first
         assert_equal '', OneLogin::RubySaml::Utils.element_text(element)
       end
-
     end
   end
 end