Allow iodata in AAD

lib/plug/crypto/message_encryptor.ex

@@ -34,7 +34,7 @@ defmodule Plug.Crypto.MessageEncryptor do
   It defaults to "A128GCM" for backwards compatibility.
   """
   def encrypt(message, aad \\ "A128GCM", secret, sign_secret)
-      when is_binary(message) and is_binary(aad) and byte_size(secret) > 0 and
+      when is_binary(message) and (is_binary(aad) or is_list(aad)) and byte_size(secret) > 0 and
              is_binary(sign_secret) do
     aes128_gcm_encrypt(message, aad, secret, sign_secret)
   rescue
@@ -45,7 +45,7 @@ defmodule Plug.Crypto.MessageEncryptor do
   Decrypts a message using authenticated encryption.
   """
   def decrypt(encrypted, aad \\ "A128GCM", secret, sign_secret)
-      when is_binary(encrypted) and is_binary(aad) and byte_size(secret) > 0 and
+      when is_binary(encrypted) and (is_binary(aad) or is_list(aad)) and byte_size(secret) > 0 and
              is_binary(sign_secret) do
     aes128_gcm_decrypt(encrypted, aad, secret, sign_secret)
   rescue

test/plug/crypto/message_encryptor_test.exs

@@ -11,7 +11,7 @@ defmodule Plug.Crypto.MessageEncryptorTest do
 
   test "it encrypts/decrypts a message" do
     data = <<0, "hełłoworld", 0>>
-    encrypted = ME.encrypt(<<0, "hełłoworld", 0>>, "right aad", @right, @right)
+    encrypted = ME.encrypt(data, "right aad", @right, @right)
 
     decrypted = ME.decrypt(encrypted, "right aad", @wrong, @wrong)
     assert decrypted == :error
@@ -29,6 +29,12 @@ defmodule Plug.Crypto.MessageEncryptorTest do
     assert decrypted == {:ok, data}
   end
 
+  test "it encrypts/decrypts with iodata aad" do
+    data = <<0, "hełłoworld", 0>>
+    encrypted = ME.encrypt(data, ["right", ?\s, "aad"], @right, @right)
+    assert ME.decrypt(encrypted, ["right", ?\s, "aad"], @right, @right) == {:ok, data}
+  end
+
   test "it uses only the first 32 bytes to encrypt/decrypt" do
     data = <<0, "helloworld", 0>>
     encrypted = ME.encrypt(<<0, "helloworld", 0>>, @large, @large)