$ docker run --rm --name validator-libsodium-usage-ruby-rbnacl-simplebox-distinct-ciphertexts-2732 -t --mount type=bind,src=/tmp/validator-status-libsodium-usage-ruby-rbnacl-simplebox-distinct-ciphertexts,dst=/validator/status validator-libsodium-shared bash -lc 'set -euo pipefail
/validator/tests/_shared/install_override_debs.sh
exec /validator/tests/_shared/run_library_tests.sh "$@"' validator-testcase libsodium usage-ruby-rbnacl-simplebox-distinct-ciphertexts -- bash -c 'PS4=$1; shift; set -x; source "$@"' validator-xtrace '__VALIDATOR_XTRACE__ ' /validator/tests/libsodium/tests/cases/usage/usage-ruby-rbnacl-simplebox-distinct-ciphertexts.sh
no override packages found; continuing with apt originals
key = ("\x42".b * RbNaCl::SecretBox.key_bytes)
box = RbNaCl::SimpleBox.from_secret_key(key)
plaintext = "validator simplebox distinct payload"

ciphertexts = Array.new(4) { box.encrypt(plaintext) }

ciphertexts.each_with_index do |ct, i|
  raise "ciphertext #{i} equals plaintext" if ct == plaintext
  raise "ciphertext #{i} too short: #{ct.bytesize}" if ct.bytesize <= plaintext.bytesize
end

distinct = ciphertexts.uniq
raise "expected distinct ciphertexts, got #{distinct.size}/#{ciphertexts.size}" \
  unless distinct.size == ciphertexts.size

ciphertexts.each_with_index do |ct, i|
  recovered = box.decrypt(ct)
  raise "decrypt mismatch at #{i}: #{recovered.inspect}" unless recovered == plaintext
end

puts "ok #{ciphertexts.size}"
'
ok 4