| Class | ActiveSupport::MessageEncryptor |
| In: |
vendor/rails/activesupport/lib/active_support/message_encryptor.rb
|
| Parent: | Object |
MessageEncryptor is a simple way to encrypt values which get stored somewhere you don‘t trust.
The cipher text and initialization vector are base64 encoded and returned to you.
This can be used in situations similar to the MessageVerifier, but where you don‘t want users to be able to determine the value of the payload.
| OpenSSLCipherError | = | OpenSSL::Cipher.const_defined?(:CipherError) ? OpenSSL::Cipher::CipherError : OpenSSL::CipherError |
# File vendor/rails/activesupport/lib/active_support/message_encryptor.rb, line 15
15: def initialize(secret, cipher = 'aes-256-cbc')
16: @secret = secret
17: @cipher = cipher
18: end
# File vendor/rails/activesupport/lib/active_support/message_encryptor.rb, line 35
35: def decrypt(encrypted_message)
36: cipher = new_cipher
37: encrypted_data, iv = encrypted_message.split("--").map {|v| ActiveSupport::Base64.decode64(v)}
38:
39: cipher.decrypt
40: cipher.key = @secret
41: cipher.iv = iv
42:
43: decrypted_data = cipher.update(encrypted_data)
44: decrypted_data << cipher.final
45:
46: Marshal.load(decrypted_data)
47: rescue OpenSSLCipherError, TypeError
48: raise InvalidMessage
49: end
# File vendor/rails/activesupport/lib/active_support/message_encryptor.rb, line 55
55: def decrypt_and_verify(value)
56: decrypt(verifier.verify(value))
57: end
# File vendor/rails/activesupport/lib/active_support/message_encryptor.rb, line 20
20: def encrypt(value)
21: cipher = new_cipher
22: # Rely on OpenSSL for the initialization vector
23: iv = cipher.random_iv
24:
25: cipher.encrypt
26: cipher.key = @secret
27: cipher.iv = iv
28:
29: encrypted_data = cipher.update(Marshal.dump(value))
30: encrypted_data << cipher.final
31:
32: [encrypted_data, iv].map {|v| ActiveSupport::Base64.encode64s(v)}.join("--")
33: end