Class ActiveSupport::MessageEncryptor
In: vendor/rails/activesupport/lib/active_support/message_encryptor.rb
Parent: Object

MessageEncryptor is a simple way to encrypt values which get stored somewhere you don‘t trust.

The cipher text and initialization vector are base64 encoded and returned to you.

This can be used in situations similar to the MessageVerifier, but where you don‘t want users to be able to determine the value of the payload.

Methods

Classes and Modules

Class ActiveSupport::MessageEncryptor::InvalidMessage

Constants

OpenSSLCipherError = OpenSSL::Cipher.const_defined?(:CipherError) ? OpenSSL::Cipher::CipherError : OpenSSL::CipherError

Public Class methods

[Source]

    # File vendor/rails/activesupport/lib/active_support/message_encryptor.rb, line 15
15:     def initialize(secret, cipher = 'aes-256-cbc')
16:       @secret = secret
17:       @cipher = cipher
18:     end

Public Instance methods

[Source]

    # File vendor/rails/activesupport/lib/active_support/message_encryptor.rb, line 35
35:     def decrypt(encrypted_message)
36:       cipher = new_cipher
37:       encrypted_data, iv = encrypted_message.split("--").map {|v| ActiveSupport::Base64.decode64(v)}
38:       
39:       cipher.decrypt
40:       cipher.key = @secret
41:       cipher.iv  = iv
42: 
43:       decrypted_data = cipher.update(encrypted_data)
44:       decrypted_data << cipher.final
45:       
46:       Marshal.load(decrypted_data)
47:     rescue OpenSSLCipherError, TypeError
48:       raise InvalidMessage
49:     end

[Source]

    # File vendor/rails/activesupport/lib/active_support/message_encryptor.rb, line 55
55:     def decrypt_and_verify(value)
56:       decrypt(verifier.verify(value))
57:     end

[Source]

    # File vendor/rails/activesupport/lib/active_support/message_encryptor.rb, line 20
20:     def encrypt(value)
21:       cipher = new_cipher
22:       # Rely on OpenSSL for the initialization vector
23:       iv = cipher.random_iv
24:       
25:       cipher.encrypt 
26:       cipher.key = @secret
27:       cipher.iv  = iv
28:       
29:       encrypted_data = cipher.update(Marshal.dump(value)) 
30:       encrypted_data << cipher.final
31: 
32:       [encrypted_data, iv].map {|v| ActiveSupport::Base64.encode64s(v)}.join("--")
33:     end

[Source]

    # File vendor/rails/activesupport/lib/active_support/message_encryptor.rb, line 51
51:     def encrypt_and_sign(value)
52:       verifier.generate(encrypt(value))
53:     end

[Validate]