ActiveSupport::MessageEncryptor

MessageEncryptor is a simple way to encrypt values which get stored somewhere you don’t trust.

The cipher text and initialization vector are base64 encoded and returned to you.

This can be used in situations similar to the MessageVerifier, but where you don’t want users to be able to determine the value of the payload.

Methods

D

decrypt,
decrypt_and_verify

E

encrypt,
encrypt_and_sign

N

Classes and Modules

CLASS ActiveSupport::MessageEncryptor::InvalidMessage

Constants

OpenSSLCipherError

OpenSSL::Cipher.const_defined?(:CipherError) ? OpenSSL::Cipher::CipherError : OpenSSL::CipherError

Class Public methods

new(secret, cipher = 'aes-256-cbc')

Source: show | on GitHub

    # File activesupport/lib/active_support/message_encryptor.rb, line 15
15:     def initialize(secret, cipher = 'aes-256-cbc')
16:       @secret = secret
17:       @cipher = cipher
18:     end

Instance Public methods

decrypt(encrypted_message)

Source: show | on GitHub

    # File activesupport/lib/active_support/message_encryptor.rb, line 35
35:     def decrypt(encrypted_message)
36:       cipher = new_cipher
37:       encrypted_data, iv = encrypted_message.split("--").map {|v| ActiveSupport::Base64.decode64(v)}
38:       
39:       cipher.decrypt
40:       cipher.key = @secret
41:       cipher.iv  = iv
42: 
43:       decrypted_data = cipher.update(encrypted_data)
44:       decrypted_data << cipher.final
45:       
46:       Marshal.load(decrypted_data)
47:     rescue OpenSSLCipherError, TypeError
48:       raise InvalidMessage
49:     end

decrypt_and_verify(value)

Source: show | on GitHub

    # File activesupport/lib/active_support/message_encryptor.rb, line 55
55:     def decrypt_and_verify(value)
56:       decrypt(verifier.verify(value))
57:     end

encrypt(value)

Source: show | on GitHub

    # File activesupport/lib/active_support/message_encryptor.rb, line 20
20:     def encrypt(value)
21:       cipher = new_cipher
22:       # Rely on OpenSSL for the initialization vector
23:       iv = cipher.random_iv
24:       
25:       cipher.encrypt 
26:       cipher.key = @secret
27:       cipher.iv  = iv
28:       
29:       encrypted_data = cipher.update(Marshal.dump(value)) 
30:       encrypted_data << cipher.final
31: 
32:       [encrypted_data, iv].map {|v| ActiveSupport::Base64.encode64s(v)}.join("--")
33:     end

encrypt_and_sign(value)

Source: show | on GitHub

    # File activesupport/lib/active_support/message_encryptor.rb, line 51
51:     def encrypt_and_sign(value)
52:       verifier.generate(encrypt(value))
53:     end

Class ActiveSupport::MessageEncryptor < Object