diff options
author | Bart de Water <bart.dewater@shopify.com> | 2017-07-09 11:17:47 -0400 |
---|---|---|
committer | Bart de Water <bart.dewater@shopify.com> | 2017-07-09 11:17:47 -0400 |
commit | 062283d9d321eae0008d71892e6e56e041f88827 (patch) | |
tree | 33e46023b3c6f037c5941f690c87f86967978ce1 /activesupport/lib/active_support | |
parent | 6189086c011a6ea6076c10d38da406e8f4065ac2 (diff) | |
download | rails-062283d9d321eae0008d71892e6e56e041f88827.tar.gz rails-062283d9d321eae0008d71892e6e56e041f88827.tar.bz2 rails-062283d9d321eae0008d71892e6e56e041f88827.zip |
[ci skip] update MessageEncryptor example to use the key length as returned by OpenSSL
Diffstat (limited to 'activesupport/lib/active_support')
-rw-r--r-- | activesupport/lib/active_support/message_encryptor.rb | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/activesupport/lib/active_support/message_encryptor.rb b/activesupport/lib/active_support/message_encryptor.rb index e576766c64..a1e1dc9a8c 100644 --- a/activesupport/lib/active_support/message_encryptor.rb +++ b/activesupport/lib/active_support/message_encryptor.rb @@ -13,11 +13,12 @@ module ActiveSupport # This can be used in situations similar to the <tt>MessageVerifier</tt>, but # where you don't want users to be able to determine the value of the payload. # - # salt = SecureRandom.random_bytes(64) - # key = ActiveSupport::KeyGenerator.new('password').generate_key(salt, 32) # => "\x89\xE0\x156\xAC..." - # crypt = ActiveSupport::MessageEncryptor.new(key) # => #<ActiveSupport::MessageEncryptor ...> - # encrypted_data = crypt.encrypt_and_sign('my secret data') # => "NlFBTTMwOUV5UlA1QlNEN2xkY2d6eThYWWh..." - # crypt.decrypt_and_verify(encrypted_data) # => "my secret data" + # len = ActiveSupport::MessageEncryptor.key_len + # salt = SecureRandom.random_bytes(len) + # key = ActiveSupport::KeyGenerator.new('password').generate_key(salt, len) # => "\x89\xE0\x156\xAC..." + # crypt = ActiveSupport::MessageEncryptor.new(key) # => #<ActiveSupport::MessageEncryptor ...> + # encrypted_data = crypt.encrypt_and_sign('my secret data') # => "NlFBTTMwOUV5UlA1QlNEN2xkY2d6eThYWWh..." + # crypt.decrypt_and_verify(encrypted_data) # => "my secret data" class MessageEncryptor class << self attr_accessor :use_authenticated_message_encryption #:nodoc: |