Merge pull request #29263 from assain/default_message_encryptor_to_gcm

Default Message Encryptor Cipher to AES-256-GCM From AES-256-CBC
author: Kasper Timm Hansen <kaspth@gmail.com> 2017-06-11 21:45:35 +0200
committer: GitHub <noreply@github.com> 2017-06-11 21:45:35 +0200
commit: 6d402c6bfab53489eaee57be4887725420588776 (patch)
tree: a518c964b678e7971f9f94225aea66d340fab891 /railties/lib
parent: 722a8b938dc573fc5557b6237a29d373e7f45c92 (diff)
parent: 7440bf44baea53de950093ebf9ee4e8a3ed71066 (diff)
download: rails-6d402c6bfab53489eaee57be4887725420588776.tar.gz
rails-6d402c6bfab53489eaee57be4887725420588776.tar.bz2
rails-6d402c6bfab53489eaee57be4887725420588776.zip
2 files changed, 8 insertions, 0 deletions
diff --git a/railties/lib/rails/application/configuration.rb b/railties/lib/rails/application/configuration.rb
index 4ffde6198a..fb635c6ae8 100644
--- a/railties/lib/rails/application/configuration.rb
+++ b/railties/lib/rails/application/configuration.rb
@@ -92,6 +92,10 @@ module Rails
             action_dispatch.use_authenticated_cookie_encryption = true
           end
 
+          if respond_to?(:active_support)
+            active_support.use_authenticated_message_encryption = true
+          end
+
         else
           raise "Unknown version #{target_version.to_s.inspect}"
         end
diff --git a/railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults_5_2.rb.tt b/railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults_5_2.rb.tt
index 900baa607a..3809936f9f 100644
--- a/railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults_5_2.rb.tt
+++ b/railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults_5_2.rb.tt
@@ -13,3 +13,7 @@
 # Use AES 256 GCM authenticated encryption for encrypted cookies.
 # Existing cookies will be converted on read then written with the new scheme.
 # Rails.application.config.action_dispatch.use_authenticated_cookie_encryption = true
+
+# Use AES-256-GCM authenticated encryption as default cipher for encrypting messages
+# instead of AES-256-CBC, when use_authenticated_message_encryption is set to true.
+# Rails.application.config.active_support.use_authenticated_message_encryption = true
author	Kasper Timm Hansen <kaspth@gmail.com>	2017-06-11 21:45:35 +0200
committer	GitHub <noreply@github.com>	2017-06-11 21:45:35 +0200
commit	6d402c6bfab53489eaee57be4887725420588776 (patch)
tree	a518c964b678e7971f9f94225aea66d340fab891 /railties/lib
parent	722a8b938dc573fc5557b6237a29d373e7f45c92 (diff)
parent	7440bf44baea53de950093ebf9ee4e8a3ed71066 (diff)
download	rails-6d402c6bfab53489eaee57be4887725420588776.tar.gz rails-6d402c6bfab53489eaee57be4887725420588776.tar.bz2 rails-6d402c6bfab53489eaee57be4887725420588776.zip