set message_encryptor default cipher to aes-256-gcm

- Introduce a method to select default cipher, and maintain backward compatibility
author: Assain <assainjaleel20@gmail.com> 2017-06-03 01:21:10 +0530
committer: Assain <assainjaleel20@gmail.com> 2017-06-12 00:29:16 +0530
commit: 7440bf44baea53de950093ebf9ee4e8a3ed71066 (patch)
tree: 18f3fd9748a64e06da43e59812e128b738785f5d /railties/lib
parent: d1d39710cc4c525ab8f515eba70cb9ab4134fc64 (diff)
download: rails-7440bf44baea53de950093ebf9ee4e8a3ed71066.tar.gz
rails-7440bf44baea53de950093ebf9ee4e8a3ed71066.tar.bz2
rails-7440bf44baea53de950093ebf9ee4e8a3ed71066.zip
2 files changed, 8 insertions, 0 deletions
diff --git a/railties/lib/rails/application/configuration.rb b/railties/lib/rails/application/configuration.rb
index 4ffde6198a..fb635c6ae8 100644
--- a/railties/lib/rails/application/configuration.rb
+++ b/railties/lib/rails/application/configuration.rb
@@ -92,6 +92,10 @@ module Rails
             action_dispatch.use_authenticated_cookie_encryption = true
           end
 
+          if respond_to?(:active_support)
+            active_support.use_authenticated_message_encryption = true
+          end
+
         else
           raise "Unknown version #{target_version.to_s.inspect}"
         end
diff --git a/railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults_5_2.rb.tt b/railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults_5_2.rb.tt
index 900baa607a..3809936f9f 100644
--- a/railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults_5_2.rb.tt
+++ b/railties/lib/rails/generators/rails/app/templates/config/initializers/new_framework_defaults_5_2.rb.tt
@@ -13,3 +13,7 @@
 # Use AES 256 GCM authenticated encryption for encrypted cookies.
 # Existing cookies will be converted on read then written with the new scheme.
 # Rails.application.config.action_dispatch.use_authenticated_cookie_encryption = true
+
+# Use AES-256-GCM authenticated encryption as default cipher for encrypting messages
+# instead of AES-256-CBC, when use_authenticated_message_encryption is set to true.
+# Rails.application.config.active_support.use_authenticated_message_encryption = true
author	Assain <assainjaleel20@gmail.com>	2017-06-03 01:21:10 +0530
committer	Assain <assainjaleel20@gmail.com>	2017-06-12 00:29:16 +0530
commit	7440bf44baea53de950093ebf9ee4e8a3ed71066 (patch)
tree	18f3fd9748a64e06da43e59812e128b738785f5d /railties/lib
parent	d1d39710cc4c525ab8f515eba70cb9ab4134fc64 (diff)
download	rails-7440bf44baea53de950093ebf9ee4e8a3ed71066.tar.gz rails-7440bf44baea53de950093ebf9ee4e8a3ed71066.tar.bz2 rails-7440bf44baea53de950093ebf9ee4e8a3ed71066.zip