diff options
Diffstat (limited to 'activesupport/lib/active_support/message_encryptor.rb')
| -rw-r--r-- | activesupport/lib/active_support/message_encryptor.rb | 36 |
1 files changed, 18 insertions, 18 deletions
diff --git a/activesupport/lib/active_support/message_encryptor.rb b/activesupport/lib/active_support/message_encryptor.rb index 51fa626b45..4f7cd12d48 100644 --- a/activesupport/lib/active_support/message_encryptor.rb +++ b/activesupport/lib/active_support/message_encryptor.rb @@ -2,12 +2,12 @@ require 'openssl' require 'active_support/base64' module ActiveSupport - # MessageEncryptor is a simple way to encrypt values which get stored somewhere + # MessageEncryptor is a simple way to encrypt values which get stored somewhere # you don't trust. - # + # # The cipher text and initialization vector are base64 encoded and returned to you. # - # This can be used in situations similar to the MessageVerifier, but where you don't + # This can be used in situations similar to the <tt>MessageVerifier</tt>, but where you don't # want users to be able to determine the value of the payload. class MessageEncryptor class InvalidMessage < StandardError; end @@ -17,53 +17,53 @@ module ActiveSupport @secret = secret @cipher = cipher end - + def encrypt(value) cipher = new_cipher # Rely on OpenSSL for the initialization vector iv = cipher.random_iv - - cipher.encrypt + + cipher.encrypt cipher.key = @secret cipher.iv = iv - - encrypted_data = cipher.update(Marshal.dump(value)) + + encrypted_data = cipher.update(Marshal.dump(value)) encrypted_data << cipher.final [encrypted_data, iv].map {|v| ActiveSupport::Base64.encode64s(v)}.join("--") end - + def decrypt(encrypted_message) cipher = new_cipher encrypted_data, iv = encrypted_message.split("--").map {|v| ActiveSupport::Base64.decode64(v)} - + cipher.decrypt cipher.key = @secret cipher.iv = iv decrypted_data = cipher.update(encrypted_data) decrypted_data << cipher.final - + Marshal.load(decrypted_data) rescue OpenSSLCipherError, TypeError raise InvalidMessage end - + def encrypt_and_sign(value) verifier.generate(encrypt(value)) end - + def decrypt_and_verify(value) decrypt(verifier.verify(value)) end - - - - private + + + + private def new_cipher OpenSSL::Cipher::Cipher.new(@cipher) end - + def verifier MessageVerifier.new(@secret) end |