1 files changed, 15 insertions, 13 deletions

diff --git a/activesupport/lib/active_support/message_encryptor.rb b/activesupport/lib/active_support/message_encryptor.rb
index b7dc0689b0..92ab6fe648 100644
--- a/activesupport/lib/active_support/message_encryptor.rb
+++ b/activesupport/lib/active_support/message_encryptor.rb
@@ -1,5 +1,6 @@
 require 'openssl'
 require 'base64'
+require 'active_support/core_ext/array/extract_options'
 
 module ActiveSupport
   # MessageEncryptor is a simple way to encrypt values which get stored
@@ -11,10 +12,11 @@ module ActiveSupport
   # This can be used in situations similar to the <tt>MessageVerifier</tt>, but
   # where you don't want users to be able to determine the value of the payload.
   #
-  #   key = OpenSSL::Digest::SHA256.new('password').digest        # => "\x89\xE0\x156\xAC..."
-  #   crypt = ActiveSupport::MessageEncryptor.new(key)            # => #<ActiveSupport::MessageEncryptor ...>
-  #   encrypted_data = crypt.encrypt_and_sign('my secret data')   # => "NlFBTTMwOUV5UlA1QlNEN2xkY2d6eThYWWh..."
-  #   crypt.decrypt_and_verify(encrypted_data)                    # => "my secret data"
+  #   salt  = SecureRandom.random_bytes(64)
+  #   key   = ActiveSupport::KeyGenerator.new('password').generate_key(salt) # => "\x89\xE0\x156\xAC..."
+  #   crypt = ActiveSupport::MessageEncryptor.new(key)                       # => #<ActiveSupport::MessageEncryptor ...>
+  #   encrypted_data = crypt.encrypt_and_sign('my secret data')              # => "NlFBTTMwOUV5UlA1QlNEN2xkY2d6eThYWWh..."
+  #   crypt.decrypt_and_verify(encrypted_data)                               # => "my secret data"
   class MessageEncryptor
     module NullSerializer #:nodoc:
       def self.load(value)
@@ -27,7 +29,7 @@ module ActiveSupport
     end
 
     class InvalidMessage < StandardError; end
-    OpenSSLCipherError = OpenSSL::Cipher.const_defined?(:CipherError) ? OpenSSL::Cipher::CipherError : OpenSSL::CipherError
+    OpenSSLCipherError = OpenSSL::Cipher::CipherError
 
     # Initialize a new MessageEncryptor. +secret+ must be at least as long as
     # the cipher key size. For the default 'aes-256-cbc' cipher, this is 256
@@ -38,6 +40,7 @@ module ActiveSupport
     # Options:
     # * <tt>:cipher</tt>     - Cipher to use. Can be any cipher returned by
     #   <tt>OpenSSL::Cipher.ciphers</tt>. Default is 'aes-256-cbc'.
+    # * <tt>:digest</tt> - String of digest to use for signing. Default is +SHA1+.
     # * <tt>:serializer</tt> - Object serializer to use. Default is +Marshal+.
     def initialize(secret, *signature_key_or_options)
       options = signature_key_or_options.extract_options!
@@ -45,7 +48,7 @@ module ActiveSupport
       @secret = secret
       @sign_secret = sign_secret
       @cipher = options[:cipher] || 'aes-256-cbc'
-      @verifier = MessageVerifier.new(@sign_secret || @secret, :serializer => NullSerializer)
+      @verifier = MessageVerifier.new(@sign_secret || @secret, digest: options[:digest] || 'SHA1', serializer: NullSerializer)
       @serializer = options[:serializer] || Marshal
     end
 
@@ -65,22 +68,21 @@ module ActiveSupport
 
     def _encrypt(value)
       cipher = new_cipher
-      # Rely on OpenSSL for the initialization vector
-      iv = cipher.random_iv
-
       cipher.encrypt
       cipher.key = @secret
-      cipher.iv  = iv
+
+      # Rely on OpenSSL for the initialization vector
+      iv = cipher.random_iv
 
       encrypted_data = cipher.update(@serializer.dump(value))
       encrypted_data << cipher.final
 
-      [encrypted_data, iv].map {|v| ::Base64.strict_encode64(v)}.join("--")
+      "#{::Base64.strict_encode64 encrypted_data}--#{::Base64.strict_encode64 iv}"
     end
 
     def _decrypt(encrypted_message)
       cipher = new_cipher
-      encrypted_data, iv = encrypted_message.split("--").map {|v| ::Base64.decode64(v)}
+      encrypted_data, iv = encrypted_message.split("--").map {|v| ::Base64.strict_decode64(v)}
 
       cipher.decrypt
       cipher.key = @secret
@@ -90,7 +92,7 @@ module ActiveSupport
       decrypted_data << cipher.final
 
       @serializer.load(decrypted_data)
-    rescue OpenSSLCipherError, TypeError
+    rescue OpenSSLCipherError, TypeError, ArgumentError
       raise InvalidMessage
     end