From 4c484a69e222ddbc3226311e0dc3551481aa4bbb Mon Sep 17 00:00:00 2001 From: Lukas Zapletal Date: Wed, 1 Mar 2017 13:57:54 +0100 Subject: Use DEFAULT_CIPHER constant in MessageEncryptor --- activesupport/lib/active_support/message_encryptor.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'activesupport/lib/active_support/message_encryptor.rb') diff --git a/activesupport/lib/active_support/message_encryptor.rb b/activesupport/lib/active_support/message_encryptor.rb index 0671469788..69109d2005 100644 --- a/activesupport/lib/active_support/message_encryptor.rb +++ b/activesupport/lib/active_support/message_encryptor.rb @@ -61,7 +61,7 @@ module ActiveSupport sign_secret = signature_key_or_options.first @secret = secret @sign_secret = sign_secret - @cipher = options[:cipher] || "aes-256-cbc" + @cipher = options[:cipher] || DEFAULT_CIPHER @digest = options[:digest] || "SHA1" unless aead_mode? @verifier = resolve_verifier @serializer = options[:serializer] || Marshal -- cgit v1.2.3 From 9a79201fd4645eaff99a403daa7ebc4b5d6c2c08 Mon Sep 17 00:00:00 2001 From: Benoit Tigeot Date: Tue, 14 Mar 2017 19:09:24 +0100 Subject: Add documentation about signature_key for MessageEncryptor.new [ci skip] --- activesupport/lib/active_support/message_encryptor.rb | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'activesupport/lib/active_support/message_encryptor.rb') diff --git a/activesupport/lib/active_support/message_encryptor.rb b/activesupport/lib/active_support/message_encryptor.rb index 0671469788..aaa12efca6 100644 --- a/activesupport/lib/active_support/message_encryptor.rb +++ b/activesupport/lib/active_support/message_encryptor.rb @@ -50,6 +50,11 @@ module ActiveSupport # key by using ActiveSupport::KeyGenerator or a similar key # derivation function. # + # First additional parameter is used as the signature key for +MessageVerifier+. + # This allows you to specify keys to encrypt and sign data. + # + # ActiveSupport::MessageEncryptor.new('secret', 'signature_key') + # # Options: # * :cipher - Cipher to use. Can be any cipher returned by # OpenSSL::Cipher.ciphers. Default is 'aes-256-cbc'. -- cgit v1.2.3 From bd3f0e706c08481bfe9f87db1f393d8c9be980c2 Mon Sep 17 00:00:00 2001 From: Jon Moss Date: Wed, 15 Mar 2017 13:10:11 -0400 Subject: Tweak 28412 PR was merged before I could finished reviewing :grimacing: [ci skip] --- activesupport/lib/active_support/message_encryptor.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'activesupport/lib/active_support/message_encryptor.rb') diff --git a/activesupport/lib/active_support/message_encryptor.rb b/activesupport/lib/active_support/message_encryptor.rb index 5546934874..24053b4fe5 100644 --- a/activesupport/lib/active_support/message_encryptor.rb +++ b/activesupport/lib/active_support/message_encryptor.rb @@ -53,7 +53,7 @@ module ActiveSupport # First additional parameter is used as the signature key for +MessageVerifier+. # This allows you to specify keys to encrypt and sign data. # - # ActiveSupport::MessageEncryptor.new('secret', 'signature_key') + # ActiveSupport::MessageEncryptor.new('secret', 'signature_secret') # # Options: # * :cipher - Cipher to use. Can be any cipher returned by -- cgit v1.2.3