MessageEncryptor is a simple way to encrypt values which get stored somewhere you don't trust.

The cipher text and initialization vector are base64 encoded and returned to you.

This can be used in situations similar to the MessageVerifier, but where you don't want users to be able to determine the value of the payload.

Namespace
Methods
D
E
N
Constants
OpenSSLCipherError = OpenSSL::Cipher.const_defined?(:CipherError) ? OpenSSL::Cipher::CipherError : OpenSSL::CipherError
 
Class Public methods
new(secret, cipher = 'aes-256-cbc')
# File activesupport/lib/active_support/message_encryptor.rb, line 15
def initialize(secret, cipher = 'aes-256-cbc')
  @secret = secret
  @cipher = cipher
end
Instance Public methods
decrypt(encrypted_message)
# File activesupport/lib/active_support/message_encryptor.rb, line 35
def decrypt(encrypted_message)
  cipher = new_cipher
  encrypted_data, iv = encrypted_message.split("--").map {|v| ActiveSupport::Base64.decode64(v)}
  cipher.decrypt
  cipher.key = @secret
  cipher.iv  = iv
  decrypted_data = cipher.update(encrypted_data)
  decrypted_data << cipher.final
  Marshal.load(decrypted_data)
rescue OpenSSLCipherError, TypeError
  raise InvalidMessage
end
decrypt_and_verify(value)
# File activesupport/lib/active_support/message_encryptor.rb, line 55
def decrypt_and_verify(value)
  decrypt(verifier.verify(value))
end
encrypt(value)
# File activesupport/lib/active_support/message_encryptor.rb, line 20
def encrypt(value)
  cipher = new_cipher
  # Rely on OpenSSL for the initialization vector
  iv = cipher.random_iv
  cipher.encrypt
  cipher.key = @secret
  cipher.iv  = iv
  encrypted_data = cipher.update(Marshal.dump(value))
  encrypted_data << cipher.final
  [encrypted_data, iv].map {|v| ActiveSupport::Base64.encode64s(v)}.join("--")
end
encrypt_and_sign(value)
# File activesupport/lib/active_support/message_encryptor.rb, line 51
def encrypt_and_sign(value)
  verifier.generate(encrypt(value))
end