method

_decrypt

Ruby on Rails latest stable (v7.1.3.2) - 0 notes - Class: ActiveSupport::MessageEncryptor

1.0.0
1.1.6
1.2.6
2.0.3
2.1.0
2.2.1
2.3.8
3.0.0
3.0.9
3.1.0
3.2.1 (0)
3.2.8 (0)
3.2.13 (0)
4.0.2 (0)
4.1.8 (0)
4.2.1 (0)
4.2.7 (0)
4.2.9 (0)
5.0.0.1 (0)
5.1.7 (0)
5.2.3 (0)
6.0.0 (0)
6.1.3.1 (0)
6.1.7.7 (0)
7.0.0 (0)
7.1.3.2
7.1.3.4
What's this?

Method deprecated or moved

This method is deprecated or moved on the latest stable version. The last existing version (v7.0.0) is shown here.

_decrypt(encrypted_message, purpose) private

No documentation

This method has no description. You can help the Ruby on Rails community by adding new notes.

Hide source

# File activesupport/lib/active_support/message_encryptor.rb, line 185
      def _decrypt(encrypted_message, purpose)
        cipher = new_cipher
        encrypted_data, iv, auth_tag = encrypted_message.split("--").map { |v| ::Base64.strict_decode64(v) }

        # Currently the OpenSSL bindings do not raise an error if auth_tag is
        # truncated, which would allow an attacker to easily forge it. See
        # https://github.com/ruby/openssl/issues/63
        raise InvalidMessage if aead_mode? && (auth_tag.nil? || auth_tag.bytes.length != 16)

        cipher.decrypt
        cipher.key = @secret
        cipher.iv  = iv
        if aead_mode?
          cipher.auth_tag = auth_tag
          cipher.auth_data = ""
        end

        decrypted_data = cipher.update(encrypted_data)
        decrypted_data << cipher.final

        message = Messages::Metadata.verify(decrypted_data, purpose)
        @serializer.load(message) if message
      rescue OpenSSLCipherError, TypeError, ArgumentError
        raise InvalidMessage
      end

_decrypt

Related methods

Method deprecated or moved

No documentation