method

decrypt

v7.0.0 - Show latest stable - 0 notes - Class: Aes256Gcm

1.0.0
1.1.6
1.2.6
2.0.3
2.1.0
2.2.1
2.3.8
3.0.0
3.0.9
3.1.0
3.2.1
3.2.8
3.2.13
4.0.2
4.1.8
4.2.1
4.2.7
4.2.9
5.0.0.1
5.1.7
5.2.3
6.0.0
6.1.3.1
6.1.7.7
7.0.0 (0)
7.1.3.2 (0)
7.1.3.4 (0)
What's this?

decrypt(encrypted_message) public

No documentation

This method has no description. You can help the Ruby on Rails community by adding new notes.

# File activerecord/lib/active_record/encryption/cipher/aes256_gcm.rb, line 56
        def decrypt(encrypted_message)
          encrypted_data = encrypted_message.payload
          iv = encrypted_message.headers.iv
          auth_tag = encrypted_message.headers.auth_tag

          # Currently the OpenSSL bindings do not raise an error if auth_tag is
          # truncated, which would allow an attacker to easily forge it. See
          # https://github.com/ruby/openssl/issues/63
          raise ActiveRecord::Encryption::Errors::EncryptedContentIntegrity if auth_tag.nil? || auth_tag.bytes.length != 16

          cipher = OpenSSL::Cipher.new(CIPHER_TYPE)

          cipher.decrypt
          cipher.key = @secret
          cipher.iv = iv

          cipher.auth_tag = auth_tag
          cipher.auth_data = ""

          decrypted_data = encrypted_data.empty? ? encrypted_data : cipher.update(encrypted_data)
          decrypted_data << cipher.final

          decrypted_data
        rescue OpenSSL::Cipher::CipherError, TypeError, ArgumentError
          raise ActiveRecord::Encryption::Errors::Decryption
        end

decrypt

Related methods

No documentation