RSpec
Ruby on Rails
Ruby
method
encrypt_and_sign
v7.1.3.2 -
Show latest stable
-
0 notes -
Class: ActiveSupport::MessageEncryptor
- 1.0.0
- 1.1.6
- 1.2.6
- 2.0.3
- 2.1.0
- 2.2.1
- 2.3.8 (0)
- 3.0.0 (0)
- 3.0.9 (0)
- 3.1.0 (0)
- 3.2.1 (7)
- 3.2.8 (0)
- 3.2.13 (0)
- 4.0.2 (0)
- 4.1.8 (0)
- 4.2.1 (0)
- 4.2.7 (0)
- 4.2.9 (0)
- 5.0.0.1 (0)
- 5.1.7 (0)
- 5.2.3 (0)
- 6.0.0 (0)
- 6.1.3.1 (0)
- 6.1.7.7 (0)
- 7.0.0 (0)
- 7.1.3.2 (38)
- What's this?
-
default_cipher
-
key_len
-
new
-
aead_mode?
(<= v7.0.0)
-
create_message
-
decrypt
-
_decrypt
(<= v7.0.0)
-
decrypt_and_verify
-
encrypt
-
_encrypt
(<= v7.0.0)
-
encrypt_and_sign
-
extract_part
-
extract_parts
-
inspect
-
join_parts
-
length_after_encode
-
length_of_encoded_auth_tag
-
length_of_encoded_iv
-
new_cipher
-
read_message
-
resolve_verifier
(<= v7.0.0)
-
sign
-
verifier
(<= v5.2.3)
-
verify
= private
= protected
encrypt_and_sign(value, **options)
public
Encrypt and sign a message. We need to sign the message in order to avoid padding attacks. Reference: www.limited-entropy.com/padding-oracle-attacks/.
Options
- :expires_at
-
The datetime at which the message expires. After this datetime, verification of the message will fail.
message = encryptor.encrypt_and_sign("hello", expires_at: Time.now.tomorrow) encryptor.decrypt_and_verify(message) # => "hello" # 24 hours later... encryptor.decrypt_and_verify(message) # => nil
- :expires_in
-
The duration for which the message is valid. After this duration has elapsed, verification of the message will fail.
message = encryptor.encrypt_and_sign("hello", expires_in: 24.hours) encryptor.decrypt_and_verify(message) # => "hello" # 24 hours later... encryptor.decrypt_and_verify(message) # => nil
- :purpose
-
The purpose of the message. If specified, the same purpose must be specified when verifying the message; otherwise, verification will fail. (See #decrypt_and_verify.)
