RSpec
Ruby on Rails
Ruby
method
decrypt_and_verify
v7.1.3.4 -
Show latest stable
-
0 notes -
Class: ActiveSupport::MessageEncryptor
- 1.0.0
- 1.1.6
- 1.2.6
- 2.0.3
- 2.1.0
- 2.2.1
- 2.3.8 (0)
- 3.0.0 (0)
- 3.0.9 (0)
- 3.1.0 (0)
- 3.2.1 (11)
- 3.2.8 (0)
- 3.2.13 (0)
- 4.0.2 (0)
- 4.1.8 (0)
- 4.2.1 (0)
- 4.2.7 (0)
- 4.2.9 (0)
- 5.0.0.1 (0)
- 5.1.7 (0)
- 5.2.3 (0)
- 6.0.0 (0)
- 6.1.3.1 (0)
- 6.1.7.7 (0)
- 7.0.0 (0)
- 7.1.3.2 (38)
- 7.1.3.4 (0)
- What's this?
-
default_cipher
-
key_len
-
new
-
aead_mode?
(<= v7.0.0)
-
create_message
-
decrypt
-
_decrypt
(<= v7.0.0)
-
decrypt_and_verify
-
encrypt
-
_encrypt
(<= v7.0.0)
-
encrypt_and_sign
-
extract_part
-
extract_parts
-
inspect
-
join_parts
-
length_after_encode
-
length_of_encoded_auth_tag
-
length_of_encoded_iv
-
new_cipher
-
read_message
-
resolve_verifier
(<= v7.0.0)
-
sign
-
verifier
(<= v5.2.3)
-
verify
= private
= protected
decrypt_and_verify(message, **options)
public
Decrypt and verify a message. We need to verify the message in order to avoid padding attacks. Reference: www.limited-entropy.com/padding-oracle-attacks/.
Options
- :purpose
-
The purpose that the message was generated with. If the purpose does not match, decrypt_and_verify will return nil.
message = encryptor.encrypt_and_sign("hello", purpose: "greeting") encryptor.decrypt_and_verify(message, purpose: "greeting") # => "hello" encryptor.decrypt_and_verify(message) # => nil message = encryptor.encrypt_and_sign("bye") encryptor.decrypt_and_verify(message) # => "bye" encryptor.decrypt_and_verify(message, purpose: "greeting") # => nil
