instance method `_decrypt`

Ruby on Rails 7.0.10

Since v3.2.22.5 Last seen in v7.0.10 Private

Available in: v3.2.22.5 v4.0.13 v4.1.16 v4.2.9 v5.2.8.1 v6.0.6 v6.1.7.10 v7.0.10

Compare with:

_decrypt(encrypted_message, purpose)

No documentation comment.

Parameters

encrypted_message req
purpose req

Source

# File activesupport/lib/active_support/message_encryptor.rb, line 186
      def _decrypt(encrypted_message, purpose)
        cipher = new_cipher
        encrypted_data, iv, auth_tag = encrypted_message.split("--").map { |v| ::Base64.strict_decode64(v) }

        # Currently the OpenSSL bindings do not raise an error if auth_tag is
        # truncated, which would allow an attacker to easily forge it. See
        # https://github.com/ruby/openssl/issues/63
        raise InvalidMessage if aead_mode? && (auth_tag.nil? || auth_tag.bytes.length != 16)

        cipher.decrypt
        cipher.key = @secret
        cipher.iv  = iv
        if aead_mode?
          cipher.auth_tag = auth_tag
          cipher.auth_data = ""
        end

        decrypted_data = cipher.update(encrypted_data)
        decrypted_data << cipher.final

        message = Messages::Metadata.verify(decrypted_data, purpose)
        @serializer.load(message) if message
      rescue OpenSSLCipherError, TypeError, ArgumentError
        raise InvalidMessage
      end

Defined in activesupport/lib/active_support/message_encryptor.rb line 186 · View on GitHub · Improve this page · Find usages on GitHub

Defined in ActiveSupport::MessageEncryptor

Signature

Parameters