method
decrypt
v7.1.3.2 -
Show latest stable
-
0 notes -
Class: ActiveSupport::MessageEncryptor
- 1.0.0
- 1.1.6
- 1.2.6
- 2.0.3
- 2.1.0
- 2.2.1
- 2.3.8 (0)
- 3.0.0 (0)
- 3.0.9 (0)
- 3.1.0 (0)
- 3.2.1 (0)
- 3.2.8 (0)
- 3.2.13 (0)
- 4.0.2
- 4.1.8
- 4.2.1
- 4.2.7
- 4.2.9
- 5.0.0.1
- 5.1.7
- 5.2.3
- 6.0.0
- 6.1.3.1
- 6.1.7.7
- 7.0.0
- 7.1.3.2 (0)
- 7.1.3.4 (0)
- What's this?
decrypt(encrypted_message)
private
Hide source
# File activesupport/lib/active_support/message_encryptor.rb, line 295 def decrypt(encrypted_message) cipher = new_cipher encrypted_data, iv, auth_tag = extract_parts(encrypted_message) # Currently the OpenSSL bindings do not raise an error if auth_tag is # truncated, which would allow an attacker to easily forge it. See # https://github.com/ruby/openssl/issues/63 if aead_mode? && auth_tag.bytesize != AUTH_TAG_LENGTH throw :invalid_message_format, "truncated auth_tag" end cipher.decrypt cipher.key = @secret cipher.iv = iv if aead_mode? cipher.auth_tag = auth_tag cipher.auth_data = "" end decrypted_data = cipher.update(encrypted_data) decrypted_data << cipher.final rescue OpenSSLCipherError => error throw :invalid_message_format, error end