Method: ActiveSupport::MessageEncryptor#encrypt_and_sign

Defined in:: activesupport/lib/active_support/message_encryptor.rb

#encrypt_and_sign(value, **options) ⇒ `Object`

Encrypt and sign a message. We need to sign the message in order to avoid padding attacks. Reference: www.limited-entropy.com/padding-oracle-attacks/.

Options

:expires_at

The datetime at which the message expires. After this datetime, verification of the message will fail.

message = encryptor.encrypt_and_sign("hello", expires_at: Time.now.tomorrow)
encryptor.decrypt_and_verify(message) # => "hello"
# 24 hours later...
encryptor.decrypt_and_verify(message) # => nil

:expires_in

The duration for which the message is valid. After this duration has elapsed, verification of the message will fail.

message = encryptor.encrypt_and_sign("hello", expires_in: 24.hours)
encryptor.decrypt_and_verify(message) # => "hello"
# 24 hours later...
encryptor.decrypt_and_verify(message) # => nil

:purpose

The purpose of the message. If specified, the same purpose must be specified when verifying the message; otherwise, verification will fail. (See #decrypt_and_verify.)



220
221
222

# File 'activesupport/lib/active_support/message_encryptor.rb', line 220

def encrypt_and_sign(value, **options)
  create_message(value, **options)
end

Method: ActiveSupport::MessageEncryptor#encrypt_and_sign

#encrypt_and_sign(value, **options) ⇒ Object

Options

#encrypt_and_sign(value, **options) ⇒ `Object`