Class: ActionDispatch::Cookies::UpgradeLegacyHmacAesCbcCookieJar

Inherits:
EncryptedCookieJar show all
Defined in:
actionpack/lib/action_dispatch/middleware/cookies.rb

Overview

UpgradeLegacyHmacAesCbcCookieJar is used by ActionDispatch::Session::CookieStore to upgrade cookies encrypted with AES-256-CBC with HMAC to AES-256-GCM

Constant Summary

Constants included from SerializedCookieJars

SerializedCookieJars::MARSHAL_SIGNATURE

Instance Method Summary collapse

Methods inherited from AbstractCookieJar

#[], #[]=

Methods included from ChainedCookieJars

#encrypted, #permanent, #signed, #signed_or_encrypted

Constructor Details

#initialize(parent_jar) ⇒ UpgradeLegacyHmacAesCbcCookieJar

Returns a new instance of UpgradeLegacyHmacAesCbcCookieJar.



641
642
643
644
645
646
647
648
 
# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 641

def initialize(parent_jar)
  super

  secret = key_generator.generate_key(request.encrypted_cookie_salt || "")[0, ActiveSupport::MessageEncryptor.key_len]
  sign_secret = key_generator.generate_key(request.encrypted_signed_cookie_salt || "")

  @legacy_encryptor = ActiveSupport::MessageEncryptor.new(secret, sign_secret, cipher: "aes-256-cbc", digest: digest, serializer: ActiveSupport::MessageEncryptor::NullSerializer)
end

Instance Method Details

#decrypt_and_verify_legacy_encrypted_message(name, signed_message) ⇒ Object 



650
651
652
653
654
655
656
 
# File 'actionpack/lib/action_dispatch/middleware/cookies.rb', line 650

def decrypt_and_verify_legacy_encrypted_message(name, signed_message)
  deserialize(name, @legacy_encryptor.decrypt_and_verify(signed_message)).tap do |value|
    self[name] = { value: value }
  end
rescue ActiveSupport::MessageVerifier::InvalidSignature, ActiveSupport::MessageEncryptor::InvalidMessage
  nil
end