Permalink
Browse files

Reorganize MessageEncryptor

1) According to OpenSSL's documentation, cipher.random_iv must be called
   after cipher.encrypt and already sets the generated IV on the cipher.

2) OpenSSL::CipherError was moved to OpenSSL::Cipher::CipherError in
   Ruby 1.8.7. Since Rails 4 requires at least Ruby 1.9.3, support for
   the old location can be dropped.
  • Loading branch information...
jgls
jgls committed Apr 16, 2013
1 parent 41a90dd commit 91a0a1156e622cad5221f33e852c19aa8eba6cbf
Showing with 4 additions and 5 deletions.
  1. +4 −5 activesupport/lib/active_support/message_encryptor.rb
@@ -28,7 +28,7 @@ def self.dump(value)
end
class InvalidMessage < StandardError; end
- OpenSSLCipherError = OpenSSL::Cipher.const_defined?(:CipherError) ? OpenSSL::Cipher::CipherError : OpenSSL::CipherError
+ OpenSSLCipherError = OpenSSL::Cipher::CipherError
# Initialize a new MessageEncryptor. +secret+ must be at least as long as
# the cipher key size. For the default 'aes-256-cbc' cipher, this is 256
@@ -66,12 +66,11 @@ def decrypt_and_verify(value)
def _encrypt(value)
cipher = new_cipher
- # Rely on OpenSSL for the initialization vector
- iv = cipher.random_iv
-
cipher.encrypt
cipher.key = @secret
- cipher.iv = iv
+
+ # Rely on OpenSSL for the initialization vector
+ iv = cipher.random_iv
encrypted_data = cipher.update(@serializer.dump(value))
encrypted_data << cipher.final

0 comments on commit 91a0a11

Please sign in to comment.