Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Default Message Encryptor Cipher to AES-256-GCM From AES-256-CBC #29263

merged 1 commit into from Jun 11, 2017
Changes from all commits
File filter...
Filter file types
Jump to…
Jump to file or symbol
Failed to load files and symbols.
+30 −5
Diff settings


Just for now

@@ -630,7 +630,7 @@ def initialize(parent_jar)
secret = key_generator.generate_key(request.encrypted_cookie_salt || "")[0, ActiveSupport::MessageEncryptor.key_len]
sign_secret = key_generator.generate_key(request.encrypted_signed_cookie_salt || "")

@legacy_encryptor =, sign_secret, digest: digest, serializer: ActiveSupport::MessageEncryptor::NullSerializer)
@legacy_encryptor =, sign_secret, cipher: "aes-256-cbc", digest: digest, serializer: ActiveSupport::MessageEncryptor::NullSerializer)

def decrypt_and_verify_legacy_encrypted_message(name, signed_message)
@@ -19,7 +19,17 @@ module ActiveSupport
# encrypted_data = crypt.encrypt_and_sign('my secret data') # => "NlFBTTMwOUV5UlA1QlNEN2xkY2d6eThYWWh..."
# crypt.decrypt_and_verify(encrypted_data) # => "my secret data"
class MessageEncryptor
DEFAULT_CIPHER = "aes-256-cbc"
class << self
attr_accessor :use_authenticated_message_encryption #:nodoc:

def default_cipher #:nodoc:
if use_authenticated_message_encryption

module NullSerializer #:nodoc:
def self.load(value)
@@ -45,7 +55,7 @@ class InvalidMessage < StandardError; end
OpenSSLCipherError = OpenSSL::Cipher::CipherError

# Initialize a new MessageEncryptor. +secret+ must be at least as long as
# the cipher key size. For the default 'aes-256-cbc' cipher, this is 256
# the cipher key size. For the default 'aes-256-gcm' cipher, this is 256
# bits. If you are using a user-entered secret, you can generate a suitable
# key by using <tt>ActiveSupport::KeyGenerator</tt> or a similar key
# derivation function.
@@ -66,7 +76,7 @@ def initialize(secret, *signature_key_or_options)
sign_secret = signature_key_or_options.first
@secret = secret
@sign_secret = sign_secret
@cipher = options[:cipher] || DEFAULT_CIPHER
@cipher = options[:cipher] || self.class.default_cipher
@digest = options[:digest] || "SHA1" unless aead_mode?
@verifier = resolve_verifier
@serializer = options[:serializer] || Marshal
@@ -85,7 +95,7 @@ def decrypt_and_verify(value)

# Given a cipher, returns the key length of the cipher to help generate the key of desired size
def self.key_len(cipher = DEFAULT_CIPHER)
def self.key_len(cipher = default_cipher)

@@ -7,6 +7,13 @@ class Railtie < Rails::Railtie # :nodoc:

config.eager_load_namespaces << ActiveSupport

initializer "active_support.set_authenticated_message_encryption" do |app|
if app.config.active_support.respond_to?(:use_authenticated_message_encryption)
ActiveSupport::MessageEncryptor.use_authenticated_message_encryption =

initializer "active_support.reset_all_current_attributes_instances" do |app|
app.reloader.before_class_unload { ActiveSupport::CurrentAttributes.clear_all }
app.executor.to_run { ActiveSupport::CurrentAttributes.reset_all }
@@ -92,6 +92,10 @@ def load_defaults(target_version)
action_dispatch.use_authenticated_cookie_encryption = true

if respond_to?(:active_support)
active_support.use_authenticated_message_encryption = true

raise "Unknown version #{target_version.to_s.inspect}"
@@ -13,3 +13,7 @@
# Use AES 256 GCM authenticated encryption for encrypted cookies.
# Existing cookies will be converted on read then written with the new scheme.
# Rails.application.config.action_dispatch.use_authenticated_cookie_encryption = true

This comment has been minimized.

Copy link

kaspth Jun 6, 2017


Ideally, we should be able to remove this config and use the below one to infer it. But that's for another time.

cc @mikeycgto

# Use AES-256-GCM authenticated encryption as default cipher for encrypting messages
# instead of AES-256-CBC, when use_authenticated_message_encryption is set to true.
# Rails.application.config.active_support.use_authenticated_message_encryption = true
ProTip! Use n and p to navigate between commits in a pull request.
You can’t perform that action at this time.