class Rack::Session::Encryptor - rack-session-2.1.2 Documentation

Public Class Methods

Source

# File lib/rack/session/encryptor.rb, line 347
def initialize(secret, opts = {})
  opts = opts.dup

  @mode = opts.delete(:mode)&.to_sym || :guess_version
  case @mode
  when :v1
    @v1 = V1.new(secret, opts)
  when :v2
    @v2 = V2.new(secret, opts)
  else
    @v1 = V1.new(secret, opts)
    @v2 = V2.new(secret, opts)
  end
end

Public Instance Methods

decrypt (base64_data)

Source

# File lib/rack/session/encryptor.rb, line 362
def decrypt(base64_data)
  decryptor =
    case @mode
    when :v2
      v2
    when :v1
      v1
    else
      guess_decryptor(base64_data)
    end

  decryptor.decrypt(base64_data)
end

encrypt (message)

Source

# File lib/rack/session/encryptor.rb, line 376
def encrypt(message)
  encryptor =
    case @mode
    when :v1
      v1
    else
      v2
    end

  encryptor.encrypt(message)
end

Private Instance Methods

guess_decryptor (base64_data)

Source

# File lib/rack/session/encryptor.rb, line 392
def guess_decryptor(base64_data)
  raise InvalidMessage, 'invalid message' if base64_data.nil? || base64_data.bytesize < 4

  first_encoded_4_bytes = base64_data.slice(0, 4)
  # Transform the 4 bytes into non-URL-safe base64-encoded data. Nothing
  # happens if the data is already non-URL-safe base64.
  first_encoded_4_bytes.tr!('-_', '+/')
  first_decoded_3_bytes = Base64.strict_decode64(first_encoded_4_bytes)

  version = first_decoded_3_bytes[0]
  case version
  when "\2"
    v2
  when "\1"
    v1
  else
    raise InvalidMessage, 'invalid message'
  end
rescue ArgumentError
  raise InvalidMessage, 'invalid message'
end