If you’re ever looking for exactly what a given class does, I’d recommend consulting the source. SignedCookieJar, for instance, is in rails/actionpack/lib/action_dispatch/middleware/cookies.rb.

It would seem that a SignedCookieJar is a wrapper around the standard cookie jar, but before setting a cookie to its parent jar it will sign it with an ActiveSupport::MessageVerifier‘s generate method, and upon getting a cookie from the parent jar it will return nil if the verifier’s verify method invalidates the signature.

The difference seems to be that MessageVerifier only signs data but leaves the original data intact, whereas MessageEncryptor will additionally encrypt the data before signing it. The Rails docs say that the use case is different in that:

[MessageEncryptor] can be used in situations similar to the MessageVerifier, but where you don’t want users to be able to determine the value of the payload.

For signed cookies, we’re usually not too worried about that.