W3cubDocs

/Ruby on Rails 7.0

class ActiveRecord::Encryption::Cipher

Parent:
Object

The algorithm used for encrypting and decrypting Message objects.

It uses AES-256-GCM. It will generate a random IV for non deterministic encryption (default) or derive an initialization vector from the encrypted content for deterministic encryption.

See Cipher::Aes256Gcm.

Constants

DEFAULT_ENCODING

Public Instance Methods

decrypt(encrypted_message, key:) Show source
# File activerecord/lib/active_record/encryption/cipher.rb, line 25
def decrypt(encrypted_message, key:)
  try_to_decrypt_with_each(encrypted_message, keys: Array(key)).tap do |decrypted_text|
    decrypted_text.force_encoding(encrypted_message.headers.encoding || DEFAULT_ENCODING)
  end
end

Decrypt the provided Message.

When key is an Array, it will try all the keys raising a ActiveRecord::Encryption::Errors::Decryption if none works.

encrypt(clean_text, key:, deterministic: false) Show source
# File activerecord/lib/active_record/encryption/cipher.rb, line 15
def encrypt(clean_text, key:, deterministic: false)
  cipher_for(key, deterministic: deterministic).encrypt(clean_text).tap do |message|
    message.headers.encoding = clean_text.encoding.name unless clean_text.encoding == DEFAULT_ENCODING
  end
end

Encrypts the provided text and return an encrypted Message.

iv_length() Show source
# File activerecord/lib/active_record/encryption/cipher.rb, line 35
def iv_length
  Aes256Gcm.iv_length
end
key_length() Show source
# File activerecord/lib/active_record/encryption/cipher.rb, line 31
def key_length
  Aes256Gcm.key_length
end

© 2004–2021 David Heinemeier Hansson
Licensed under the MIT License.