123456789_123456789_123456789_123456789_123456789_

Class: ActiveRecord::Encryption::Cipher::Aes256Gcm

Relationships & Source Files
Inherits: Object
Defined in: activerecord/lib/active_record/encryption/cipher/aes256_gcm.rb

Overview

A 256-GCM cipher.

By default it will use random initialization vectors. For deterministic encryption, it will use a SHA-256 hash of the text to encrypt and the secret.

See ::ActiveRecord::Encryption::Encryptor

Constant Summary

Class Method Summary

Instance Method Summary

Constructor Details

.new(secret, deterministic: false) ⇒ Aes256Gcm

When iv not provided, it will generate a random iv on each encryption operation (default and recommended operation)

[ GitHub ]

  
# File 'activerecord/lib/active_record/encryption/cipher/aes256_gcm.rb', line 29

def initialize(secret, deterministic: false)
  @secret = secret
  @deterministic = deterministic
end

Class Method Details

.iv_length

[ GitHub ]

  
# File 'activerecord/lib/active_record/encryption/cipher/aes256_gcm.rb', line 22

def iv_length
  OpenSSL::Cipher.new(CIPHER_TYPE).iv_len
end

.key_length

[ GitHub ]

  
# File 'activerecord/lib/active_record/encryption/cipher/aes256_gcm.rb', line 18

def key_length
  OpenSSL::Cipher.new(CIPHER_TYPE).key_len
end

Instance Method Details

#decrypt(encrypted_message)

[ GitHub ]

  
# File 'activerecord/lib/active_record/encryption/cipher/aes256_gcm.rb', line 55

def decrypt(encrypted_message)
  encrypted_data = encrypted_message.payload
  iv = encrypted_message.headers.iv
  auth_tag = encrypted_message.headers.auth_tag

  # Currently the OpenSSL bindings do not raise an error if auth_tag is
  # truncated, which would allow an attacker to easily forge it. See
  # https://github.com/ruby/openssl/issues/63
  raise ActiveRecord::Encryption::Errors::EncryptedContentIntegrity if auth_tag.nil? || auth_tag.bytes.length != 16

  cipher = OpenSSL::Cipher.new(CIPHER_TYPE)

  cipher.decrypt
  cipher.key = @secret
  cipher.iv = iv

  cipher.auth_tag = auth_tag
  cipher.auth_data = ""

  decrypted_data = encrypted_data.empty? ? encrypted_data : cipher.update(encrypted_data)
  decrypted_data << cipher.final

  decrypted_data
rescue OpenSSL::Cipher::CipherError, TypeError, ArgumentError
  raise ActiveRecord::Encryption::Errors::Decryption
end

#encrypt(clear_text)

[ GitHub ]

  
# File 'activerecord/lib/active_record/encryption/cipher/aes256_gcm.rb', line 34

def encrypt(clear_text)
  # This code is extracted from ActiveSupport::MessageEncryptor. Not using it directly because we want to control
  # the message format and only serialize things once at the ActiveRecord::Encryption::Message level. Also, this
  # cipher is prepared to deal with deterministic/non deterministic encryption modes.

  cipher = OpenSSL::Cipher.new(CIPHER_TYPE)
  cipher.encrypt
  cipher.key = @secret

  iv = generate_iv(cipher, clear_text)
  cipher.iv = iv

  encrypted_data = clear_text.empty? ? clear_text.dup : cipher.update(clear_text)
  encrypted_data << cipher.final

  ActiveRecord::Encryption::Message.new(payload: encrypted_data).tap do |message|
    message.headers.iv = iv
    message.headers.auth_tag = cipher.auth_tag
  end
end

#generate_deterministic_iv(clear_text) (private)

[ GitHub ]

  
# File 'activerecord/lib/active_record/encryption/cipher/aes256_gcm.rb', line 95

def generate_deterministic_iv(clear_text)
  OpenSSL::HMAC.digest(OpenSSL::Digest::SHA256.new, @secret, clear_text)[0, ActiveRecord::Encryption.cipher.iv_length]
end

#generate_iv(cipher, clear_text) (private)

[ GitHub ]

  
# File 'activerecord/lib/active_record/encryption/cipher/aes256_gcm.rb', line 87

def generate_iv(cipher, clear_text)
  if @deterministic
    generate_deterministic_iv(clear_text)
  else
    cipher.random_iv
  end
end

#inspect

This method is for internal use only.
[ GitHub ]

  
# File 'activerecord/lib/active_record/encryption/cipher/aes256_gcm.rb', line 82

def inspect # :nodoc:
  "#<#{self.class.name}:#{'%#016x' % (object_id << 1)}>"
end