Class: ActiveRecord::Encryption::Config

Relationships & Source Files
Inherits:	Object
Defined in:	activerecord/lib/active_record/encryption/config.rb

Overview

Container of configuration options

Class Method Summary

.new ⇒ Config constructor

Instance Attribute Summary

#add_to_filter_parameters rw
#deterministic_key rw
#encrypt_fixtures rw
#excluded_from_filter_parameters rw
#extend_queries rw
#forced_encoding_for_deterministic_encryption rw
#hash_digest_class rw
#key_derivation_salt rw
#previous=(previous_schemes_properties) writeonly

Configure previous encryption schemes.
#previous_schemes rw
#primary_key rw
#store_key_references rw
#support_sha1_for_non_deterministic_encryption=(value) writeonly
#support_unencrypted_data rw
#validate_column_size rw

Instance Method Summary

#add_previous_scheme(**properties) private
#set_defaults private

Constructor Details

.new ⇒ `Config`

[ GitHub ]

# File 'activerecord/lib/active_record/encryption/config.rb', line 13


def initialize
  set_defaults
end

Instance Attribute Details

#add_to_filter_parameters (rw)

[ GitHub ]

# File 'activerecord/lib/active_record/encryption/config.rb', line 9


attr_accessor :primary_key, :deterministic_key, :store_key_references, :key_derivation_salt, :hash_digest_class,
              :support_unencrypted_data, :encrypt_fixtures, :validate_column_size, :add_to_filter_parameters,
              :excluded_from_filter_parameters, :extend_queries, :previous_schemes, :forced_encoding_for_deterministic_encryption

#deterministic_key (rw)

[ GitHub ]

# File 'activerecord/lib/active_record/encryption/config.rb', line 9


attr_accessor :primary_key, :deterministic_key, :store_key_references, :key_derivation_salt, :hash_digest_class,
              :support_unencrypted_data, :encrypt_fixtures, :validate_column_size, :add_to_filter_parameters,
              :excluded_from_filter_parameters, :extend_queries, :previous_schemes, :forced_encoding_for_deterministic_encryption

#encrypt_fixtures (rw)

[ GitHub ]

# File 'activerecord/lib/active_record/encryption/config.rb', line 9


attr_accessor :primary_key, :deterministic_key, :store_key_references, :key_derivation_salt, :hash_digest_class,
              :support_unencrypted_data, :encrypt_fixtures, :validate_column_size, :add_to_filter_parameters,
              :excluded_from_filter_parameters, :extend_queries, :previous_schemes, :forced_encoding_for_deterministic_encryption

#excluded_from_filter_parameters (rw)

[ GitHub ]

# File 'activerecord/lib/active_record/encryption/config.rb', line 9


attr_accessor :primary_key, :deterministic_key, :store_key_references, :key_derivation_salt, :hash_digest_class,
              :support_unencrypted_data, :encrypt_fixtures, :validate_column_size, :add_to_filter_parameters,
              :excluded_from_filter_parameters, :extend_queries, :previous_schemes, :forced_encoding_for_deterministic_encryption

#extend_queries (rw)

[ GitHub ]

# File 'activerecord/lib/active_record/encryption/config.rb', line 9


attr_accessor :primary_key, :deterministic_key, :store_key_references, :key_derivation_salt, :hash_digest_class,
              :support_unencrypted_data, :encrypt_fixtures, :validate_column_size, :add_to_filter_parameters,
              :excluded_from_filter_parameters, :extend_queries, :previous_schemes, :forced_encoding_for_deterministic_encryption

#forced_encoding_for_deterministic_encryption (rw)

[ GitHub ]

# File 'activerecord/lib/active_record/encryption/config.rb', line 9


attr_accessor :primary_key, :deterministic_key, :store_key_references, :key_derivation_salt, :hash_digest_class,
              :support_unencrypted_data, :encrypt_fixtures, :validate_column_size, :add_to_filter_parameters,
              :excluded_from_filter_parameters, :extend_queries, :previous_schemes, :forced_encoding_for_deterministic_encryption

#hash_digest_class (rw)

[ GitHub ]

# File 'activerecord/lib/active_record/encryption/config.rb', line 9


attr_accessor :primary_key, :deterministic_key, :store_key_references, :key_derivation_salt, :hash_digest_class,
              :support_unencrypted_data, :encrypt_fixtures, :validate_column_size, :add_to_filter_parameters,
              :excluded_from_filter_parameters, :extend_queries, :previous_schemes, :forced_encoding_for_deterministic_encryption

#key_derivation_salt (rw)

[ GitHub ]

# File 'activerecord/lib/active_record/encryption/config.rb', line 9


attr_accessor :primary_key, :deterministic_key, :store_key_references, :key_derivation_salt, :hash_digest_class,
              :support_unencrypted_data, :encrypt_fixtures, :validate_column_size, :add_to_filter_parameters,
              :excluded_from_filter_parameters, :extend_queries, :previous_schemes, :forced_encoding_for_deterministic_encryption

#previous=(previous_schemes_properties) (writeonly)

Configure previous encryption schemes.

config.active_record.encryption.previous = [ { key_provider: MyOldKeyProvider.new } ]

[ GitHub ]

# File 'activerecord/lib/active_record/encryption/config.rb', line 20


def previous=(previous_schemes_properties)
  previous_schemes_properties.each do |properties|
    add_previous_scheme(**properties)
  end
end

#previous_schemes (rw)

[ GitHub ]

# File 'activerecord/lib/active_record/encryption/config.rb', line 9


attr_accessor :primary_key, :deterministic_key, :store_key_references, :key_derivation_salt, :hash_digest_class,
              :support_unencrypted_data, :encrypt_fixtures, :validate_column_size, :add_to_filter_parameters,
              :excluded_from_filter_parameters, :extend_queries, :previous_schemes, :forced_encoding_for_deterministic_encryption

#primary_key (rw)

[ GitHub ]

# File 'activerecord/lib/active_record/encryption/config.rb', line 9


attr_accessor :primary_key, :deterministic_key, :store_key_references, :key_derivation_salt, :hash_digest_class,
              :support_unencrypted_data, :encrypt_fixtures, :validate_column_size, :add_to_filter_parameters,
              :excluded_from_filter_parameters, :extend_queries, :previous_schemes, :forced_encoding_for_deterministic_encryption

#store_key_references (rw)

[ GitHub ]

# File 'activerecord/lib/active_record/encryption/config.rb', line 9


attr_accessor :primary_key, :deterministic_key, :store_key_references, :key_derivation_salt, :hash_digest_class,
              :support_unencrypted_data, :encrypt_fixtures, :validate_column_size, :add_to_filter_parameters,
              :excluded_from_filter_parameters, :extend_queries, :previous_schemes, :forced_encoding_for_deterministic_encryption

#support_sha1_for_non_deterministic_encryption=(value) (writeonly)

[ GitHub ]

# File 'activerecord/lib/active_record/encryption/config.rb', line 26


def support_sha1_for_non_deterministic_encryption=(value)
  if value && has_primary_key?
    sha1_key_generator = ActiveRecord::Encryption::KeyGenerator.new(hash_digest_class: OpenSSL::Digest::SHA1)
    sha1_key_provider = ActiveRecord::Encryption::DerivedSecretKeyProvider.new(primary_key, key_generator: sha1_key_generator)
    add_previous_scheme key_provider: sha1_key_provider
  end
end

#support_unencrypted_data (rw)

[ GitHub ]

# File 'activerecord/lib/active_record/encryption/config.rb', line 9


attr_accessor :primary_key, :deterministic_key, :store_key_references, :key_derivation_salt, :hash_digest_class,
              :support_unencrypted_data, :encrypt_fixtures, :validate_column_size, :add_to_filter_parameters,
              :excluded_from_filter_parameters, :extend_queries, :previous_schemes, :forced_encoding_for_deterministic_encryption

#validate_column_size (rw)

[ GitHub ]

# File 'activerecord/lib/active_record/encryption/config.rb', line 9


attr_accessor :primary_key, :deterministic_key, :store_key_references, :key_derivation_salt, :hash_digest_class,
              :support_unencrypted_data, :encrypt_fixtures, :validate_column_size, :add_to_filter_parameters,
              :excluded_from_filter_parameters, :extend_queries, :previous_schemes, :forced_encoding_for_deterministic_encryption

Instance Method Details

#add_previous_scheme(**properties) (private)

[ GitHub ]

# File 'activerecord/lib/active_record/encryption/config.rb', line 63


def add_previous_scheme(**properties)
  previous_schemes << ActiveRecord::Encryption::Scheme.new(**properties)
end

#set_defaults (private)

[ GitHub ]

# File 'activerecord/lib/active_record/encryption/config.rb', line 48


def set_defaults
  self.store_key_references = false
  self.support_unencrypted_data = false
  self.encrypt_fixtures = false
  self.validate_column_size = true
  self.add_to_filter_parameters = true
  self.excluded_from_filter_parameters = []
  self.previous_schemes = []
  self.forced_encoding_for_deterministic_encryption = Encoding::UTF_8
  self.hash_digest_class = OpenSSL::Digest::SHA1

  # TODO: Setting to false for now as the implementation is a bit experimental
  self.extend_queries = false
end

Class: ActiveRecord::Encryption::Config

Overview

Class Method Summary

Instance Attribute Summary

Instance Method Summary

Constructor Details

.new ⇒ Config

Instance Attribute Details

#add_to_filter_parameters (rw)

#deterministic_key (rw)

#encrypt_fixtures (rw)

#excluded_from_filter_parameters (rw)

#extend_queries (rw)

#forced_encoding_for_deterministic_encryption (rw)

#hash_digest_class (rw)

#key_derivation_salt (rw)

#previous=(previous_schemes_properties) (writeonly)

#previous_schemes (rw)

#primary_key (rw)

#store_key_references (rw)

#support_sha1_for_non_deterministic_encryption=(value) (writeonly)

#support_unencrypted_data (rw)

#validate_column_size (rw)

Instance Method Details

#add_previous_scheme(**properties) (private)

#set_defaults (private)

.new ⇒ `Config`