class EnvelopeEncryptionKeyProvider
Ruby on Rails 8.1.2
Since v7.0.10Implements a simple envelope encryption approach where:
-
It generates a random data-encryption key for each encryption operation.
-
It stores the generated key along with the encrypted payload. It encrypts this key with the master key provided in the
active_record_encryption.primary_keycredential.
This provider can work with multiple master keys. It will use the last one for encrypting.
When config.active_record.encryption.store_key_references is true, it will also store a reference to the specific master key that was used to encrypt the data-encryption key. When not set, it will try all the configured master keys looking for the right one, in order to return the right decryption key.
Inherits from
Methods (defined here)
Private methods
(4)
Implementation detail — not part of the public API.
Methods (inherited)
From Object (17)
- # acts_like?
- # blank?
- # deep_dup
- # duplicable?
- # html_safe?
- # in?
- # instance_values
- # instance_variable_names
- # presence
- # presence_in
- # present?
- # to_param
- # to_query
- # try
- # try!
- # with
- # with_options
From ActiveSupport::NumericWithFormat (2)
- # to_formatted_s
- # to_fs