RubygemsResearch

Sha256: fc0b86357323ee24d1ae76c719ad7836b4cd533fdf92b6bcc89217fbeecaa67e

Contents?: true

Size: 1.49 KB

Versions: 68

Compression:

Stored size: 1.49 KB

# frozen_string_literal: true

module ActiveRecord
  module Encryption
    # A +KeyProvider+ serves keys:
    #
    # * An encryption key
    # * A list of potential decryption keys. Serving multiple decryption keys supports rotation-schemes
    #   where new keys are added but old keys need to continue working
    class KeyProvider
      def initialize(keys)
        @keys = Array(keys)
      end

      # Returns the first key in the list as the active key to perform encryptions
      #
      # When +ActiveRecord::Encryption.config.store_key_references+ is true, the key will include
      # a public tag referencing the key itself. That key will be stored in the public
      # headers of the encrypted message
      def encryption_key
        @encryption_key ||= @keys.last.tap do |key|
          key.public_tags.encrypted_data_key_id = key.id if ActiveRecord::Encryption.config.store_key_references
        end

        @encryption_key
      end

      # Returns the list of decryption keys
      #
      # When the message holds a reference to its encryption key, it will return an array
      # with that key. If not, it will return the list of keys.
      def decryption_keys(encrypted_message)
        if encrypted_message.headers.encrypted_data_key_id
          keys_grouped_by_id[encrypted_message.headers.encrypted_data_key_id]
        else
          @keys
        end
      end

      private
        def keys_grouped_by_id
          @keys_grouped_by_id ||= @keys.group_by(&:id)
        end
    end
  end
end

Version data entries

68 entries across 65 versions & 7 rubygems

Version	Path
minato_ruby_api_client-0.2.2	vendor/bundle/ruby/3.2.0/gems/activerecord-7.1.3.4/lib/active_record/encryption/key_provider.rb
activerecord-7.1.5.1	lib/active_record/encryption/key_provider.rb
activerecord-7.0.8.7	lib/active_record/encryption/key_provider.rb
activerecord-7.1.5	lib/active_record/encryption/key_provider.rb
activerecord-7.2.1.2	lib/active_record/encryption/key_provider.rb
activerecord-7.1.4.2	lib/active_record/encryption/key_provider.rb
activerecord-7.0.8.6	lib/active_record/encryption/key_provider.rb
activerecord-7.2.1.1	lib/active_record/encryption/key_provider.rb
activerecord-7.1.4.1	lib/active_record/encryption/key_provider.rb
activerecord-7.0.8.5	lib/active_record/encryption/key_provider.rb
activerecord-7.1.4	lib/active_record/encryption/key_provider.rb
activerecord-7.2.1	lib/active_record/encryption/key_provider.rb
activerecord-7.2.0	lib/active_record/encryption/key_provider.rb
activerecord-7.2.0.rc1	lib/active_record/encryption/key_provider.rb
blacklight-spotlight-3.6.0.beta8	vendor/bundle/ruby/3.2.0/gems/activerecord-7.0.8.4/lib/active_record/encryption/key_provider.rb
blacklight-spotlight-3.6.0.beta8	vendor/bundle/ruby/3.2.0/gems/activerecord-7.1.3.4/lib/active_record/encryption/key_provider.rb
activerecord-7.2.0.beta3	lib/active_record/encryption/key_provider.rb
cm-admin-1.5.22	vendor/bundle/ruby/3.3.0/gems/activerecord-7.0.5.1/lib/active_record/encryption/key_provider.rb
cm-admin-1.5.21	vendor/bundle/ruby/3.3.0/gems/activerecord-7.0.5.1/lib/active_record/encryption/key_provider.rb
cm-admin-1.5.20	vendor/bundle/ruby/3.3.0/gems/activerecord-7.0.5.1/lib/active_record/encryption/key_provider.rb