class ActiveRecord::Encryption::KeyGenerator

Utility for generating and deriving random keys.

Attributes

hash_digest_class[R]

Public Class Methods

new(hash_digest_class: ActiveRecord::Encryption.config.hash_digest_class) click to toggle source
# File lib/active_record/encryption/key_generator.rb, line 11
def initialize(hash_digest_class: ActiveRecord::Encryption.config.hash_digest_class)
  @hash_digest_class = hash_digest_class
end

Public Instance Methods

derive_key_from(password, length: key_length) click to toggle source

Derives a key from the given password. The key will have a size in bytes of :length (configured Cipher‘s length by default)

The generated key will be salted with the value of ActiveRecord::Encryption.key_derivation_salt

# File lib/active_record/encryption/key_generator.rb, line 38
def derive_key_from(password, length: key_length)
  ActiveSupport::KeyGenerator.new(password, hash_digest_class: hash_digest_class)
    .generate_key(key_derivation_salt, length)
end
generate_random_hex_key(length: key_length) click to toggle source

Returns a random key in hexadecimal format. The key will have a size in bytes of :length (configured Cipher‘s length by default)

Hexadecimal format is handy for representing keys as printable text. To maximize the space of characters used, it is good practice including not printable characters. Hexadecimal format ensures that generated keys are representable with plain text

To convert back to the original string with the desired length:

[ value ].pack("H*")
# File lib/active_record/encryption/key_generator.rb, line 30
def generate_random_hex_key(length: key_length)
  generate_random_key(length: length).unpack("H*")[0]
end
generate_random_key(length: key_length) click to toggle source

Returns a random key. The key will have a size in bytes of :length (configured Cipher‘s length by default)

# File lib/active_record/encryption/key_generator.rb, line 16
def generate_random_key(length: key_length)
  SecureRandom.random_bytes(length)
end

Private Instance Methods

key_derivation_salt() click to toggle source
# File lib/active_record/encryption/key_generator.rb, line 44
def key_derivation_salt
  @key_derivation_salt ||= ActiveRecord::Encryption.config.key_derivation_salt
end
key_length() click to toggle source
# File lib/active_record/encryption/key_generator.rb, line 48
def key_length
  @key_length ||= ActiveRecord::Encryption.cipher.key_length
end