Class: ActiveRecord::Encryption::Encryptor
- Inherits:
-
Object
- Object
- ActiveRecord::Encryption::Encryptor
- Defined in:
- lib/active_record/encryption/encryptor.rb
Overview
An encryptor exposes the encryption API that ActiveRecord::Encryption::EncryptedAttributeType uses for encrypting and decrypting attribute values.
It interacts with a KeyProvider for getting the keys, and delegate to ActiveRecord::Encryption::Cipher the actual encryption algorithm.
Direct Known Subclasses
Instance Method Summary collapse
- #binary? ⇒ Boolean
-
#decrypt(encrypted_text, key_provider: default_key_provider, cipher_options: {}) ⇒ Object
Decrypts an
encrypted_text
and returns the result as clean text. -
#encrypt(clear_text, key_provider: default_key_provider, cipher_options: {}) ⇒ Object
Encrypts
clean_text
and returns the encrypted result. -
#encrypted?(text) ⇒ Boolean
Returns whether the text is encrypted or not.
-
#initialize(compress: true) ⇒ Encryptor
constructor
Options.
Constructor Details
#initialize(compress: true) ⇒ Encryptor
Options
-
:compress
- Boolean indicating whether records should be compressed before encryption. Defaults totrue
.
19 20 21 |
# File 'lib/active_record/encryption/encryptor.rb', line 19 def initialize(compress: true) @compress = compress end |
Instance Method Details
#binary? ⇒ Boolean
77 78 79 |
# File 'lib/active_record/encryption/encryptor.rb', line 77 def binary? serializer.binary? end |
#decrypt(encrypted_text, key_provider: default_key_provider, cipher_options: {}) ⇒ Object
Decrypts an encrypted_text
and returns the result as clean text
Options
- :key_provider
-
Key provider to use for the encryption operation. It will default to
ActiveRecord::Encryption.key_provider
when not provided - :cipher_options
-
Cipher-specific options that will be passed to the Cipher configured in
ActiveRecord::Encryption.cipher
60 61 62 63 64 65 66 67 |
# File 'lib/active_record/encryption/encryptor.rb', line 60 def decrypt(encrypted_text, key_provider: default_key_provider, cipher_options: {}) = (encrypted_text) keys = key_provider.decryption_keys() raise Errors::Decryption unless keys.present? uncompress_if_needed(cipher.decrypt(, key: keys.collect(&:secret), **), .headers.compressed) rescue *(ENCODING_ERRORS + DECRYPT_ERRORS) raise Errors::Decryption end |
#encrypt(clear_text, key_provider: default_key_provider, cipher_options: {}) ⇒ Object
Encrypts clean_text
and returns the encrypted result
Internally, it will:
-
Create a new ActiveRecord::Encryption::Message
-
Compress and encrypt
clean_text
as the message payload -
Serialize it with
ActiveRecord::Encryption.message_serializer
(ActiveRecord::Encryption::SafeMarshal
by default) -
Encode the result with Base 64
Options
- :key_provider
-
Key provider to use for the encryption operation. It will default to
ActiveRecord::Encryption.key_provider
when not provided. - :cipher_options
-
Cipher-specific options that will be passed to the Cipher configured in
ActiveRecord::Encryption.cipher
42 43 44 45 46 47 |
# File 'lib/active_record/encryption/encryptor.rb', line 42 def encrypt(clear_text, key_provider: default_key_provider, cipher_options: {}) clear_text = force_encoding_if_needed(clear_text) if [:deterministic] validate_payload_type(clear_text) (clear_text, key_provider: key_provider, cipher_options: ) end |