Class: Heroku::Bouncer::DecryptedHash

Inherits:

Hash

• Object
• Hash
• Heroku::Bouncer::DecryptedHash

Defined in:

lib/heroku/bouncer/decrypted_hash.rb

Overview

Encapsulates encrypting and decrypting a hash of data. Does not store the key that is passed in.

Constant Summary

Lockbox =

::Heroku::Bouncer::Lockbox

Class Method Summary

• .unlock(data, key) ⇒ Object

Instance Method Summary

• #initialize(decrypted_hash = nil) ⇒ DecryptedHash constructor

  A new instance of DecryptedHash.

• #lock(key) ⇒ Object

Constructor Details

#initialize(decrypted_hash = nil) ⇒ DecryptedHash

Returns a new instance of DecryptedHash.

# File 'lib/heroku/bouncer/decrypted_hash.rb', line 9

def initialize(decrypted_hash = nil)
  super
  replace(decrypted_hash) if decrypted_hash
end

Class Method Details

.unlock(data, key) ⇒ Object

# File 'lib/heroku/bouncer/decrypted_hash.rb', line 14

def self.unlock(data, key)
  if data && data = Lockbox.new(key).unlock(data)
    data, digest = data.split("--")
    if digest == Lockbox.generate_hmac(data, key)
      data = data.unpack('m*').first
      data = Marshal.load(data)
      new(data)
    else
      new
    end
  else
    new
  end
end

Instance Method Details

#lock(key) ⇒ Object

# File 'lib/heroku/bouncer/decrypted_hash.rb', line 29

def lock(key)
  # marshal a Hash, not a DecryptedHash
  data = {}.replace(self)
  data = Marshal.dump(data)
  data = [data].pack('m*')
  data = "#{data}--#{Lockbox.generate_hmac(data, key)}"
  Lockbox.new(key).lock(data)
end