Class: KmsEncrypted::Database

Inherits:

Object

Object
KmsEncrypted::Database

show all

Defined in:: lib/kms_encrypted/database.rb

Instance Attribute Summary collapse

#key_method ⇒ Object readonly

Returns the value of attribute key_method.
#options ⇒ Object readonly

Returns the value of attribute options.
#record ⇒ Object readonly

Returns the value of attribute record.

Instance Method Summary collapse

#context(version) ⇒ Object
#decrypt(ciphertext) ⇒ Object
#encrypt(plaintext) ⇒ Object
#initialize(record, key_method) ⇒ Database constructor

A new instance of Database.
#key_id ⇒ Object
#previous_versions ⇒ Object
#version ⇒ Object

Constructor Details

#initialize(record, key_method) ⇒ `Database`

Returns a new instance of Database.

# File 'lib/kms_encrypted/database.rb', line 5

def initialize(record, key_method)
  @record = record
  @key_method = key_method
  @options = record.class.kms_keys[key_method.to_sym]
end

Instance Attribute Details

#key_method ⇒ `Object` (readonly)

Returns the value of attribute key_method.



3
4
5

# File 'lib/kms_encrypted/database.rb', line 3

def key_method
  @key_method
end

#options ⇒ `Object` (readonly)

Returns the value of attribute options.



3
4
5

# File 'lib/kms_encrypted/database.rb', line 3

def options
  @options
end

#record ⇒ `Object` (readonly)

Returns the value of attribute record.



3
4
5

# File 'lib/kms_encrypted/database.rb', line 3

def record
  @record
end

Instance Method Details

#context(version) ⇒ `Object`

# File 'lib/kms_encrypted/database.rb', line 23

def context(version)
  name = options[:name]
  context_method = name ? "kms_encryption_context_#{name}" : "kms_encryption_context"
  if record.method(context_method).arity == 0
    record.send(context_method)
  else
    record.send(context_method, version: version)
  end
end

#decrypt(ciphertext) ⇒ `Object`

# File 'lib/kms_encrypted/database.rb', line 43

def decrypt(ciphertext)
  # determine version for context
  m = /\Av(\d+):/.match(ciphertext)
  ciphertext_version = m ? m[1].to_i : 1
  context = (options[:upgrade_context] && !m) ? {} : context(ciphertext_version)

  KmsEncrypted::Box.new(
    key_id: key_id,
    version: version,
    previous_versions: previous_versions
  ).decrypt(ciphertext, context: context)
end

#encrypt(plaintext) ⇒ `Object`

# File 'lib/kms_encrypted/database.rb', line 33

def encrypt(plaintext)
  context = context(version)

  KmsEncrypted::Box.new(
    key_id: key_id,
    version: version,
    previous_versions: previous_versions
  ).encrypt(plaintext, context: context)
end

#key_id ⇒ `Object`



15
16
17

# File 'lib/kms_encrypted/database.rb', line 15

def key_id
  @key_id ||= evaluate_option(:key_id)
end

#previous_versions ⇒ `Object`



19
20
21

# File 'lib/kms_encrypted/database.rb', line 19

def previous_versions
  @previous_versions ||= evaluate_option(:previous_versions)
end

#version ⇒ `Object`



11
12
13

# File 'lib/kms_encrypted/database.rb', line 11

def version
  @version ||= evaluate_option(:version).to_i
end

Class: KmsEncrypted::Database

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(record, key_method) ⇒ Database

Instance Attribute Details

#key_method ⇒ Object (readonly)

#options ⇒ Object (readonly)

#record ⇒ Object (readonly)

Instance Method Details

#context(version) ⇒ Object

#decrypt(ciphertext) ⇒ Object

#encrypt(plaintext) ⇒ Object

#key_id ⇒ Object

#previous_versions ⇒ Object

#version ⇒ Object

#initialize(record, key_method) ⇒ `Database`

#key_method ⇒ `Object` (readonly)

#options ⇒ `Object` (readonly)

#record ⇒ `Object` (readonly)

#context(version) ⇒ `Object`

#decrypt(ciphertext) ⇒ `Object`

#encrypt(plaintext) ⇒ `Object`

#key_id ⇒ `Object`

#previous_versions ⇒ `Object`

#version ⇒ `Object`