Class: Lockbox::Utils
- Inherits:
-
Object
- Object
- Lockbox::Utils
- Defined in:
- lib/lockbox/utils.rb
Class Method Summary collapse
- .build_box(context, options, table, attribute) ⇒ Object
- .decode_key(key, size: 32) ⇒ Object
- .encrypt_attachable(record, name, attachable) ⇒ Object
- .encrypted?(record, name) ⇒ Boolean
- .encrypted_options(record, name) ⇒ Object
Class Method Details
.build_box(context, options, table, attribute) ⇒ Object
3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
# File 'lib/lockbox/utils.rb', line 3 def self.build_box(context, , table, attribute) = .except(:attribute, :encrypted_attribute, :migrating, :attached, :type) .each do |k, v| if v.is_a?(Proc) [k] = context.instance_exec(&v) if v.respond_to?(:call) elsif v.is_a?(Symbol) [k] = context.send(v) end end unless [:key] || [:encryption_key] || [:decryption_key] [:key] = Lockbox.attribute_key(table: table, attribute: attribute, master_key: .delete(:master_key)) end if [:previous_versions].is_a?(Array) [:previous_versions] = [:previous_versions].dup [:previous_versions].each_with_index do |version, i| if !(version[:key] || version[:encryption_key] || version[:decryption_key]) && version[:master_key] [:previous_versions][i] = version.merge(key: Lockbox.attribute_key(table: table, attribute: attribute, master_key: version.delete(:master_key))) end end end Lockbox.new(**) end |
.decode_key(key, size: 32) ⇒ Object
33 34 35 36 37 38 39 40 41 42 |
# File 'lib/lockbox/utils.rb', line 33 def self.decode_key(key, size: 32) if key.encoding != Encoding::BINARY && key =~ /\A[0-9a-f]{#{size * 2}}\z/i key = [key].pack("H*") end raise Lockbox::Error, "Key must use binary encoding" if key.encoding != Encoding::BINARY raise Lockbox::Error, "Key must be 32 bytes" if key.bytesize != size key end |
.encrypt_attachable(record, name, attachable) ⇒ Object
48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 |
# File 'lib/lockbox/utils.rb', line 48 def self.encrypt_attachable(record, name, attachable) = (record, name) box = build_box(record, , record.class.table_name, name) case attachable when ActionDispatch::Http::UploadedFile, Rack::Test::UploadedFile attachable = { io: box.encrypt_io(attachable), filename: attachable.original_filename, content_type: attachable.content_type } when Hash attachable = { io: box.encrypt_io(attachable[:io]), filename: attachable[:filename], content_type: attachable[:content_type] } else raise NotImplementedError, "Not supported" end attachable end |
.encrypted?(record, name) ⇒ Boolean
44 45 46 |
# File 'lib/lockbox/utils.rb', line 44 def self.encrypted?(record, name) !(record, name).nil? end |
.encrypted_options(record, name) ⇒ Object
29 30 31 |
# File 'lib/lockbox/utils.rb', line 29 def self.(record, name) record.class.respond_to?(:lockbox_attachments) ? record.class.[name.to_sym] : nil end |