Class: ROM::EncryptedAttribute::Decryptor

Inherits:

Object

• Object
• ROM::EncryptedAttribute::Decryptor

Defined in:

lib/rom/encrypted_attribute/decryptor.rb

Instance Method Summary

• #decrypt(message) ⇒ Object
• #initialize(derivator:) ⇒ Decryptor constructor

  A new instance of Decryptor.

Constructor Details

#initialize(derivator:) ⇒ Decryptor

Returns a new instance of Decryptor.

# File 'lib/rom/encrypted_attribute/decryptor.rb', line 10

def initialize(derivator:)
  @derivator = derivator
end

Instance Method Details

#decrypt(message) ⇒ Object

# File 'lib/rom/encrypted_attribute/decryptor.rb', line 14

def decrypt(message)
  payload = ROM::EncryptedAttribute::Payload.decode(message)

  cipher = OpenSSL::Cipher.new("aes-256-gcm")
  key = @derivator.derive(cipher.key_len)

  cipher.decrypt
  cipher.padding = 0
  cipher.key = key
  cipher.iv = payload.initialization_vector
  cipher.auth_tag = payload.auth_tag
  cipher.auth_data = ""
  cipher.update(payload.message) + cipher.final
rescue JSON::ParserError
  # we need to unconditionally support of reading unencrypted data due to a bug in rom-sql
  # https://github.com/rom-rb/rom-sql/issues/423
  message
end