Module: Strongbox::ClassMethods

Defined in:
lib/strongbox.rb

Instance Method Summary collapse

Instance Method Details

#encrypt_with_public_key(*args) ⇒ Object

encrypt_with_public_key gives the class it is called on an attribute that when assigned is automatically encrypted using a public key. This allows the unattended encryption of data, without exposing the information need to decrypt it (as would be the case when using symmetric key encryption alone). Small amounts of data may be encrypted directly with the public key. Larger data is encrypted using symmetric encryption. The encrypted data is stored in the database column of the same name as the attibute. If symmetric encryption is used (the default) additional column are need to store the generated password and IV.

Last argument should be the options hash Argument 0..-2 contains columns to be encrypted



53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
 
# File 'lib/strongbox.rb', line 53

def encrypt_with_public_key(*args)
  include InstanceMethods

  options = args.delete_at(-1) || {}

  unless options.is_a?(Hash)
    args.push(options)
    options = {}
  end

  if args.one?
    name = args.first
  else
    return args.each { |name| encrypt_with_public_key(name, options) }
  end

  if respond_to?(:class_attribute)
    self.lock_options = {} if lock_options.nil?
  else
    class_inheritable_reader :lock_options
    write_inheritable_attribute(:lock_options, {}) if lock_options.nil?
  end

  lock_options[name] = options.symbolize_keys.reverse_merge Strongbox.options
  define_method name do
    lock_for(name)
  end

  define_method "#{name}=" do | plaintext |
    lock_for(name).content plaintext
  end

  if lock_options[name][:deferred_encryption]
    before_save do
      lock_for(name).encrypt!
    end
  end
end