Class: ActiveStorageEncryption::EncryptedDiskService::V1Scheme

Inherits:
Object
  • Object
show all
Defined in:
lib/active_storage_encryption/encrypted_disk_service/v1_scheme.rb

Instance Method Summary collapse

Constructor Details

#initialize(encryption_key) ⇒ V1Scheme

Returns a new instance of V1Scheme.



4
5
6
7
 
# File 'lib/active_storage_encryption/encrypted_disk_service/v1_scheme.rb', line 4

def initialize(encryption_key)
  @scheme = BlockCipherKit::AES256CFBCIVScheme.new(encryption_key)
  @key_digest = Digest::SHA256.digest(encryption_key.byteslice(0, 16 + 32)) # In this scheme the IV is suffixed with the key
end

Instance Method Details

#decrypt_range(from_ciphertext_io:, range:) ⇒ Object 



19
20
21
22
 
# File 'lib/active_storage_encryption/encrypted_disk_service/v1_scheme.rb', line 19

def decrypt_range(from_ciphertext_io:, range:)
  validate_key!(from_ciphertext_io)
  @scheme.decrypt_range(from_ciphertext_io:, range:)
end

#streaming_decrypt(from_ciphertext_io:, into_plaintext_io: nil, &blk) ⇒ Object 



9
10
11
12
 
# File 'lib/active_storage_encryption/encrypted_disk_service/v1_scheme.rb', line 9

def streaming_decrypt(from_ciphertext_io:, into_plaintext_io: nil, &blk)
  validate_key!(from_ciphertext_io)
  @scheme.streaming_decrypt(from_ciphertext_io:, into_plaintext_io:, &blk)
end

#streaming_encrypt(into_ciphertext_io:, from_plaintext_io: nil, &blk) ⇒ Object 



14
15
16
17
 
# File 'lib/active_storage_encryption/encrypted_disk_service/v1_scheme.rb', line 14

def streaming_encrypt(into_ciphertext_io:, from_plaintext_io: nil, &blk)
  into_ciphertext_io.write(@key_digest)
  @scheme.streaming_encrypt(into_ciphertext_io:, from_plaintext_io:, &blk)
end

#validate_key!(io) ⇒ Object

Raises:



24
25
26
27
 
# File 'lib/active_storage_encryption/encrypted_disk_service/v1_scheme.rb', line 24

def validate_key!(io)
  key_digest_from_io = io.read(@key_digest.bytesize)
  raise ActiveStorageEncryption::IncorrectEncryptionKey unless key_digest_from_io == @key_digest
end