Module: Pod4::Encrypting::InstanceMethods

Defined in:

lib/pod4/encrypting.rb

Instance Method Summary

• #decrypt(string) ⇒ Object

  Public facing manual decryption, compatible with the current model.

• #encrypt(string) ⇒ Object

  Public facing manual encryption, compatible with the current model.

• #encryption_iv ⇒ Object

  The value of the IV field (whatever it is) _as currently stored on the model_.

• #map_to_interface ⇒ Object

  When mapping to the interface, encrypt the encryptable columns from the model.

• #map_to_model(ot) ⇒ Object

  When mapping to the model, decrypt the encrypted columns from the interface.

Instance Method Details

#decrypt(string) ⇒ Object

Public facing manual decryption, compatible with the current model

# File 'lib/pod4/encrypting.rb', line 195

def decrypt(string)
  cipher = get_cipher(:decrypt)
  iv     = use_iv? ? encryption_iv : nil
  crypt(cipher, :decrypt, iv, string)
end

#encrypt(string) ⇒ Object

Public facing manual encryption, compatible with the current model

# File 'lib/pod4/encrypting.rb', line 186

def encrypt(string)
  cipher = get_cipher(:encrypt)
  iv     = use_iv? ? encryption_iv : nil
  crypt(cipher, :encrypt, iv, string)
end

#encryption_iv ⇒ Object

The value of the IV field (whatever it is) _as currently stored on the model_

# File 'lib/pod4/encrypting.rb', line 178

def encryption_iv
  return nil unless use_iv?
  instance_variable_get( "@#{self.class.encryption_iv_column}".to_sym )
end

#map_to_interface ⇒ Object

When mapping to the interface, encrypt the encryptable columns from the model

# File 'lib/pod4/encrypting.rb', line 138

def map_to_interface
  hash   = super.to_h
  cipher = get_cipher(:encrypt)

  # Each time we write, we set a new IV. We must also set it on the hash to go to the
  # interface, where it must be base64 encoded, just like the encrypted columns.
  if use_iv? 
    set_encryption_iv( cipher.random_iv )
    hash[self.class.encryption_iv_column] = Base64.strict_encode64(encryption_iv)
  end

  self.class.encryption_columns.each do |col|
    hash[col] = crypt(cipher, :encrypt, encryption_iv, hash[col])
  end

  Octothorpe.new(hash)
end

#map_to_model(ot) ⇒ Object

When mapping to the model, decrypt the encrypted columns from the interface

# File 'lib/pod4/encrypting.rb', line 159

def map_to_model(ot)
  hash   = ot.to_h
  cipher = get_cipher(:decrypt)

  # The IV column is not in columns, so we need to de-base-64 it and set it on the model here
  if use_iv? && (iv64 = hash[self.class.encryption_iv_column])
    set_encryption_iv Base64.strict_decode64(iv64)
  end

  self.class.encryption_columns.each do |col|
    hash[col] = crypt(cipher, :decrypt, encryption_iv, hash[col])
  end

  super Octothorpe.new(hash)
end