Class: ROM::EncryptedAttribute::Decryptor

Inherits:

Object

Object
ROM::EncryptedAttribute::Decryptor

show all

Defined in:: lib/rom/encrypted_attribute/decryptor.rb

Constant Summary collapse

UnencryptedDataNotAllowed =

Class.new(RuntimeError)

Instance Method Summary collapse

#decrypt(message) ⇒ Object
#initialize(derivator:, support_unencrypted_data: false) ⇒ Decryptor constructor

A new instance of Decryptor.

Constructor Details

#initialize(derivator:, support_unencrypted_data: false) ⇒ `Decryptor`

Returns a new instance of Decryptor.

# File 'lib/rom/encrypted_attribute/decryptor.rb', line 12

def initialize(derivator:, support_unencrypted_data: false)
  @derivator = derivator
  @support_unencrypted_data = support_unencrypted_data
end

Instance Method Details

#decrypt(message) ⇒ `Object`

# File 'lib/rom/encrypted_attribute/decryptor.rb', line 17

def decrypt(message)
  return nil if message.nil?

  payload = ROM::EncryptedAttribute::Payload.decode(message)

  cipher = OpenSSL::Cipher.new("aes-256-gcm")
  key = @derivator.derive(cipher.key_len)

  cipher.decrypt
  cipher.padding = 0
  cipher.key = key
  cipher.iv = payload.initialization_vector
  cipher.auth_tag = payload.auth_tag
  cipher.auth_data = ""
  cipher.update(payload.message) + cipher.final
rescue JSON::ParserError
  if @support_unencrypted_data
    message
  else
    raise UnencryptedDataNotAllowed
  end
end

Class: ROM::EncryptedAttribute::Decryptor

Constant Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(derivator:, support_unencrypted_data: false) ⇒ Decryptor

Instance Method Details

#decrypt(message) ⇒ Object

#initialize(derivator:, support_unencrypted_data: false) ⇒ `Decryptor`

#decrypt(message) ⇒ `Object`