module Sequel::Plugins::ColumnEncryption::ClassMethods
Attributes
column_encryption_metadata[R]
A hash with column symbol keys and ColumnEncryptionMetadata values for each encrypted column.
Private Instance Methods
_encrypt_column(column, opts) { || ... }
click to toggle source
Setup encryption for the given column.
# File lib/sequel/plugins/column_encryption.rb, line 630 def _encrypt_column(column, opts) cryptor ||= if defined?(yield) dsl = ColumnDSL.new yield dsl Cryptor.new(dsl.keys) else column_encryption_cryptor end encrypt_method, search_prefixes_method, search_type = case searchable = opts[:searchable] when nil, false [:encrypt, nil, Cryptor::NOT_SEARCHABLE] when true [:searchable_encrypt, :search_prefixes, Cryptor::SEARCHABLE] when :case_insensitive [:case_insensitive_searchable_encrypt, :lowercase_search_prefixes, Cryptor::LOWERCASE_SEARCHABLE] else raise Error, "invalid :searchable option for encrypted column: #{searchable.inspect}" end if searchable && opts[:search_both] search_prefixes_method = :regular_and_lowercase_search_prefixes end # Setup the callables used in the metadata. encryptor = cryptor.method(encrypt_method) decryptor = cryptor.method(:decrypt) data_searcher = cryptor.method(search_prefixes_method) if search_prefixes_method key_searcher = lambda{cryptor.current_key_prefix(search_type)} if format = opts[:format] if format.is_a?(Symbol) unless format = Sequel.synchronize{Serialization::REGISTERED_FORMATS[format]} raise(Error, "Unsupported serialization format: #{format} (valid formats: #{Sequel.synchronize{Serialization::REGISTERED_FORMATS.keys}.inspect})") end end # If a custom serialization format is used, override the # callables to handle serialization and deserialization. serializer, deserializer = format enc, dec, data_s = encryptor, decryptor, data_searcher encryptor = lambda do |data| enc.call(serializer.call(data)) end decryptor = lambda do |data| deserializer.call(dec.call(data)) end data_searcher = lambda do |data| data_s.call(serializer.call(data)) end end # Setup the setter and getter methods to do encryption and decryption using # the serialization plugin. serialize_attributes([encryptor, decryptor], column) column_encryption_metadata[column] = ColumnEncryptionMetadata.new(encryptor, decryptor, data_searcher, key_searcher).freeze nil end
column_encryption_cryptor()
click to toggle source
The default Cryptor to use for encrypted columns. This is only overridden if per-column keys are used.
# File lib/sequel/plugins/column_encryption.rb, line 625 def column_encryption_cryptor @column_encryption_cryptor ||= Cryptor.new(@column_encryption_keys) end