class CryptKeeper::Provider::PostgresPgp

Attributes

key[RW]
pgcrypto_options[RW]

Public Class Methods

new(options = {}) click to toggle source

Public: Initializes the encryptor

options - A hash, :key is required
# File lib/crypt_keeper/provider/postgres_pgp.rb, line 10
def initialize(options = {})
  ::ActiveSupport.run_load_hooks(:crypt_keeper_postgres_pgp_log, self)

  @key = options.fetch(:key) do
    raise ArgumentError, "Missing :key"
  end

  @pgcrypto_options = options.fetch(:pgcrypto_options, '')
end

Public Instance Methods

decrypt(value) click to toggle source

Public: Decrypts a string

Returns a plaintext string

# File lib/crypt_keeper/provider/postgres_pgp.rb, line 33
def decrypt(value)
  rescue_invalid_statement do
    if encrypted?(value)
      escape_and_execute_sql(["SELECT pgp_sym_decrypt(?, ?)",
        value, key])['pgp_sym_decrypt']
    else
      value
    end
  end
end
encrypt(value) click to toggle source

Public: Encrypts a string

Returns an encrypted string

# File lib/crypt_keeper/provider/postgres_pgp.rb, line 23
def encrypt(value)
  rescue_invalid_statement do
    escape_and_execute_sql(["SELECT pgp_sym_encrypt(?, ?, ?)",
      value.to_s, key, pgcrypto_options])['pgp_sym_encrypt']
  end
end

Private Instance Methods

rescue_invalid_statement() { || ... } click to toggle source

Private: Rescues and filters invalid statement errors. Run the code within a block for it to be rescued.

# File lib/crypt_keeper/provider/postgres_pgp.rb, line 59
def rescue_invalid_statement
  yield
rescue ActiveRecord::StatementInvalid => e
  message = crypt_keeper_payload_parse(e.message)
  message = crypt_keeper_filter_postgres_log(message)
  raise ActiveRecord::StatementInvalid, message
end