# File lib/encrypted_store/active_record/encryption_key.rb, line 10 def primary_encryption_key new_key unless _has_primary? where(primary: true).last || last end
class EncryptedStore::ActiveRecord::EncryptionKey
Public Class Methods
_create_primary_key(dek)
click to toggle source
# File lib/encrypted_store/active_record/encryption_key.rb, line 55 def _create_primary_key(dek) self.new.tap { |key| key.dek = EncryptedStore.encrypt_key(dek, true) key.primary = true key.save! } end
_has_primary?()
click to toggle source
# File lib/encrypted_store/active_record/encryption_key.rb, line 51 def _has_primary? where(primary: true).exists? end
new_key(custom_key = nil)
click to toggle source
# File lib/encrypted_store/active_record/encryption_key.rb, line 15 def new_key(custom_key = nil) dek = custom_key || SecureRandom.random_bytes(32) transaction { _has_primary? && where(primary: true).first.update_attributes(primary: false) _create_primary_key(dek) } end
preload(amount)
click to toggle source
Preload the most recent `amount` keys.
# File lib/encrypted_store/active_record/encryption_key.rb, line 41 def preload(amount) primary_encryption_key # Ensure there's at least a primary key order('id DESC').limit(amount) end
primary_encryption_key()
click to toggle source
retire_keys(key_ids = [])
click to toggle source
# File lib/encrypted_store/active_record/encryption_key.rb, line 24 def retire_keys(key_ids = []) pkey = primary_encryption_key ActiveRecord::Mixin.descendants.each { |model| records = key_ids.empty? ? model.where("encryption_key_id != ?", pkey.id) : model.where("encryption_key_id IN (?)", key_ids) records.find_in_batches do |batch| batch.each { |record| record.reencrypt(pkey) } end } pkey end
rotate_keys()
click to toggle source
# File lib/encrypted_store/active_record/encryption_key.rb, line 46 def rotate_keys new_key retire_keys end
Public Instance Methods
decrypted_key()
click to toggle source
# File lib/encrypted_store/active_record/encryption_key.rb, line 64 def decrypted_key EncryptedStore.decrypt_key(self.dek, self.primary) end