class Portunus::Rotators::Dek
Attributes
data_encryption_key[R]
Public Class Methods
for(data_encryption_key)
click to toggle source
# File lib/portunus/rotators/dek.rb, line 4 def self.for(data_encryption_key) new(data_encryption_key).rotate end
new(data_encryption_key)
click to toggle source
# File lib/portunus/rotators/dek.rb, line 8 def initialize(data_encryption_key) @data_encryption_key = data_encryption_key end
Public Instance Methods
rotate()
click to toggle source
# File lib/portunus/rotators/dek.rb, line 12 def rotate encryptable = data_encryption_key.encryptable if encryptable.blank? Rails.logger.debug("Dek id: #{data_encryption_key.id} is missing it's encryptable... deleting") data_encryption_key.destroy return true end Rails.logger.debug( "Rotating Encryptable: #{encryptable.class}, id: #{encryptable.id}" ) ActiveRecord::Base.transaction do encryptable.class.encrypted_fields_list.map do |field_name| field_value_map[field_name.to_sym] = encryptable.send(field_name.to_sym) end data_encryption_key.update(encrypted_key: new_encrypted_key) encryptable.data_encryption_key.reload field_value_map.map do |field_name, value| encryptable.send("#{field_name}=".to_sym, value) end encryptable.save data_encryption_key.update(last_dek_rotation: DateTime.now) end true rescue StandardError => error raise ::Portunus::Error.new( "Rotating DEK failed: #{error.full_message}" ) end
Private Instance Methods
encrypter()
click to toggle source
# File lib/portunus/rotators/dek.rb, line 56 def encrypter ::Portunus.configuration.encrypter end
field_value_map()
click to toggle source
# File lib/portunus/rotators/dek.rb, line 60 def field_value_map @_field_value_map ||= {} end
master_key()
click to toggle source
# File lib/portunus/rotators/dek.rb, line 64 def master_key storage_adaptor.lookup(data_encryption_key.master_keyname) end
new_encrypted_key()
click to toggle source
# File lib/portunus/rotators/dek.rb, line 72 def new_encrypted_key encrypter.encrypt( key: master_key.value, value: new_plaintext_key ) end
new_plaintext_key()
click to toggle source
# File lib/portunus/rotators/dek.rb, line 68 def new_plaintext_key @_new_plaintext_key ||= encrypter.generate_key end
storage_adaptor()
click to toggle source
# File lib/portunus/rotators/dek.rb, line 52 def storage_adaptor ::Portunus.configuration.storage_adaptor end