class ActiveSupport::EncryptedFile
Constants
CIPHER
"aes-128-gcm"
Attributes
[R] | content_path |
|
[R] | env_key |
|
[R] | key_path |
|
[R] | raise_if_missing_key |
Public class methods
Source code GitHub
# File activesupport/lib/active_support/encrypted_file.rb, line 31
def self.generate_key
SecureRandom.hex(ActiveSupport::MessageEncryptor.key_len(CIPHER))
end
Source code GitHub
# File activesupport/lib/active_support/encrypted_file.rb, line 42
def initialize(content_path:, key_path:, env_key:, raise_if_missing_key:)
@content_path = Pathname.new(content_path).yield_self { |path| path.symlink? ? path.realpath : path }
@key_path = Pathname.new(key_path)
@env_key, @raise_if_missing_key = env_key, raise_if_missing_key
end
Public instance methods
Source code GitHub
# File activesupport/lib/active_support/encrypted_file.rb, line 83
def change(&block)
writing read, &block
end
Returns the encryption key, first trying the environment variable specified by env_key
, then trying the key file specified by key_path
. If raise_if_missing_key
is true, raises MissingKeyError
if the environment variable is not set and the key file does not exist.
Source code GitHub
# File activesupport/lib/active_support/encrypted_file.rb, line 52
def key
read_env_key || read_key_file || handle_missing_key
end
Returns truthy if key
is truthy. Returns falsy otherwise. Unlike key
, does not raise MissingKeyError
when raise_if_missing_key
is true.
Source code GitHub
# File activesupport/lib/active_support/encrypted_file.rb, line 58
def key?
read_env_key || read_key_file
end
Reads the file and returns the decrypted content.
Raises:
-
MissingKeyError
if the key is missing andraise_if_missing_key
is true. -
MissingContentError
if the encrypted file does not exist or otherwise if the key is missing. -
ActiveSupport::MessageEncryptor::InvalidMessage
if the content cannot be decrypted or verified.
Source code GitHub
# File activesupport/lib/active_support/encrypted_file.rb, line 70
def read
if !key.nil? && content_path.exist?
decrypt content_path.binread
else
raise MissingContentError, content_path
end
end
Source code GitHub
# File activesupport/lib/active_support/encrypted_file.rb, line 78
def write(contents)
IO.binwrite "#{content_path}.tmp", encrypt(contents)
FileUtils.mv "#{content_path}.tmp", content_path
end