module Sequel::Plugins::ColumnEncryption::ClassMethods
Attributes
A hash with column symbol keys and ColumnEncryptionMetadata values for each encrypted column.
Private Instance Methods
Source
# File lib/sequel/plugins/column_encryption.rb 631 def _encrypt_column(column, opts) 632 cryptor ||= if defined?(yield) 633 dsl = ColumnDSL.new 634 yield dsl 635 Cryptor.new(dsl.keys) 636 else 637 column_encryption_cryptor 638 end 639 640 encrypt_method, search_prefixes_method, search_type = case searchable = opts[:searchable] 641 when nil, false 642 [:encrypt, nil, Cryptor::NOT_SEARCHABLE] 643 when true 644 [:searchable_encrypt, :search_prefixes, Cryptor::SEARCHABLE] 645 when :case_insensitive 646 [:case_insensitive_searchable_encrypt, :lowercase_search_prefixes, Cryptor::LOWERCASE_SEARCHABLE] 647 else 648 raise Error, "invalid :searchable option for encrypted column: #{searchable.inspect}" 649 end 650 651 if searchable && opts[:search_both] 652 search_prefixes_method = :regular_and_lowercase_search_prefixes 653 end 654 655 # Setup the callables used in the metadata. 656 encryptor = cryptor.method(encrypt_method) 657 decryptor = cryptor.method(:decrypt) 658 data_searcher = cryptor.method(search_prefixes_method) if search_prefixes_method 659 key_searcher = lambda{cryptor.current_key_prefix(search_type)} 660 661 if format = opts[:format] 662 if format.is_a?(Symbol) 663 unless format = Sequel.synchronize{Serialization::REGISTERED_FORMATS[format]} 664 raise(Error, "Unsupported serialization format: #{format} (valid formats: #{Sequel.synchronize{Serialization::REGISTERED_FORMATS.keys}.inspect})") 665 end 666 end 667 668 # If a custom serialization format is used, override the 669 # callables to handle serialization and deserialization. 670 serializer, deserializer = format 671 enc, dec, data_s = encryptor, decryptor, data_searcher 672 encryptor = lambda do |data| 673 enc.call(serializer.call(data)) 674 end 675 decryptor = lambda do |data| 676 deserializer.call(dec.call(data)) 677 end 678 data_searcher = lambda do |data| 679 data_s.call(serializer.call(data)) 680 end 681 end 682 683 # Setup the setter and getter methods to do encryption and decryption using 684 # the serialization plugin. 685 serialize_attributes([encryptor, decryptor], column) 686 687 column_encryption_metadata[column] = ColumnEncryptionMetadata.new(encryptor, decryptor, data_searcher, key_searcher).freeze 688 689 nil 690 end
Setup encryption for the given column.
Source
# File lib/sequel/plugins/column_encryption.rb 626 def column_encryption_cryptor 627 @column_encryption_cryptor ||= Cryptor.new(@column_encryption_keys) 628 end
The default Cryptor
to use for encrypted columns. This is only overridden if per-column keys are used.