Namespace
Class
- ActiveSupport::EncryptedFile::InvalidKeyLengthError
- ActiveSupport::EncryptedFile::MissingContentError
- ActiveSupport::EncryptedFile::MissingKeyError
Methods
Constants
CIPHER | = | "aes-128-gcm" |
Attributes
[R] | content_path | |
[R] | env_key | |
[R] | key_path | |
[R] | raise_if_missing_key |
Class Public methods
generate_key()
📝 Source code
# File activesupport/lib/active_support/encrypted_file.rb, line 31
def self.generate_key
SecureRandom.hex(ActiveSupport::MessageEncryptor.key_len(CIPHER))
end
🔎 See on GitHub
new(content_path:, key_path:, env_key:, raise_if_missing_key:)
📝 Source code
# File activesupport/lib/active_support/encrypted_file.rb, line 42
def initialize(content_path:, key_path:, env_key:, raise_if_missing_key:)
@content_path = Pathname.new(content_path).yield_self { |path| path.symlink? ? path.realpath : path }
@key_path = Pathname.new(key_path)
@env_key, @raise_if_missing_key = env_key, raise_if_missing_key
end
🔎 See on GitHub
Instance Public methods
change(&block)
📝 Source code
# File activesupport/lib/active_support/encrypted_file.rb, line 83
def change(&block)
writing read, &block
end
🔎 See on GitHub
key()
Returns the encryption key, first trying the environment variable specified by env_key
, then trying the key file specified by key_path
. If raise_if_missing_key
is true, raises MissingKeyError
if the environment variable is not set and the key file does not exist.
📝 Source code
# File activesupport/lib/active_support/encrypted_file.rb, line 52
def key
read_env_key || read_key_file || handle_missing_key
end
🔎 See on GitHub
key?()
Returns truthy if key
is truthy. Returns falsy otherwise. Unlike key
, does not raise MissingKeyError
when raise_if_missing_key
is true.
📝 Source code
# File activesupport/lib/active_support/encrypted_file.rb, line 58
def key?
read_env_key || read_key_file
end
🔎 See on GitHub
read()
Reads the file and returns the decrypted content.
Raises:
-
MissingKeyError
if the key is missing andraise_if_missing_key
is true. -
MissingContentError
if the encrypted file does not exist or otherwise if the key is missing. -
ActiveSupport::MessageEncryptor::InvalidMessage
if the content cannot be decrypted or verified.
📝 Source code
# File activesupport/lib/active_support/encrypted_file.rb, line 70
def read
if !key.nil? && content_path.exist?
decrypt content_path.binread.strip
else
raise MissingContentError, content_path
end
end
🔎 See on GitHub
write(contents)
📝 Source code
# File activesupport/lib/active_support/encrypted_file.rb, line 78
def write(contents)
IO.binwrite "#{content_path}.tmp", encrypt(contents)
FileUtils.mv "#{content_path}.tmp", content_path
end
🔎 See on GitHub