Namespace
Class
- ActiveSupport::EncryptedFile::InvalidKeyLengthError
- ActiveSupport::EncryptedFile::MissingContentError
- ActiveSupport::EncryptedFile::MissingKeyError
Methods
Constants
| CIPHER | = | "aes-128-gcm" |
Attributes
| [R] | content_path | |
| [R] | env_key | |
| [R] | key_path | |
| [R] | raise_if_missing_key |
Class Public methods
generate_key()
📝 Source code
# File activesupport/lib/active_support/encrypted_file.rb, line 31
def self.generate_key
SecureRandom.hex(ActiveSupport::MessageEncryptor.key_len(CIPHER))
endnew(content_path:, key_path:, env_key:, raise_if_missing_key:)
📝 Source code
# File activesupport/lib/active_support/encrypted_file.rb, line 42
def initialize(content_path:, key_path:, env_key:, raise_if_missing_key:)
@content_path = Pathname.new(content_path).yield_self { |path| path.symlink? ? path.realpath : path }
@key_path = Pathname.new(key_path)
@env_key, @raise_if_missing_key = env_key, raise_if_missing_key
endInstance Public methods
change(&block)
📝 Source code
# File activesupport/lib/active_support/encrypted_file.rb, line 83
def change(&block)
writing read, &block
endkey()
Returns the encryption key, first trying the environment variable specified by env_key, then trying the key file specified by key_path. If raise_if_missing_key is true, raises MissingKeyError if the environment variable is not set and the key file does not exist.
📝 Source code
# File activesupport/lib/active_support/encrypted_file.rb, line 52
def key
read_env_key || read_key_file || handle_missing_key
endkey?()
Returns truthy if key is truthy. Returns falsy otherwise. Unlike key, does not raise MissingKeyError when raise_if_missing_key is true.
📝 Source code
# File activesupport/lib/active_support/encrypted_file.rb, line 58
def key?
read_env_key || read_key_file
endread()
Reads the file and returns the decrypted content.
Raises:
-
MissingKeyErrorif the key is missing andraise_if_missing_keyis true. -
MissingContentErrorif the encrypted file does not exist or otherwise if the key is missing. -
ActiveSupport::MessageEncryptor::InvalidMessageif the content cannot be decrypted or verified.
📝 Source code
# File activesupport/lib/active_support/encrypted_file.rb, line 70
def read
if !key.nil? && content_path.exist?
decrypt content_path.binread.strip
else
raise MissingContentError, content_path
end
endwrite(contents)
📝 Source code
# File activesupport/lib/active_support/encrypted_file.rb, line 78
def write(contents)
IO.binwrite "#{content_path}.tmp", encrypt(contents)
FileUtils.mv "#{content_path}.tmp", content_path
end