Class: ActiveCipherStorage::Providers::EnvProvider

Inherits:

Base

• Object
• Base
• ActiveCipherStorage::Providers::EnvProvider

Includes:

KeyUtils

Defined in:

lib/active_cipher_storage/providers/env_provider.rb

Constant Summary

PROVIDER_ID =

"env"

WRAP_ALGO =

"aes-256-gcm"

MASTER_KEY_SIZE =

32

WRAP_IV_SIZE =

12

WRAP_TAG_SIZE =

16

Instance Method Summary

• #decrypt_data_key(encrypted_key) ⇒ Object
• #generate_data_key ⇒ Object
• #initialize(encryption_key:) ⇒ EnvProvider constructor

  A new instance of EnvProvider.

• #provider_id ⇒ Object

Methods inherited from Base

#key_id

Constructor Details

#initialize(encryption_key:) ⇒ EnvProvider

Returns a new instance of EnvProvider.

# File 'lib/active_cipher_storage/providers/env_provider.rb', line 16

def initialize(encryption_key:)
  @encryption_key = encryption_key
end

Instance Method Details

#decrypt_data_key(encrypted_key) ⇒ Object

# File 'lib/active_cipher_storage/providers/env_provider.rb', line 30

def decrypt_data_key(encrypted_key)
  master = read_master_key
  unwrap_key(encrypted_key, master)
ensure
  zero_bytes!(master)
end

#generate_data_key ⇒ Object

# File 'lib/active_cipher_storage/providers/env_provider.rb', line 22

def generate_data_key
  master = read_master_key
  dek    = SecureRandom.random_bytes(Cipher::KEY_SIZE)
  { plaintext_key: dek, encrypted_key: wrap_key(dek, master) }
ensure
  zero_bytes!(master)
end

#provider_id ⇒ Object

# File 'lib/active_cipher_storage/providers/env_provider.rb', line 20

def provider_id = PROVIDER_ID