lib/mongoid/kms.rb in mongoid-kms-0.0.25 vs lib/mongoid/kms.rb in mongoid-kms-0.0.26
- old
+ new
@@ -56,19 +56,21 @@
changed_attributes.keys.include?(field_name.to_sym) || # this is a hack to get around Mongoid's weakass dirty hack
kms_context_value_changed?(field_name) # checks if any of the context fields have changed
encrypted_field_name = self.class.get_encrypted_field_name(field_name)
if instance_variable_get("@#{field_name}").nil? && kms_context_value_changed?(field_name)
- value = self.class.decrypt_field(self, field_name, self.send(encrypted_field_name), self.class.kms_context_was(self, field_name))
+ raw = self.send(encrypted_field_name)
+ raw = raw.data if raw.is_a?(Mongoid::Kms.bson_class::Binary)
+ value = self.class.decrypt_field(self, field_name, raw, self.class.kms_context_was(self, field_name))
else
value = send("#{field_name}")
end
if value.nil?
self.send("#{encrypted_field_name}=", nil)
else
- self.send("#{encrypted_field_name}=", self.class.encrypt_field(self, field_name, value))
+ self.send("#{encrypted_field_name}=", Mongoid::Kms.bson_class::Binary.new(self.class.encrypt_field(self, field_name, value)))
end
end
end
end
@@ -86,11 +88,11 @@
def encrypt_field(object, field_name, value)
Mongoid::Kms.kms.encrypt({
key_id: Mongoid::Kms.key,
plaintext: value,
encryption_context: kms_context(object, field_name)
- })[:ciphertext_blob].force_encoding('UTF-8')
+ })[:ciphertext_blob]
end
def decrypt_field(object, field_name, data, encryption_context = nil)
encryption_context ||= kms_context(object, field_name)
@@ -150,14 +152,15 @@
field encrypted_field_name, type: Mongoid::Kms.bson_class::Binary
define_method(field_name) do
instance_variable_get("@#{field_name}") || begin
raw = send("kms_secure_#{field_name}")
+ raw = raw.data if raw.is_a?(Mongoid::Kms.bson_class::Binary)
if raw.nil?
raw
else
- v = Mongoid::Kms.bson_class::Binary.new(self.class.decrypt_field(self, field_name, raw))
+ v = self.class.decrypt_field(self, field_name, raw)
instance_variable_set("@#{field_name}", v)
v
end
end
end