1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
# frozen_string_literal: true
module Packages
module Debian
module DistributionKey
extend ActiveSupport::Concern
included do
belongs_to :distribution, class_name: "Packages::Debian::#{container_type.capitalize}Distribution", inverse_of: :key
validates :distribution,
presence: true
validates :private_key, presence: true, length: { maximum: 512.kilobytes }
validates :passphrase, presence: true, length: { maximum: 255 }
validates :public_key, presence: true, length: { maximum: 512.kilobytes }
validates :fingerprint, presence: true, length: { maximum: 255 }
validate :private_key_armored, :public_key_armored
attr_encrypted :private_key,
mode: :per_attribute_iv,
key: Settings.attr_encrypted_db_key_base_32,
algorithm: 'aes-256-gcm'
attr_encrypted :passphrase,
mode: :per_attribute_iv,
key: Settings.attr_encrypted_db_key_base_32,
algorithm: 'aes-256-gcm'
private
def private_key_armored
if private_key.present? && !private_key.start_with?('-----BEGIN PGP PRIVATE KEY BLOCK-----')
errors.add(:private_key, 'must be ASCII armored')
end
end
def public_key_armored
if public_key.present? && !public_key.start_with?('-----BEGIN PGP PUBLIC KEY BLOCK-----')
errors.add(:public_key, 'must be ASCII armored')
end
end
end
end
end
end
|
