postgres_encryption_serializer.rb

require 'openssl'

# THIS IS A WORK IN PROGRESS
# NOT READY FOR PRODUCTION
# YOU'VE BEEN WARNED
class PostgresEncryptionSerializer
  VALID_DATA_PATTERN = /\\x([0-9a-fA-F]{4})+/

  def self.load(binary_encrypted_data)
    if binary_encrypted_data.nil?
      return nil
    end

    hex_string = "\\x" << binary_encrypted_data.unpack("H*")[0]

    # First convert the hexidecimal string to binary with xxd
    # Then use the gpg utitlity to decrypt it
    command = %Q{echo -n "#{hex_string}" | xxd -r -p | gpg --batch --quiet --decrypt --passphrase="#{ENV['CRYPT_KEEPER_KEY']}"}
    decrypted_data = `#{command}`
  end

  def self.dump(plain_text_data)
    raise NotImplementedError
  end

  def initialize(*other_serializers)
    @load_serializers = other_serializers
    @dump_serializers = other_serializers.reverse
  end

  def load(postgres_data)
    data = self.class.load(postgres_data)
    other_serializers.each do |serializer|
      data = serializer.load(data)
    end

    data
  end

  def dump(rails_data)
    data = rails_data
    dump_serializers.each do |serializer|
      data = serializer.dump(data)
    end

    self.class.dump(data)
  end

  private
  attr_reader :load_serializers, :dump_serializers
end