Sha256: 1eff1f13030f3ea1f6abcb393fdaa010b2934038718076a4d41b823b12a8f748

Contents?: true

Size: 1.94 KB

Versions: 5

Compression:

Stored size: 1.94 KB

Contents

module KmsEncrypted
  module Clients
    class Google < Base
      attr_reader :last_key_version

      def encrypt(plaintext, context: nil)
        options = {
          plaintext: plaintext
        }
        options[:additional_authenticated_data] = generate_context(context) if context

        # ensure namespace gets loaded
        client = KmsEncrypted.google_client

        if defined?(::Google::Apis::CloudkmsV1::CloudKMSService) && KmsEncrypted.google_client.is_a?(::Google::Apis::CloudkmsV1::CloudKMSService)
          request = ::Google::Apis::CloudkmsV1::EncryptRequest.new(**options)
          response = client.encrypt_crypto_key(key_id, request)
          @last_key_version = response.name
          response.ciphertext
        else
          options[:name] = key_id
          response = client.encrypt(**options)
          @last_key_version = response.name
          response.ciphertext
        end
      end

      def decrypt(ciphertext, context: nil)
        options = {
          ciphertext: ciphertext
        }
        options[:additional_authenticated_data] = generate_context(context) if context

        # ensure namespace gets loaded
        client = KmsEncrypted.google_client

        if defined?(::Google::Apis::CloudkmsV1::CloudKMSService) && KmsEncrypted.google_client.is_a?(::Google::Apis::CloudkmsV1::CloudKMSService)
          request = ::Google::Apis::CloudkmsV1::DecryptRequest.new(**options)
          begin
            client.decrypt_crypto_key(key_id, request).plaintext
          rescue ::Google::Apis::ClientError => e
            decryption_failed! if e.message.include?("Decryption failed")
            raise e
          end
        else
          options[:name] = key_id
          begin
            client.decrypt(**options).plaintext
          rescue ::Google::Cloud::InvalidArgumentError => e
            decryption_failed! if e.message.include?("Decryption failed")
            raise e
          end
        end
      end
    end
  end
end

Version data entries

5 entries across 5 versions & 1 rubygems

Version Path
kms_encrypted-1.6.0 lib/kms_encrypted/clients/google.rb
kms_encrypted-1.5.1 lib/kms_encrypted/clients/google.rb
kms_encrypted-1.5.0 lib/kms_encrypted/clients/google.rb
kms_encrypted-1.4.0 lib/kms_encrypted/clients/google.rb
kms_encrypted-1.3.0 lib/kms_encrypted/clients/google.rb