Sha256: 824bb3f5d6221493b66711f1f3ac24899728838b8b6f067d63eaacdb670a94b0
Contents?: true
Size: 1.44 KB
Versions: 1
Compression:
Stored size: 1.44 KB
Contents
require "kms_encrypted/version"
require "active_support"
require "aws-sdk-kms"
module KmsEncrypted
def self.kms
@kms ||= Aws::KMS::Client.new
end
module Model
def has_kms_key(key_id)
raise ArgumentError, "Missing key id" unless key_id
class_eval do
class << self
attr_accessor :kms_key_id
end
self.kms_key_id = key_id
def kms_key
unless @kms_key
key_id = self.class.kms_key_id
context = respond_to?(:kms_encryption_context) ? kms_encryption_context : {}
default_encoding = "m"
unless encrypted_kms_key
resp = KmsEncrypted.kms.generate_data_key(
key_id: key_id,
encryption_context: context,
key_spec: "AES_256"
)
@kms_key = resp.plaintext
ciphertext = resp.ciphertext_blob
self.encrypted_kms_key = [resp.ciphertext_blob].pack(default_encoding)
end
unless @kms_key
ciphertext = encrypted_kms_key.unpack(default_encoding).first
resp = KmsEncrypted.kms.decrypt(
ciphertext_blob: ciphertext,
encryption_context: context
)
@kms_key = resp.plaintext
end
end
@kms_key
end
end
end
end
end
ActiveSupport.on_load(:active_record) do
extend KmsEncrypted::Model
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| kms_encrypted-0.1.0 | lib/kms_encrypted.rb |