Sha256: 9b56cf6bee180665599d66e42b4220d9ad63786bd5c4a3a8e0ef619ebecb7ab1

Contents?: true

Size: 1.84 KB

Versions: 143

Compression:

Stored size: 1.84 KB

Contents

module Enveloperb
  # An Enveloperb cryptography engine using AWS KMS as a wrapping key provider.
  #
  class AWSKMS
    def self.new(keyid, aws_access_key_id: nil, aws_secret_access_key: nil, aws_session_token: nil, aws_region: nil)
      unless keyid.is_a?(String) && keyid.encoding == Encoding::find("UTF-8") && keyid.valid_encoding?
        raise ArgumentError, "Key ID must be a valid UTF-8 string"
      end

      unless aws_access_key_id.nil? && aws_secret_access_key.nil? && aws_session_token.nil? && aws_region.nil?
        validate_string(aws_access_key_id, :aws_access_key_id)
        validate_string(aws_secret_access_key, :aws_secret_access_key)
        validate_string(aws_region, :aws_region)
        validate_string(aws_session_token, :aws_session_token, allow_nil: true)
      end

      _new(
        keyid,
        {
          access_key_id: aws_access_key_id,
          secret_access_key: aws_secret_access_key,
          session_token: aws_session_token,
          region: aws_region,
        }
      )
    end

    def encrypt(s)
      unless s.is_a?(String)
        raise ArgumentError, "Can only encrypt strings"
      end

      _encrypt(s)
    end

    def decrypt(er)
      unless er.is_a?(EncryptedRecord)
        raise ArgumentError, "Can only decrypt EncryptedRecord objects; you can make one from a string with EncryptedRecord.new"
      end

      _decrypt(er)
    end

    class << self
      private

      def validate_string(s, var, allow_nil: false)
        if s.nil? && !allow_nil
          raise ArgumentError, "#{var.inspect} option to Enveloperb::AWSKMS.new() cannot be nil"
        end

        unless s.is_a?(String) && s.encoding == Encoding.find("UTF-8") && s.valid_encoding?
          raise ArgumentError, "#{var.inspect} option passed to Enveloperb::AWSKMS.new() must be a valid UTF-8 string"
        end
      end
    end
  end
end

Version data entries

143 entries across 143 versions & 1 rubygems

Version Path
enveloperb-0.9.0-arm64-darwin lib/enveloperb/awskms.rb
enveloperb-0.9.0-x86_64-darwin lib/enveloperb/awskms.rb
enveloperb-0.9.0-aarch64-linux lib/enveloperb/awskms.rb
enveloperb-0.9.0-x86_64-linux lib/enveloperb/awskms.rb
enveloperb-0.9.0 lib/enveloperb/awskms.rb
enveloperb-0.0.0.1.ENOTAG-arm64-darwin lib/enveloperb/awskms.rb
enveloperb-0.0.0.1.ENOTAG-x86_64-darwin lib/enveloperb/awskms.rb
enveloperb-0.0.0.1.ENOTAG-x86_64-linux lib/enveloperb/awskms.rb
enveloperb-0.0.0.1.ENOTAG-aarch64-linux lib/enveloperb/awskms.rb
enveloperb-0.0.0.1.ENOTAG lib/enveloperb/awskms.rb
enveloperb-0.4.2-aarch64-linux lib/enveloperb/awskms.rb
enveloperb-0.4.2-x86_64-darwin lib/enveloperb/awskms.rb
enveloperb-0.4.1.3.gc72a7ca-arm64-darwin lib/enveloperb/awskms.rb
enveloperb-0.4.1.3.gc72a7ca-aarch64-linux lib/enveloperb/awskms.rb
enveloperb-0.4.1.3.gc72a7ca-x86_64-darwin lib/enveloperb/awskms.rb
enveloperb-0.4.2-x86_64-linux lib/enveloperb/awskms.rb
enveloperb-0.4.2-arm64-darwin lib/enveloperb/awskms.rb
enveloperb-0.4.1.3.gc72a7ca-x86_64-linux lib/enveloperb/awskms.rb
enveloperb-0.4.2 lib/enveloperb/awskms.rb
enveloperb-0.4.1.3.gc72a7ca lib/enveloperb/awskms.rb