class KmsEncrypted::Clients::Google

Attributes

last_key_version[R]

Public Instance Methods

decrypt(ciphertext, context: nil) click to toggle source
# File lib/kms_encrypted/clients/google.rb, line 22
def decrypt(ciphertext, context: nil)
  options = {
    ciphertext: ciphertext
  }
  options[:additional_authenticated_data] = generate_context(context) if context

  # ensure namespace gets loaded
  client = KmsEncrypted.google_client
  request = ::Google::Apis::CloudkmsV1::DecryptRequest.new(**options)
  begin
    client.decrypt_crypto_key(key_id, request).plaintext
  rescue ::Google::Apis::ClientError => e
    decryption_failed! if e.message.include?("Decryption failed")
    raise e
  end
end
encrypt(plaintext, context: nil) click to toggle source
# File lib/kms_encrypted/clients/google.rb, line 6
def encrypt(plaintext, context: nil)
  options = {
    plaintext: plaintext
  }
  options[:additional_authenticated_data] = generate_context(context) if context

  # ensure namespace gets loaded
  client = KmsEncrypted.google_client
  request = ::Google::Apis::CloudkmsV1::EncryptRequest.new(**options)
  response = client.encrypt_crypto_key(key_id, request)

  @last_key_version = response.name

  response.ciphertext
end