class KmsEncrypted::Client

Attributes

data_key[R]
key_id[R]

Public Class Methods

new(key_id: nil, legacy_context: false, data_key: false) click to toggle source
# File lib/kms_encrypted/client.rb, line 5
def initialize(key_id: nil, legacy_context: false, data_key: false)
  @key_id = key_id || KmsEncrypted.key_id
  @legacy_context = legacy_context
  @data_key = data_key
end

Public Instance Methods

decrypt(ciphertext, context: nil) click to toggle source
# File lib/kms_encrypted/client.rb, line 23
def decrypt(ciphertext, context: nil)
  event = {
    key_id: key_id,
    context: context,
    data_key: data_key
  }

  ActiveSupport::Notifications.instrument("decrypt.kms_encrypted", event) do
    client.decrypt(ciphertext, context: context)
  end
end
encrypt(plaintext, context: nil) click to toggle source
# File lib/kms_encrypted/client.rb, line 11
def encrypt(plaintext, context: nil)
  event = {
    key_id: key_id,
    context: context,
    data_key: data_key
  }

  ActiveSupport::Notifications.instrument("encrypt.kms_encrypted", event) do
    client.encrypt(plaintext, context: context)
  end
end

Private Instance Methods

client() click to toggle source
# File lib/kms_encrypted/client.rb, line 49
def client
  @client ||= begin
    klass =
      case provider
      when :test
        KmsEncrypted::Clients::Test
      when :vault
        KmsEncrypted::Clients::Vault
      when :google
        KmsEncrypted::Clients::Google
      else
        KmsEncrypted::Clients::Aws
      end

    klass.new(key_id: key_id, legacy_context: @legacy_context)
  end
end
provider() click to toggle source
# File lib/kms_encrypted/client.rb, line 37
def provider
  if key_id == "insecure-test-key"
    :test
  elsif key_id.start_with?("vault/")
    :vault
  elsif key_id.start_with?("projects/")
    :google
  else
    :aws
  end
end