class YamlVault::Main::ValueCryptor::GCPKMS
Public Class Methods
new(resource_id, credential_file)
click to toggle source
# File lib/yaml_vault.rb, line 151 def initialize(resource_id, credential_file) raise "Need key resource id" unless resource_id begin require 'googleauth' require 'google/apis/cloudkms_v1' rescue LoadError puts "Please install google-api-client (>= 0.11.0)" exit 1 end scope = [ 'https://www.googleapis.com/auth/cloud-platform' ] @resource_id = resource_id @client = Google::Apis::CloudkmsV1::CloudKMSService.new if credential_file @client.authorization = Google::Auth::DefaultCredentials.make_creds( json_key_io: File.open(credential_file), scope: scope ) else @client.authorization = Google::Auth.get_application_default(scope) end end
Public Instance Methods
decrypt(value)
click to toggle source
# File lib/yaml_vault.rb, line 182 def decrypt(value) response = @client.decrypt_crypto_key(@resource_id, {ciphertext: Base64.strict_decode64(value)}, {}) YAML.load(response.plaintext) end
encrypt(value)
click to toggle source
# File lib/yaml_vault.rb, line 177 def encrypt(value) response = @client.encrypt_crypto_key(@resource_id, {plaintext: YAML.dump(value)}, {}) Base64.strict_encode64(response.ciphertext) end