Class: YamlVault::Main::ValueCryptor::KMS

Inherits:
Object
  • Object
show all
Defined in:
lib/yaml_vault.rb

Instance Method Summary collapse

Constructor Details

#initialize(key_id, region: nil, aws_access_key_id: nil, aws_secret_access_key: nil, aws_profile: nil) ⇒ KMS

Returns a new instance of KMS.



119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
 
# File 'lib/yaml_vault.rb', line 119

def initialize(key_id, region: nil, aws_access_key_id: nil, aws_secret_access_key: nil, aws_profile: nil)
  begin
    begin
      require 'aws-sdk-kms'
    rescue LoadError
      begin
        require 'aws-sdk'
      rescue LoadError
        puts "Please install aws-sdk v2 or aws-sdk-kms (aws-sdk v3)"
        exit 1
      end
    end
  end
  options = {}
  options[:region] = region if region
  options[:access_key_id] = aws_access_key_id if aws_access_key_id
  options[:secret_access_key] = aws_secret_access_key if aws_secret_access_key
  options[:profile] = aws_profile if aws_profile
  @client = Aws::KMS::Client.new(options)
  @key_id = key_id
end

Instance Method Details

#decrypt(value) ⇒ Object 



146
147
148
149
 
# File 'lib/yaml_vault.rb', line 146

def decrypt(value)
  resp = @client.decrypt(ciphertext_blob: Base64.strict_decode64(value))
  YAML.load(resp.plaintext)
end

#encrypt(value) ⇒ Object 



141
142
143
144
 
# File 'lib/yaml_vault.rb', line 141

def encrypt(value)
  resp = @client.encrypt(key_id: @key_id, plaintext: YAML.dump(value))
  Base64.strict_encode64(resp.ciphertext_blob)
end