Class: Keystore
- Inherits:
-
Object
- Object
- Keystore
- Defined in:
- lib/keystore.rb
Overview
rubocop:disable Metrics/AbcSize
Instance Method Summary collapse
-
#initialize(params = {}) ⇒ Keystore
constructor
A new instance of Keystore.
- #retrieve(params) ⇒ Object
- #store(params) ⇒ Object
Constructor Details
#initialize(params = {}) ⇒ Keystore
Returns a new instance of Keystore.
7 8 9 10 11 12 |
# File 'lib/keystore.rb', line 7 def initialize(params = {}) @options = params raise 'need to specify dynamo parameter' if @options[:dynamo].nil? raise 'need to specify table_name parameter' if @options[:table_name].nil? raise 'need to specify kms parameter' if @options[:kms].nil? end |
Instance Method Details
#retrieve(params) ⇒ Object
29 30 31 32 33 34 35 36 37 38 |
# File 'lib/keystore.rb', line 29 def retrieve(params) item = @options[:dynamo].get_item(table_name: @options[:table_name], key: { ParameterName: params[:key] }).item raise KeyNotFoundError.new, "keyname #{params[:key]} not found" if item.nil? raise KeyNotFoundError.new, "keyname #{params[:key]} not found" if item['Value'].nil? encoded_value = item['Value'] encrypted_value = Base64.decode64(encoded_value) result = @options[:kms].decrypt(ciphertext_blob: encrypted_value).plaintext result.strip end |
#store(params) ⇒ Object
14 15 16 17 18 19 20 21 22 23 24 25 26 27 |
# File 'lib/keystore.rb', line 14 def store(params) # only need key id to encrypt, so check for it here raise 'need to specify key_id or key_alias parameter' if @options[:key_id].nil? && @options[:key_alias].nil? key_id = @options[:key_id] || get_kms_keyid(@options[:key_alias]) value_to_encrypt = params[:value].nil? || params[:value].empty? ? ' ' : params[:value] encrypted_value = @options[:kms].encrypt(key_id: key_id, plaintext: value_to_encrypt).ciphertext_blob encoded_value = Base64.encode64(encrypted_value) @options[:dynamo].put_item( table_name: @options[:table_name], item: { ParameterName: params[:key], Value: encoded_value } ) end |