Class: SymmetricEncryption::Keystore::Gcp

Inherits:

Object

• Object
• SymmetricEncryption::Keystore::Gcp

Includes:

Utils::Files

Defined in:

lib/symmetric_encryption/keystore/gcp.rb

Class Method Summary

• .generate_data_key(cipher_name:, app_name:, environment:, key_path:, version: 0) ⇒ Object

Instance Method Summary

• #crypto_key ⇒ Object
• #initialize(key_file:, app_name: nil, environment: nil, key_encrypting_key: nil, crypto_key: nil, project_id: nil, credentials: nil, location_id: nil) ⇒ Gcp constructor

  A new instance of Gcp.

• #read ⇒ Object
• #write(data_key) ⇒ Object

Constructor Details

#initialize(key_file:, app_name: nil, environment: nil, key_encrypting_key: nil, crypto_key: nil, project_id: nil, credentials: nil, location_id: nil) ⇒ Gcp

Returns a new instance of Gcp.

# File 'lib/symmetric_encryption/keystore/gcp.rb', line 30

def initialize(key_file:, app_name: nil, environment: nil, key_encrypting_key: nil, crypto_key: nil, project_id: nil, credentials: nil, location_id: nil)
  @crypto_key  = crypto_key
  @app_name    = app_name
  @environment = environment
  @file_name   = key_file
  @project_id  = project_id
  @credentials = credentials
  @location_id = location_id
end

Class Method Details

.generate_data_key(cipher_name:, app_name:, environment:, key_path:, version: 0) ⇒ Object

# File 'lib/symmetric_encryption/keystore/gcp.rb', line 8

def self.generate_data_key(cipher_name:, app_name:, environment:, key_path:, version: 0)
  version >= 255 ? (version = 1) : (version += 1)

  dek       = SymmetricEncryption::Key.new(cipher_name: cipher_name)
  file_name = "#{key_path}/#{app_name}_#{environment}_v#{version}.encrypted_key"
  keystore  = new(
    key_file:    file_name,
    app_name:    app_name,
    environment: environment
  )
  keystore.write(dek.key)

  {
    keystore:    :gcp,
    cipher_name: dek.cipher_name,
    version:     version,
    key_file:    file_name,
    iv:          dek.iv,
    crypto_key:  keystore.crypto_key
  }
end

Instance Method Details

#crypto_key ⇒ Object

# File 'lib/symmetric_encryption/keystore/gcp.rb', line 48

def crypto_key
  @crypto_key ||= self.class::KMS::KeyManagementServiceClient.crypto_key_path(project_id, location_id, app_name,
                                                                              environment.to_s)
end

#read ⇒ Object

# File 'lib/symmetric_encryption/keystore/gcp.rb', line 40

def read
  decrypt(read_file_and_decode(file_name))
end

#write(data_key) ⇒ Object

# File 'lib/symmetric_encryption/keystore/gcp.rb', line 44

def write(data_key)
  write_encoded_to_file(file_name, encrypt(data_key))
end