class ActiveKms::AwsKeyProvider

Private Instance Methods

decrypt(_, encrypted_data_key) click to toggle source
# File lib/active_kms/aws_key_provider.rb, line 17
def decrypt(_, encrypted_data_key)
  client.decrypt(ciphertext_blob: encrypted_data_key).plaintext
end
default_client() click to toggle source
# File lib/active_kms/aws_key_provider.rb, line 5
def default_client
  Aws::KMS::Client.new(
    retry_limit: 1,
    http_open_timeout: 2,
    http_read_timeout: 2
  )
end
encrypt(key_id, data_key) click to toggle source
# File lib/active_kms/aws_key_provider.rb, line 13
def encrypt(key_id, data_key)
  client.encrypt(key_id: key_id, plaintext: data_key).ciphertext_blob
end
key_id_header() click to toggle source

key is stored in ciphertext so don’t need to store reference reference could be useful for multiple AWS clients so consider an option in the future

# File lib/active_kms/aws_key_provider.rb, line 24
def key_id_header
  "aws"
end