kms_rails 0.3.0 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 14388d5d9417cf639e4e2f0eea57d9a9f55dc5f6a4b6dcbf897444b07656ee83
-  data.tar.gz: 7d478fc20e396a995d8abc6affeb160b981eb397e4a5ec52e454323d961919c3
+  metadata.gz: b373095acd772fa6c6b92d73fbb0aef0858fa3eed9d19cff7c055dbcadf3e0cb
+  data.tar.gz: 8a02cf1e4cb494e0ba57a6e9d444404cbe621de7fb1f66ef0b3309e46949c0b8
 SHA512:
-  metadata.gz: f3744365abe582e7b0420a692f3f893a14c461c51cdf61e779df2cdf4f5e37902e3c3d44fbd1a68d22d60edb4e1a67a6c600a77fd2541a0f3b6769e36eb45e93
-  data.tar.gz: 7b5b2038b49bcffdb35bfc9c600c06bde9de2ca83ca44438d2f60f7c353059225ba15a6e5f9d01af2e80b6704c7af173d2a3c5830799712a5f54a987c15eb25e
+  metadata.gz: c57077d895db30059c1516a0ab4d31c4fc11a6b1f5e35815aab266a916d8cc5f4a6f3d0c0791bf02cc61f25b78704924de04e23798b3e45e7ab0b81af83c10a4
+  data.tar.gz: 075f72d9912180b13a255857219ff7b2be6ad11db42512e654178c9897e16a6e51fb3e65d8a54351ccbce20c58823730f86d845582a0fa919a5b5e4262afe83f

data/README.md

@@ -115,14 +115,14 @@ Aws.config[:region] = 'us-east-1'
 
 or by using the documented AWS environmental variables.
 
-## Test Mode
+## Custom KMS client
 
-A basic fake implementation of `Aws::KMS::Client` has been written, allowing kms_rails functionality to be used in test environments without making any web requests. The fake implementation emulates the functionality of the two API calls kms_rails issues to AWS and performs fake encryption (the key is 'encrypted' by reversing it).
+A basic fake implementation of `Aws::KMS::Client` has been written (`KmsRails::KmsClientMock`), allowing kms_rails functionality to be used in test environments without making any web requests. The fake implementation emulates the functionality of the two API calls kms_rails issues to AWS and performs fake encryption (the key is 'encrypted' by reversing it).
 
-You can enable it in your Rails initializers with the following
+You can enable it (or set any custom KMS client with alternate config) in your Rails initializers with the following
 ```ruby
 KmsRails.configure do |config|
-  config.fake_kms_api = true
+  config.kms_client = KmsRails::KmsClientMock.new
 end
 ```
 

data/lib/kms_rails/configuration.rb

@@ -3,10 +3,10 @@ module KmsRails
     attr_writer :configuration
 
     class Configuration
-      attr_accessor :fake_kms_api, :alias_prefix, :arn_prefix
+      attr_accessor :kms_client, :alias_prefix, :arn_prefix
 
       def initialize
-        @fake_kms_api = false
+        @kms_client   = nil
         @alias_prefix = ''
         @arn_prefix   = ''
       end

data/lib/kms_rails/core.rb

@@ -127,8 +127,8 @@ module KmsRails
     end
 
     def aws_kms
-      require 'kms_rails/kms_client_mock' if KmsRails.configuration.fake_kms_api == true
-      @kms ||= Aws::KMS::Client.new
+      KmsRails.configuration.kms_client ||
+        (@aws_kms ||= Aws::KMS::Client.new)
     end
 
     def aws_generate_data_key(key_id)

data/lib/kms_rails/kms_client_mock.rb

@@ -2,37 +2,33 @@ require 'aws-sdk-kms'
 require 'msgpack'
 
 module KmsRails
-  module Aws
-    module KMS
-      class Client
-        def generate_data_key(key_id:, key_spec:, encryption_context: nil)
-          raise RuntimeError, 'Unsupported key_spec in test mode' unless key_spec == 'AES_256'
+  class KmsClientMock
+    def generate_data_key(key_id:, key_spec:, encryption_context: nil)
+      raise RuntimeError, 'Unsupported key_spec in test mode' unless key_spec == 'AES_256'
 
-          plaintext = SecureRandom.random_bytes(256/8)
+      plaintext = SecureRandom.random_bytes(256/8)
 
-          ::Aws::KMS::Types::GenerateDataKeyResponse.new(
-            key_id: key_id,
-            plaintext: plaintext,
-            ciphertext_blob: [key_id, encryption_context, plaintext].to_msgpack.reverse,
-          )
-        end
+      ::Aws::KMS::Types::GenerateDataKeyResponse.new(
+        key_id: key_id,
+        plaintext: plaintext,
+        ciphertext_blob: [key_id, encryption_context, plaintext].to_msgpack.reverse,
+      )
+    end
 
-        def decrypt(ciphertext_blob:, encryption_context: nil)
-          key_id, decoded_context, plaintext = MessagePack.unpack(ciphertext_blob.reverse)
-          raise ::Aws::KMS::Errors::InvalidCiphertextException.new(nil, nil) unless decoded_context == encryption_context
+    def decrypt(ciphertext_blob:, encryption_context: nil)
+      key_id, decoded_context, plaintext = MessagePack.unpack(ciphertext_blob.reverse)
+      raise ::Aws::KMS::Errors::InvalidCiphertextException.new(nil, nil) unless decoded_context == encryption_context
 
-          ::Aws::KMS::Types::DecryptResponse.new(
-            key_id: key_id,
-            plaintext: plaintext,
-          )
-        rescue MessagePack::MalformedFormatError
-          raise ::Aws::KMS::Errors::InvalidCiphertextException.new(nil, nil)
-        end
+      ::Aws::KMS::Types::DecryptResponse.new(
+        key_id: key_id,
+        plaintext: plaintext,
+      )
+    rescue MessagePack::MalformedFormatError
+      raise ::Aws::KMS::Errors::InvalidCiphertextException.new(nil, nil)
+    end
 
-        def inspect
-          "#<Aws::KMS::Client (mocked)>"
-        end
-      end
+    def inspect
+      "#<Aws::KMS::Client (mocked)>"
     end
   end
 end

data/lib/kms_rails/version.rb

@@ -1,3 +1,3 @@
 module KmsRails
-  VERSION = "0.3.0"
+  VERSION = "1.0.0"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: kms_rails
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 1.0.0
 platform: ruby
 authors:
 - Ash Tyndall
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2021-07-27 00:00:00.000000000 Z
+date: 2021-08-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activerecord