• Home
• com.squareup.misk
• misk-gcp
• 2024.09.25.200623-fffc401
• source code
• GcpKeyService.kt

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

main.misk.cloud.gcp.security.keys.GcpKeyService.kt Maven / Gradle / Ivy

package misk.cloud.gcp.security.keys

import com.google.api.services.cloudkms.v1.CloudKMS
import com.google.api.services.cloudkms.v1.model.DecryptRequest
import com.google.api.services.cloudkms.v1.model.EncryptRequest
import misk.security.keys.KeyService
import okio.ByteString
import okio.ByteString.Companion.toByteString
import java.nio.ByteBuffer
import jakarta.inject.Inject

internal class GcpKeyService @Inject internal constructor(
  kms: CloudKMS,
  val config: GcpKmsConfig
) : KeyService {
  val cryptoKeys = kms.projects().locations().keyRings().cryptoKeys()

  override fun encrypt(keyAlias: String, plainText: ByteString): ByteString {
    val keyLocation = config.key_locations[keyAlias]
      ?: throw IllegalArgumentException("no location for keyAlias $keyAlias")
    val resource = "projects/${config.project_id}/${keyLocation.path}"
    val request = EncryptRequest().encodePlaintext(plainText.toByteArray())
    val response = cryptoKeys.encrypt(resource, request).execute()
    return ByteBuffer.wrap(response.decodeCiphertext()).toByteString()
  }

  override fun decrypt(keyAlias: String, cipherText: ByteString): ByteString {
    val keyLocation = config.key_locations[keyAlias]
      ?: throw IllegalArgumentException("no location for key $keyAlias")
    val resource = "projects/${config.project_id}/${keyLocation.path}"
    val request = DecryptRequest().encodeCiphertext(cipherText.toByteArray())
    val response = cryptoKeys.decrypt(resource, request).execute()
    return ByteBuffer.wrap(response.decodePlaintext()).toByteString()
  }
}