Class: OCI::KeyManagement::KmsCryptoClient

Inherits:
Object
  • Object
show all
Defined in:
lib/oci/key_management/kms_crypto_client.rb

Overview

API for managing and performing operations with keys and vaults.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(config: nil, endpoint: nil, signer: nil, proxy_settings: nil, retry_config: nil) ⇒ KmsCryptoClient

Creates a new KmsCryptoClient. Notes: If a config is not specified, then the global OCI.config will be used.

This client is not thread-safe

Parameters:

  • config (Config) (defaults to: nil)

    A Config object.

  • endpoint (String) (defaults to: nil)

    The fully qualified endpoint URL

  • signer (OCI::BaseSigner) (defaults to: nil)

    A signer implementation which can be used by this client. If this is not provided then a signer will be constructed via the provided config. One use case of this parameter is instance principals authentication, so that the instance principals signer can be provided to the client

  • proxy_settings (OCI::ApiClientProxySettings) (defaults to: nil)

    If your environment requires you to use a proxy server for outgoing HTTP requests the details for the proxy can be provided in this parameter

  • retry_config (OCI::Retry::RetryConfig) (defaults to: nil)

    The retry configuration for this service client. This represents the default retry configuration to apply across all operations. This can be overridden on a per-operation basis. The default retry configuration value is nil, which means that an operation will not perform any retries



43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
# File 'lib/oci/key_management/kms_crypto_client.rb', line 43

def initialize(config: nil, endpoint: nil, signer: nil, proxy_settings: nil, retry_config: nil)
  raise 'A fully qualified endpoint URL must be defined' unless endpoint

  @endpoint = endpoint + '/'

  # If the signer is an InstancePrincipalsSecurityTokenSigner or SecurityTokenSigner and no config was supplied (they are self-sufficient signers)
  # then create a dummy config to pass to the ApiClient constructor. If customers wish to create a client which uses instance principals
  # and has config (either populated programmatically or loaded from a file), they must construct that config themselves and then
  # pass it to this constructor.
  #
  # If there is no signer (or the signer is not an instance principals signer) and no config was supplied, this is not valid
  # so try and load the config from the default file.
  config = OCI::Config.validate_and_build_config_with_signer(config, signer)

  if signer.nil?
    signer = OCI::Signer.new(
      config.user,
      config.fingerprint,
      config.tenancy,
      config.key_file,
      pass_phrase: config.pass_phrase,
      private_key_content: config.key_content
    )
  end

  @api_client = OCI::ApiClient.new(config, signer, proxy_settings: proxy_settings)
  @retry_config = retry_config
  logger.info "KmsCryptoClient endpoint set to '#{@endpoint}'." if logger
end

Instance Attribute Details

#api_clientOCI::ApiClient (readonly)

Client used to make HTTP requests.

Returns:



13
14
15
# File 'lib/oci/key_management/kms_crypto_client.rb', line 13

def api_client
  @api_client
end

#endpointString (readonly)

Fully qualified endpoint URL

Returns:

  • (String)


17
18
19
# File 'lib/oci/key_management/kms_crypto_client.rb', line 17

def endpoint
  @endpoint
end

#retry_configOCI::Retry::RetryConfig (readonly)

The default retry configuration to apply to all operations in this service client. This can be overridden on a per-operation basis. The default retry configuration value is nil, which means that an operation will not perform any retries



23
24
25
# File 'lib/oci/key_management/kms_crypto_client.rb', line 23

def retry_config
  @retry_config
end

Instance Method Details

#decrypt(decrypt_data_details, opts = {}) ⇒ Response

Decrypts data using the given DecryptDataDetails resource.

Parameters:

Options Hash (opts):

  • :retry_config (OCI::Retry::RetryConfig)

    The retry configuration to apply to this operation. If no key is provided then the service-level retry configuration defined by #retry_config will be used. If an explicit nil value is provided then the operation will not retry

  • :opc_request_id (String)

    Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service.

Returns:



95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
# File 'lib/oci/key_management/kms_crypto_client.rb', line 95

def decrypt(decrypt_data_details, opts = {})
  logger.debug 'Calling operation KmsCryptoClient#decrypt.' if logger

  raise "Missing the required parameter 'decrypt_data_details' when calling decrypt." if decrypt_data_details.nil?

  path = '/20180608/decrypt'
  operation_signing_strategy = :standard

  # rubocop:disable Style/NegatedIf
  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params[:accept] = 'application/json'
  header_params[:'content-type'] = 'application/json'
  header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id]
  # rubocop:enable Style/NegatedIf

  post_body = @api_client.object_to_http_body(decrypt_data_details)

  # rubocop:disable Metrics/BlockLength
  OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'KmsCryptoClient#decrypt') do
    @api_client.call_api(
      :POST,
      path,
      endpoint,
      header_params: header_params,
      query_params: query_params,
      operation_signing_strategy: operation_signing_strategy,
      body: post_body,
      return_type: 'OCI::KeyManagement::Models::DecryptedData'
    )
  end
  # rubocop:enable Metrics/BlockLength
end

#encrypt(encrypt_data_details, opts = {}) ⇒ Response

Encrypts data using the given EncryptDataDetails resource. Plaintext included in the example request is a base64-encoded value of a UTF-8 string.

Parameters:

Options Hash (opts):

  • :retry_config (OCI::Retry::RetryConfig)

    The retry configuration to apply to this operation. If no key is provided then the service-level retry configuration defined by #retry_config will be used. If an explicit nil value is provided then the operation will not retry

  • :opc_request_id (String)

    Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service.

Returns:



152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
# File 'lib/oci/key_management/kms_crypto_client.rb', line 152

def encrypt(encrypt_data_details, opts = {})
  logger.debug 'Calling operation KmsCryptoClient#encrypt.' if logger

  raise "Missing the required parameter 'encrypt_data_details' when calling encrypt." if encrypt_data_details.nil?

  path = '/20180608/encrypt'
  operation_signing_strategy = :standard

  # rubocop:disable Style/NegatedIf
  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params[:accept] = 'application/json'
  header_params[:'content-type'] = 'application/json'
  header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id]
  # rubocop:enable Style/NegatedIf

  post_body = @api_client.object_to_http_body(encrypt_data_details)

  # rubocop:disable Metrics/BlockLength
  OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'KmsCryptoClient#encrypt') do
    @api_client.call_api(
      :POST,
      path,
      endpoint,
      header_params: header_params,
      query_params: query_params,
      operation_signing_strategy: operation_signing_strategy,
      body: post_body,
      return_type: 'OCI::KeyManagement::Models::EncryptedData'
    )
  end
  # rubocop:enable Metrics/BlockLength
end

#generate_data_encryption_key(generate_key_details, opts = {}) ⇒ Response

Generates a key that you can use to encrypt or decrypt data.

Parameters:

Options Hash (opts):

  • :retry_config (OCI::Retry::RetryConfig)

    The retry configuration to apply to this operation. If no key is provided then the service-level retry configuration defined by #retry_config will be used. If an explicit nil value is provided then the operation will not retry

  • :opc_request_id (String)

    Unique identifier for the request. If provided, the returned request ID will include this value. Otherwise, a random request ID will be generated by the service.

Returns:



208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
# File 'lib/oci/key_management/kms_crypto_client.rb', line 208

def generate_data_encryption_key(generate_key_details, opts = {})
  logger.debug 'Calling operation KmsCryptoClient#generate_data_encryption_key.' if logger

  raise "Missing the required parameter 'generate_key_details' when calling generate_data_encryption_key." if generate_key_details.nil?

  path = '/20180608/generateDataEncryptionKey'
  operation_signing_strategy = :standard

  # rubocop:disable Style/NegatedIf
  # Query Params
  query_params = {}

  # Header Params
  header_params = {}
  header_params[:accept] = 'application/json'
  header_params[:'content-type'] = 'application/json'
  header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id]
  # rubocop:enable Style/NegatedIf

  post_body = @api_client.object_to_http_body(generate_key_details)

  # rubocop:disable Metrics/BlockLength
  OCI::Retry.make_retrying_call(applicable_retry_config(opts), call_name: 'KmsCryptoClient#generate_data_encryption_key') do
    @api_client.call_api(
      :POST,
      path,
      endpoint,
      header_params: header_params,
      query_params: query_params,
      operation_signing_strategy: operation_signing_strategy,
      body: post_body,
      return_type: 'OCI::KeyManagement::Models::GeneratedKey'
    )
  end
  # rubocop:enable Metrics/BlockLength
end

#loggerLogger

Returns The logger for this client. May be nil.

Returns:

  • (Logger)

    The logger for this client. May be nil.



75
76
77
# File 'lib/oci/key_management/kms_crypto_client.rb', line 75

def logger
  @api_client.config.logger
end