@confluentinc/schemaregistry
Version:
Node.js client for Confluent Schema Registry
36 lines (35 loc) • 1.25 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.GcpKmsClient = void 0;
const gcp_driver_1 = require("./gcp-driver");
const kms_1 = require("@google-cloud/kms");
class GcpKmsClient {
constructor(keyUri, creds) {
if (!keyUri.startsWith(gcp_driver_1.GcpKmsDriver.PREFIX)) {
throw new Error(`key uri must start with ${gcp_driver_1.GcpKmsDriver.PREFIX}`);
}
this.keyUri = keyUri;
this.keyId = keyUri.substring(gcp_driver_1.GcpKmsDriver.PREFIX.length);
this.kmsClient = creds != null
? new kms_1.KeyManagementServiceClient({ credentials: creds })
: new kms_1.KeyManagementServiceClient();
}
supported(keyUri) {
return this.keyUri === keyUri;
}
async encrypt(plaintext) {
const [result] = await this.kmsClient.encrypt({
name: this.keyId,
plaintext: plaintext
});
return Buffer.from(result.ciphertext);
}
async decrypt(ciphertext) {
const [result] = await this.kmsClient.decrypt({
name: this.keyId,
ciphertext: ciphertext
});
return Buffer.from(result.plaintext);
}
}
exports.GcpKmsClient = GcpKmsClient;