-
Notifications
You must be signed in to change notification settings - Fork 63
/
Copy pathkms_keyring_browser.ts
71 lines (62 loc) · 2.7 KB
/
kms_keyring_browser.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
/*
* Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use
* this file except in compliance with the License. A copy of the License is
* located at
*
* http://aws.amazon.com/apache2.0/
*
* or in the "license" file accompanying this file. This file is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
* implied. See the License for the specific language governing permissions and
* limitations under the License.
*/
import {
KmsKeyringClass,
KeyRingConstructible, // eslint-disable-line no-unused-vars
KmsKeyringInput, // eslint-disable-line no-unused-vars
KMSConstructible, // eslint-disable-line no-unused-vars
KmsClientSupplier, // eslint-disable-line no-unused-vars
getClient,
limitRegions,
excludeRegions,
cacheClients
} from '@aws-crypto/kms-keyring'
import {
WebCryptoAlgorithmSuite, // eslint-disable-line no-unused-vars
WebCryptoEncryptionMaterial, // eslint-disable-line no-unused-vars
WebCryptoDecryptionMaterial, // eslint-disable-line no-unused-vars
EncryptedDataKey, // eslint-disable-line no-unused-vars
immutableClass,
importForWebCryptoEncryptionMaterial,
importForWebCryptoDecryptionMaterial,
KeyringWebCrypto // eslint-disable-line no-unused-vars
} from '@aws-crypto/material-management-browser'
import { KMS } from 'aws-sdk' // eslint-disable-line no-unused-vars
const getKmsClient = getClient(KMS, { customUserAgent: 'AwsEncryptionSdkJavascriptBrowser' })
const cacheKmsClients = cacheClients(getKmsClient)
export type KmsKeyringWebCryptoInput = Partial<KmsKeyringInput<KMS>>
export type KMSWebCryptoConstructible = KMSConstructible<KMS, KMS.ClientConfiguration>
export type KmsWebCryptoClientSupplier = KmsClientSupplier<KMS>
export class KmsKeyringBrowser extends KmsKeyringClass(KeyringWebCrypto as KeyRingConstructible<WebCryptoAlgorithmSuite>) {
constructor ({
clientProvider = cacheKmsClients,
keyIds,
generatorKeyId,
grantTokens,
discovery
}: KmsKeyringWebCryptoInput = {}) {
super({ clientProvider, keyIds, generatorKeyId, grantTokens, discovery })
}
async _onEncrypt (material: WebCryptoEncryptionMaterial) {
const _material = await super._onEncrypt(material)
return importForWebCryptoEncryptionMaterial(_material)
}
async _onDecrypt (material: WebCryptoDecryptionMaterial, encryptedDataKeys: EncryptedDataKey[]) {
const _material = await super._onDecrypt(material, encryptedDataKeys)
return importForWebCryptoDecryptionMaterial(_material)
}
}
immutableClass(KmsKeyringBrowser)
export { getClient, cacheKmsClients, limitRegions, excludeRegions, cacheClients, KMS }