Expose the functionality to decrypt given data using keyring

This allows us to provide the keyring a blob of encrypted data and a key name, and have it decrypt it for us. Also fixed javadoc length in Keyring.java. It seems like it was using a 80-character length limit. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=222995542
2025-06-28 23:33:36 +02:00 · 2018-11-27 08:31:55 -08:00 · 2018-11-27 08:31:55 -08:00 · 4416601a1d
commit 4416601a1d
parent 0ed0bcc99f
6 changed files with 70 additions and 30 deletions
--- a/java/google/registry/keyring/kms/KmsKeyring.java
+++ b/java/google/registry/keyring/kms/KmsKeyring.java
@ -205,13 +205,27 @@ public class KmsKeyring implements Keyring {
  }

  private byte[] getDecryptedData(String keyName) {
-    KmsSecret secret = getSecret(keyName);
+    String encryptedData = getEncryptedData(keyName);
+    return getDecryptedData(keyName, encryptedData);
+  }
+
+  private byte[] getDecryptedData(KmsSecret secret) {
    String encryptedData = getEncryptedData(secret);
+    return getDecryptedData(secret, encryptedData);
+  }
+
+  private byte[] getDecryptedData(KmsSecret secret, String encryptedData) {
    try {
      return kmsConnection.decrypt(secret.getName(), encryptedData);
    } catch (Exception e) {
      throw new KeyringException(
-          String.format("CloudKMS decrypt operation failed for secret %s", keyName), e);
+          String.format("CloudKMS decrypt operation failed for secret %s", secret.getName()), e);
    }
  }
+
+  @Override
+  public byte[] getDecryptedData(String keyName, String encryptedData) {
+    KmsSecret secret = getSecret(keyName);
+    return getDecryptedData(secret);
+  }
 }