zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-04-29 19:47:51 +02:00
Code Issues Projects Releases Packages Wiki Activity

Store encrypted file in Base64 encoding

Browse source 
It is better to store it ASCII armored so that it can be easily diffed to see
if a file has changed

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=200045488
This commit is contained in:
jianglai 2018-06-11 07:03:24 -07:00 committed by Ben McIlwain
parent db60f0fd12
commit 6ca28386cd
2 changed files with 4 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
docs/proxy-setup.md
View file

@ -176,8 +176,8 @@ created earlier:
```bash
$ gcloud kms encrypt --plaintext-file <combined_secret.pem> \
--ciphertext-file <combined_secret.pem.enc> \
--key <key-name> --keyring <keyring-name> --location global
--ciphertext-file - --key <key-name> --keyring <keyring-name> --location \
global | base64 > <combined_secret.pem.enc>
```
This encrypted file is then uploaded to a GCS bucket specified in the

3
java/google/registry/proxy/ProxyModule.java
View file

@ -49,6 +49,7 @@ import io.netty.handler.ssl.SslProvider;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.Arrays;
import java.util.Base64;
import java.util.Optional;
import java.util.Set;
import java.util.concurrent.ExecutorService;
@ -249,7 +250,7 @@ public class ProxyModule {
.objects()
.get(config.gcs.bucket, config.gcs.sslPemFilename)
.executeMediaAndDownloadTo(outputStream);
return outputStream.toByteArray();
return Base64.getMimeDecoder().decode(outputStream.toByteArray());
} catch (IOException e) {
throw new RuntimeException(
String.format(