My product keys are encrypted using aws kms.
Can I create a cassette with my credentials for aws and then use same answer for other credentials?
To encrypt key, I send a plaintext to kms, ciphertextblob comes in response. For decryption, on contrary, I send ciphertextblob.
I need a specific answer to come with other credentials in secrets.yml. With given plaintext and ciphertextblob.
Is it possible?
My encrypt cassette:
---
http_interactions:
- request:
method: post
uri: https://kms.us-east-1.amazonaws.com/
body:
encoding: UTF-8
string: '{"KeyId":"c503e...","Plaintext":"c29tZV9zZWNyZXRfa2V5"}'
headers:
Content-Type:
- application/x-amz-json-1.1
Accept-Encoding:
- ''
User-Agent:
- aws-sdk-ruby2/2.11.350 ruby/2.6.5 x86_64-darwin16
X-Amz-Target:
- TrentService.Encrypt
X-Amz-Date:
- 20191027T114350Z
Host:
- kms.us-east-1.amazonaws.com
X-Amz-Content-Sha256:
- e44f3b42ea47f0da15d3ea308f0fe18f...
Authorization:
- AWS4-HMAC-SHA256 Credential=AKIA.../20191027/us-east-1/kms/aws4_request,
SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date;x-amz-target,
Signature=6734f877ffaab94...
Content-Length:
- '83'
Accept:
- "*/*"
response:
status:
code: 200
message: OK
headers:
X-Amzn-Requestid:
- ab60...
Cache-Control:
- no-cache, no-store, must-revalidate, private
Expires:
- '0'
Pragma:
- no-cache
Date:
- Sun, 27 Oct 2019 11:43:50 GMT
Content-Type:
- application/x-amz-json-1.1
Content-Length:
- '331'
body:
encoding: UTF-8
string: '{"CiphertextBlob":"AQICAHhJfqHORt4q1tArVIjeOnn8HhbsQrVfjk1RwvzFcQ0PBwEQePP62gO7cgVCj1QBPiVEAAAAbTBrBgkqhkiG9w0BBwagXjBcAgEAMFcGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMtE/2tUMFssj2rYo+AgEQgCpF8oeItgXSUf/Xm17vEdTjScA7s+u21tLCPYb/WrTf+OZnZCp/wzgA7k8=","KeyId":"arn:aws:kms:us-east-1:9300...:key/c503..."}'
http_version:
recorded_at: Sun, 27 Oct 2019 11:43:50 GMT
recorded_with: VCR 5.0.0
Aucun commentaire:
Enregistrer un commentaire