Skip to content

Commit

Permalink
test
Browse files Browse the repository at this point in the history
  • Loading branch information
@nicolas2bert
nicolas2bert committed Sep 20, 2024
1 parent 138e683 commit c75c131
Show file tree
Hide file tree
Showing 2 changed files with 382 additions and 49 deletions.
105 changes: 56 additions & 49 deletions lib/Config.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -453,6 +453,60 @@ class Config extends EventEmitter {
this._configureBackends();
}

_parseKmsAWS(config) {
if (!config.kmsAWS) {
return {};
}
let kmsAWS = {};

const { region, endpoint, ak, sk, tls } = config.kmsAWS;

assert(endpoint, 'Configuration Error: endpoint must be defined in kmsAWS');
assert(ak, 'Configuration Error: ak must be defined in kmsAWS');
assert(sk, 'Configuration Error: sk must be defined in kmsAWS');

kmsAWS = {
endpoint,
ak,
sk,
};

if (region) {
kmsAWS.region = region;
}

if (tls) {
kmsAWS.tls = {};
if (tls.rejectUnauthorized !== undefined) {
assert(typeof tls.rejectUnauthorized === 'boolean');
kmsAWS.tls.rejectUnauthorized = tls.rejectUnauthorized;
}
// min & max TLS: One of 'TLSv1.3', 'TLSv1.2', 'TLSv1.1', or 'TLSv1'
// (see https://nodejs.org/api/tls.html#tlscreatesecurecontextoptions)
if (tls.minVersion !== undefined) {
assert(typeof tls.minVersion === 'string',
'bad config: KMS AWS TLS minVersion must be a string');
kmsAWS.tls.minVersion = tls.minVersion;
}
if (tls.maxVersion !== undefined) {
assert(typeof tls.maxVersion === 'string',
'bad config: KMS AWS TLS maxVersion must be a string');
kmsAWS.tls.maxVersion = tls.maxVersion;
}
if (tls.ca !== undefined) {
kmsAWS.tls.ca = this._loadTlsFileArray(tls.ca);
}
if (tls.cert !== undefined) {
kmsAWS.tls.cert = this._loadTlsFileArray(tls.cert);
}
if (tls.key !== undefined) {
kmsAWS.tls.key = this._loadTlsFileArray(tls.key);
}
}

return kmsAWS;
}

_getLocationConfig() {
let locationConfig;
try {
Expand Down Expand Up @@ -508,7 +562,7 @@ class Config extends EventEmitter {
_loadTlsFileArray(tlsFileName) {
let res;
if (Array.isArray(tlsFileName)) {
res = tlsFileName.map(this._loadTlsFile);
res = tlsFileName.map(tlsFile => this._loadTlsFile(tlsFile));
} else {
res = this._loadTlsFile(tlsFileName);
}
Expand Down Expand Up @@ -1105,54 +1159,7 @@ class Config extends EventEmitter {
}
}

this.kmsAWS = {};
if (config.kmsAWS) {
const { region, endpoint, ak, sk, tls } = config.kmsAWS;

assert(endpoint, 'Configuration Error: endpoint must be defined in kmsAWS');
assert(ak, 'Configuration Error: ak must be defined in kmsAWS');
assert(sk, 'Configuration Error: sk must be defined in kmsAWS');

this.kmsAWS = {
endpoint,
ak,
sk,
};

if (region) {
this.kmsAWS.region = region;
}


if (tls) {
this.kmsAWS.tls = {};
if (tls.rejectUnauthorized !== undefined) {
assert(typeof tls.rejectUnauthorized === 'boolean');
this.kmsAWS.tls.rejectUnauthorized = tls.rejectUnauthorized;
}
// min & max TLS: One of 'TLSv1.3', 'TLSv1.2', 'TLSv1.1', or 'TLSv1'
// (see https://nodejs.org/api/tls.html#tlscreatesecurecontextoptions)
if (tls.minVersion !== undefined) {
assert(typeof tls.minVersion === 'string',
'bad config: KMS AWS TLS minVersion must be a string');
this.kmsAWS.tls.minVersion = tls.minVersion;
}
if (tls.maxVersion !== undefined) {
assert(typeof tls.maxVersion === 'string',
'bad config: KMS AWS TLS maxVersion must be a string');
this.kmsAWS.tls.maxVersion = tls.maxVersion;
}
if (tls.ca !== undefined) {
this.kmsAWS.tls.ca = this._loadTlsFileArray(tls.ca);
}
if (tls.cert !== undefined) {
this.kmsAWS.tls.cert = this._loadTlsFileArray(tls.cert);
}
if (tls.key !== undefined) {
this.kmsAWS.tls.key = this._loadTlsFileArray(tls.key);
}
}
}
this.kmsAWS = this._parseKmsAWS(config);

const defaultEncryptionKeyPerAccount = config.defaultEncryptionKeyPerAccount;
this.defaultEncryptionKeyPerAccount = defaultEncryptionKeyPerAccount || false;
Expand Down
Loading

0 comments on commit c75c131

Please sign in to comment.