class SaltHiera::Plugins::Eyaml

Public Class Methods

decrypt(cipherbinary) click to toggle source
# File lib/salt_hiera/plugins/eyaml.rb, line 35
def self.decrypt cipherbinary

  public_key = Configuration.get "eyaml_public_key"
  private_key = Configuration.get "eyaml_private_key"

  raise StandardError, "pkcs7_public_key is not defined" unless public_key
  raise StandardError, "pkcs7_private_key is not defined" unless private_key

  private_key_pem = File.read private_key

  private_key_rsa = OpenSSL::PKey::RSA.new( private_key_pem )

  public_key_pem = File.read public_key

  public_key_x509 = OpenSSL::X509::Certificate.new( public_key_pem )

  ciphertext = Base64.decode64(cipherbinary)
  pkcs7 = OpenSSL::PKCS7.new( ciphertext )

  pkcs7.decrypt(private_key_rsa, public_key_x509)

end
process_file(file) click to toggle source
# File lib/salt_hiera/plugins/eyaml.rb, line 9
def self.process_file file

  contents = File.read file
  dict = YAML.load contents
  dict ||= {}
  dict = self.recurse dict
  dict

end
recurse(obj) click to toggle source
# File lib/salt_hiera/plugins/eyaml.rb, line 19
def self.recurse obj
  if obj.is_a? Array
    obj.each.with_index do |element, index|
      obj[index] = self.recurse element
    end
  elsif obj.is_a? Hash
    obj.each do |k, v|
      obj[k] = self.recurse v
    end
  elsif obj.is_a? String
    obj = obj.gsub(/ENC\[PKCS7,(.*?)\]/) {|x| self.decrypt($1) }
  else
    obj
  end
end