class Chef::EncryptedDataBagItem::Decryptor::Version0Decryptor
Attributes
encrypted_data[R]
key[R]
Public Class Methods
new(encrypted_data, key)
click to toggle source
# File lib/chef/encrypted_data_bag_item/decryptor.rb, line 76 def initialize(encrypted_data, key) @encrypted_data = encrypted_data @key = key end
Public Instance Methods
algorithm()
click to toggle source
Returns the used decryption algorithm
# File lib/chef/encrypted_data_bag_item/decryptor.rb, line 82 def algorithm ALGORITHM end
decrypted_data()
click to toggle source
# File lib/chef/encrypted_data_bag_item/decryptor.rb, line 90 def decrypted_data @decrypted_data ||= begin plaintext = openssl_decryptor.update(encrypted_bytes) plaintext << openssl_decryptor.final rescue OpenSSL::Cipher::CipherError => e # if the key length is less than 255 characters, and it contains slashes, we think it may be a path. raise DecryptionFailure, "Error decrypting data bag value: '#{e.message}'. Most likely the provided key is incorrect. #{(@key.length < 255 && @key.include?('/')) ? 'You may need to use --secret-file rather than --secret.' : ''}" end end
encrypted_bytes()
click to toggle source
# File lib/chef/encrypted_data_bag_item/decryptor.rb, line 100 def encrypted_bytes Base64.decode64(@encrypted_data) end
for_decrypted_item()
click to toggle source
# File lib/chef/encrypted_data_bag_item/decryptor.rb, line 86 def for_decrypted_item YAML.load(decrypted_data) end
openssl_decryptor()
click to toggle source
# File lib/chef/encrypted_data_bag_item/decryptor.rb, line 104 def openssl_decryptor @openssl_decryptor ||= begin d = OpenSSL::Cipher.new(algorithm) d.decrypt d.pkcs5_keyivgen(key) d end end