Class: Chef::EncryptedDataBagItem::Decryptor::Version3Decryptor

Inherits:
Version1Decryptor show all
Defined in:
lib/chef/encrypted_data_bag_item/decryptor.rb

Instance Attribute Summary

Attributes inherited from Version1Decryptor

#encrypted_data, #key

Attributes inherited from Version0Decryptor

#encrypted_data, #key

Instance Method Summary collapse

Methods inherited from Version1Decryptor

#decrypted_data, #encrypted_bytes, #for_decrypted_item, #iv

Methods inherited from Version0Decryptor

#decrypted_data, #encrypted_bytes, #for_decrypted_item

Methods included from Assertions

#assert_aead_requirements_met!, #assert_format_version_acceptable!, #assert_requirements_met!, #assert_valid_cipher!

Constructor Details

#initialize(encrypted_data, key) ⇒ Version3Decryptor

Returns a new instance of Version3Decryptor.



197
198
199
200
 
# File 'lib/chef/encrypted_data_bag_item/decryptor.rb', line 197

def initialize(encrypted_data, key)
  super
  assert_aead_requirements_met!(algorithm)
end

Instance Method Details

#algorithmObject

Returns the used decryption algorithm



203
204
205
 
# File 'lib/chef/encrypted_data_bag_item/decryptor.rb', line 203

def algorithm
  AEAD_ALGORITHM
end

#auth_tagObject 



207
208
209
210
211
212
213
 
# File 'lib/chef/encrypted_data_bag_item/decryptor.rb', line 207

def auth_tag
  auth_tag_b64 = @encrypted_data["auth_tag"]
  if auth_tag_b64.nil?
    raise DecryptionFailure, "Error decrypting data bag value: invalid authentication tag. Most likely the data is corrupted"
  end
  Base64.decode64(auth_tag_b64)
end

#openssl_decryptorObject 



215
216
217
218
219
220
221
222
 
# File 'lib/chef/encrypted_data_bag_item/decryptor.rb', line 215

def openssl_decryptor
  @openssl_decryptor ||= begin
    d = super
    d.auth_tag = auth_tag
    d.auth_data = ""
    d
  end
end