Class: Chef::EncryptedDataBagItem::Decryptor::Version0Decryptor
- Inherits:
-
Object
- Object
- Chef::EncryptedDataBagItem::Decryptor::Version0Decryptor
- Includes:
- Assertions
- Defined in:
- lib/chef/encrypted_data_bag_item/decryptor.rb
Direct Known Subclasses
Instance Attribute Summary collapse
-
#encrypted_data ⇒ Object
readonly
Returns the value of attribute encrypted_data.
-
#key ⇒ Object
readonly
Returns the value of attribute key.
Instance Method Summary collapse
-
#algorithm ⇒ Object
Returns the used decryption algorithm.
- #decrypted_data ⇒ Object
- #encrypted_bytes ⇒ Object
- #for_decrypted_item ⇒ Object
-
#initialize(encrypted_data, key) ⇒ Version0Decryptor
constructor
A new instance of Version0Decryptor.
- #openssl_decryptor ⇒ Object
Methods included from Assertions
#assert_aead_requirements_met!, #assert_format_version_acceptable!, #assert_requirements_met!, #assert_valid_cipher!
Constructor Details
#initialize(encrypted_data, key) ⇒ Version0Decryptor
Returns a new instance of Version0Decryptor.
76 77 78 79 |
# File 'lib/chef/encrypted_data_bag_item/decryptor.rb', line 76 def initialize(encrypted_data, key) @encrypted_data = encrypted_data @key = key end |
Instance Attribute Details
#encrypted_data ⇒ Object (readonly)
Returns the value of attribute encrypted_data.
73 74 75 |
# File 'lib/chef/encrypted_data_bag_item/decryptor.rb', line 73 def encrypted_data @encrypted_data end |
#key ⇒ Object (readonly)
Returns the value of attribute key.
74 75 76 |
# File 'lib/chef/encrypted_data_bag_item/decryptor.rb', line 74 def key @key end |
Instance Method Details
#algorithm ⇒ Object
Returns the used decryption algorithm
82 83 84 |
# File 'lib/chef/encrypted_data_bag_item/decryptor.rb', line 82 def algorithm ALGORITHM end |
#decrypted_data ⇒ Object
90 91 92 93 94 95 96 97 98 99 |
# File 'lib/chef/encrypted_data_bag_item/decryptor.rb', line 90 def decrypted_data @decrypted_data ||= begin plaintext = openssl_decryptor.update(encrypted_bytes) plaintext << openssl_decryptor.final rescue OpenSSL::Cipher::CipherError => e # if the key length is less than 255 characters, and it contains slashes, we think it may be a path. raise DecryptionFailure, "Error decrypting data bag value: '#{e.}'. Most likely the provided key is incorrect. #{(@key.length < 255 && @key.include?("/")) ? "You may need to use --secret-file rather than --secret." : ""}" end end |
#encrypted_bytes ⇒ Object
101 102 103 |
# File 'lib/chef/encrypted_data_bag_item/decryptor.rb', line 101 def encrypted_bytes Base64.decode64(@encrypted_data) end |
#for_decrypted_item ⇒ Object
86 87 88 |
# File 'lib/chef/encrypted_data_bag_item/decryptor.rb', line 86 def for_decrypted_item YAML.load(decrypted_data) end |
#openssl_decryptor ⇒ Object
105 106 107 108 109 110 111 112 113 |
# File 'lib/chef/encrypted_data_bag_item/decryptor.rb', line 105 def openssl_decryptor @openssl_decryptor ||= begin d = OpenSSL::Cipher.new(algorithm) d.decrypt d.pkcs5_keyivgen(key) d end end |