Class: Chef::EncryptedDataBagItem::Decryptor::Version0Decryptor

Inherits:

Object

Object
Chef::EncryptedDataBagItem::Decryptor::Version0Decryptor

show all

Includes:: Assertions

Defined in:: lib/chef/encrypted_data_bag_item/decryptor.rb

Direct Known Subclasses

Version1Decryptor

Instance Attribute Summary collapse

#encrypted_data ⇒ Object readonly

Returns the value of attribute encrypted_data.
#key ⇒ Object readonly

Returns the value of attribute key.

Instance Method Summary collapse

#algorithm ⇒ Object

Returns the used decryption algorithm.
#decrypted_data ⇒ Object
#encrypted_bytes ⇒ Object
#for_decrypted_item ⇒ Object
#initialize(encrypted_data, key) ⇒ Version0Decryptor constructor

A new instance of Version0Decryptor.
#openssl_decryptor ⇒ Object

Methods included from Assertions

#assert_aead_requirements_met!, #assert_format_version_acceptable!, #assert_requirements_met!, #assert_valid_cipher!

Constructor Details

#initialize(encrypted_data, key) ⇒ `Version0Decryptor`

Returns a new instance of Version0Decryptor.

# File 'lib/chef/encrypted_data_bag_item/decryptor.rb', line 76

def initialize(encrypted_data, key)
  @encrypted_data = encrypted_data
  @key = key
end

Instance Attribute Details

#encrypted_data ⇒ `Object` (readonly)

Returns the value of attribute encrypted_data.



73
74
75

# File 'lib/chef/encrypted_data_bag_item/decryptor.rb', line 73

def encrypted_data
  @encrypted_data
end

#key ⇒ `Object` (readonly)

Returns the value of attribute key.



74
75
76

# File 'lib/chef/encrypted_data_bag_item/decryptor.rb', line 74

def key
  @key
end

Instance Method Details

#algorithm ⇒ `Object`

Returns the used decryption algorithm



82
83
84

# File 'lib/chef/encrypted_data_bag_item/decryptor.rb', line 82

def algorithm
  ALGORITHM
end

#decrypted_data ⇒ `Object`

# File 'lib/chef/encrypted_data_bag_item/decryptor.rb', line 90

def decrypted_data
  @decrypted_data ||=
    begin
      plaintext = openssl_decryptor.update(encrypted_bytes)
      plaintext << openssl_decryptor.final
    rescue OpenSSL::Cipher::CipherError => e
      # if the key length is less than 255 characters, and it contains slashes, we think it may be a path.
      raise DecryptionFailure, "Error decrypting data bag value: '#{e.message}'. Most likely the provided key is incorrect. #{(@key.length < 255 && @key.include?("/")) ? "You may need to use --secret-file rather than --secret." : ""}"
    end
end

#encrypted_bytes ⇒ `Object`



101
102
103

# File 'lib/chef/encrypted_data_bag_item/decryptor.rb', line 101

def encrypted_bytes
  Base64.decode64(@encrypted_data)
end

#for_decrypted_item ⇒ `Object`



86
87
88

# File 'lib/chef/encrypted_data_bag_item/decryptor.rb', line 86

def for_decrypted_item
  YAML.load(decrypted_data)
end

#openssl_decryptor ⇒ `Object`

# File 'lib/chef/encrypted_data_bag_item/decryptor.rb', line 105

def openssl_decryptor
  @openssl_decryptor ||=
    begin
      d = OpenSSL::Cipher.new(algorithm)
      d.decrypt
      d.pkcs5_keyivgen(key)
      d
    end
end

Class: Chef::EncryptedDataBagItem::Decryptor::Version0Decryptor

Direct Known Subclasses

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods included from Assertions

Constructor Details

#initialize(encrypted_data, key) ⇒ Version0Decryptor

Instance Attribute Details

#encrypted_data ⇒ Object (readonly)

#key ⇒ Object (readonly)

Instance Method Details

#algorithm ⇒ Object

#decrypted_data ⇒ Object

#encrypted_bytes ⇒ Object

#for_decrypted_item ⇒ Object

#openssl_decryptor ⇒ Object

#initialize(encrypted_data, key) ⇒ `Version0Decryptor`

#encrypted_data ⇒ `Object` (readonly)

#key ⇒ `Object` (readonly)

#algorithm ⇒ `Object`

#decrypted_data ⇒ `Object`

#encrypted_bytes ⇒ `Object`

#for_decrypted_item ⇒ `Object`

#openssl_decryptor ⇒ `Object`