Class: Hiera::Backend::Eyaml::Encryptors::Rsa

Inherits:
Encryptor
  • Object
show all
Defined in:
lib/hiera/backend/eyaml/encryptors/rsa.rb

Class Method Summary collapse

Class Method Details

.create_keysObject



44
45
46
47
48
49
50
51
52
53
54
55
# File 'lib/hiera/backend/eyaml/encryptors/rsa.rb', line 44

def self.create_keys
  public_key = option(:public_key)
  private_key = option(:private_key)
  keysize = option(:keysize)

  key = OpenSSL::PKey::RSA.new(keysize)
  EncryptHelper.ensure_key_dir_exists private_key
  EncryptHelper.write_important_file filename: private_key, content: key.to_pem, mode: 0o600
  EncryptHelper.ensure_key_dir_exists public_key
  EncryptHelper.write_important_file filename: public_key, content: key.public_key.to_pem
  LoggingHelper.info "Keys created OK"
end

.decrypt(ciphertext) ⇒ Object



38
39
40
41
42
# File 'lib/hiera/backend/eyaml/encryptors/rsa.rb', line 38

def self.decrypt(ciphertext)
  LoggingHelper.trace "RSA decrypt"
  private_key = load_key(:private_key, :private_key_env_var)
  private_key.private_decrypt(ciphertext)
end

.encrypt(plaintext) ⇒ Object



32
33
34
35
36
# File 'lib/hiera/backend/eyaml/encryptors/rsa.rb', line 32

def self.encrypt(plaintext)
  LoggingHelper.trace "RSA encrypt"
  public_key = load_key(:public_key, :public_key_env_var)
  public_key.public_encrypt(plaintext)
end

.load_key(key_key, key_env_var_key) ⇒ Object

Raises:

  • (StandardError)


57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
# File 'lib/hiera/backend/eyaml/encryptors/rsa.rb', line 57

def self.load_key(key_key, key_env_var_key)
  key = option(key_key)
  key_env_var = option(key_env_var_key)

  raise StandardError, "rsa_#{key_key} is not defined" unless key || key_env_var

  warn "both #{key_key} and #{key_env_var} specified, using #{key_key}" if key && key_env_var

  key_pem = if key_env_var && ENV[key_env_var]
              ENV[key_env_var]
            else
              File.read(key)
            end
  OpenSSL::PKey::RSA.new(key_pem)
end