Sha256: 58acdb25ab21c7af1df75db65cda7b2a8f9fe8c0b7d66ad9beee6e8a2dd26208
Contents?: true
Size: 812 Bytes
Versions: 2
Compression:
Stored size: 812 Bytes
Contents
class ChefVault
class Certificate
attr_accessor :name
def initialize(data_bag, name)
@name = name
@data_bag = data_bag
end
def decrypt_contents
# use the private client_key file to create a decryptor
private_key = open(Chef::Config[:client_key]).read
private_key = OpenSSL::PKey::RSA.new(private_key)
keys = Chef::DataBagItem.load(@data_bag, "#{name}_keys")
unless keys[Chef::Config[:node_name]]
throw "#{name} is not encrypted for you! Rebuild the certificate data bag"
end
node_key = Base64.decode64(keys[Chef::Config[:node_name]])
shared_secret = private_key.private_decrypt(node_key)
certificate = Chef::EncryptedDataBagItem.load(@data_bag, @name, shared_secret)
certificate["contents"]
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| chef-vault-1.0.1 | lib/chef-vault/certificate.rb |
| chef-vault-1.0.0 | lib/chef-vault/certificate.rb |