class Ansible::Vault::FileReader
A class for reading the data encoded in an Ansible
vault file.
@!attribute [r] body
The encoded body of the file.
@!attribute [r] header
The header of the file, not currently used.
@!attribute [r] path
The path of the file being read.
Attributes
body[R]
header[R]
path[R]
Public Class Methods
new(path)
click to toggle source
# File lib/ansible/vault/file_reader.rb, line 14 def initialize(path) @path = path ::File.open(path, 'r') { |f| @header, *body = f.readlines.map(&:chomp) @body = Array(body).join } end
Public Instance Methods
ciphertext()
click to toggle source
Extracts and decodes the ciphertext from the file body
@return [String] The raw binary representation of the ciphertext
# File lib/ansible/vault/file_reader.rb, line 25 def ciphertext return @ciphertext if defined?(@ciphertext) decode_body @ciphertext end
encrypted?()
click to toggle source
Indicates if the file is in the encrypted format or not
@return [Boolean]
# File lib/ansible/vault/file_reader.rb, line 52 def encrypted? decode_body unless defined?(@salt) # The header not matching is a dead giveaway that the file isn't what # we're expecting. That, however, probably isn't enough so we'll check # the HMAC for presence and length since it's very unlikely that # decoding the file body will result in multiple chunks AND the second # one being the correct length for a SHA256 HMAC. @header == FILE_HEADER && !@hmac.nil? && @hmac.bytesize == 64 end
hmac()
click to toggle source
Extracts the HMAC value from the file body
@return [String] The hex representation of the HMAC
# File lib/ansible/vault/file_reader.rb, line 34 def hmac return @hmac if defined?(@hmac) decode_body @hmac end
salt()
click to toggle source
Extracts and decodes the salt from the file body
@return [String] The raw binary representation of the salt
# File lib/ansible/vault/file_reader.rb, line 43 def salt return @salt if defined?(@salt) decode_body @salt end
Private Instance Methods
decode_body()
click to toggle source
# File lib/ansible/vault/file_reader.rb, line 64 def decode_body salt, @hmac, ciphertext = BinASCII.unhexlify(@body).split("\n", 3) @ciphertext = BinASCII.unhexlify(ciphertext) @salt = BinASCII.unhexlify(salt) end