class OpStack::Encryption

Constants

ALGORITHM

Attributes

cipher[R]
encrypted_data[R]
key[R]
plaintext_data[R]

Public Instance Methods

decrypted_data() click to toggle source
# File lib/opstack/encryption.rb, line 72
def decrypted_data
  @decrypted_data ||= begin
    plaintext = openssl_decryptor.update(@encrypted_data)
    plaintext << openssl_decryptor.final
  rescue OpenSSL::Cipher::CipherError => e
    raise DecryptionFailure, "Error decrypting data bag value: '#{e.message}'. Most likely the provided key is incorrect"
  end
end
decrypted_hash() click to toggle source
# File lib/opstack/encryption.rb, line 93
def decrypted_hash
  FFI_Yajl::Parser.parse(decrypted_data)["json_wrapper"]
end
decryptor(encrypted_hash, key) click to toggle source
# File lib/opstack/encryption.rb, line 30
def decryptor(encrypted_hash, key)
  @encrypted_data = Base64.decode64(encrypted_hash["encrypted_data"])
  @cipher = encrypted_hash["cipher"] || ALGORITHM
  @iv = Base64.decode64(encrypted_hash["iv"])
  @key = key
  self
end
encrypted_hash() click to toggle source
# File lib/opstack/encryption.rb, line 81
def encrypted_hash
  {
    "encrypted_data" => encrypted_data,
    "iv" => Base64.encode64(iv),
    "cipher" => cipher
  }
end
encryptor(plaintext_data, key, iv=nil, cipher=nil) click to toggle source
# File lib/opstack/encryption.rb, line 22
def encryptor(plaintext_data, key, iv=nil, cipher=nil)
  @plaintext_data = plaintext_data
  @key = key
  @iv = iv && Base64.decode64(iv)
  @cipher = cipher || ALGORITHM
  self
end
iv() click to toggle source
# File lib/opstack/encryption.rb, line 38
def iv
  openssl_encryptor if @iv.nil? and @plaintext_data
  @iv
end
openssl_decryptor() click to toggle source
# File lib/opstack/encryption.rb, line 54
def openssl_decryptor
  @openssl_decryptor ||= begin
    decryptor = OpenSSL::Cipher.new(cipher)
    decryptor.decrypt
    decryptor.key = OpenSSL::Digest::SHA256.digest(key)
    decryptor.iv = iv
    decryptor
  end
end
openssl_encryptor() click to toggle source
# File lib/opstack/encryption.rb, line 43
def openssl_encryptor
  @openssl_encryptor ||= begin
    encryptor = OpenSSL::Cipher.new(cipher)
    encryptor.encrypt
    @iv ||= encryptor.random_iv
    encryptor.iv = @iv
    encryptor.key = Digest::SHA256.digest(key)
    encryptor
  end
end
serialized_data() click to toggle source
# File lib/opstack/encryption.rb, line 89
def serialized_data
  FFI_Yajl::Encoder.encode(:json_wrapper => plaintext_data)
end