Class: Connect::Datasources::Encrypted

Inherits:

Base

• Object
• Base
• Connect::Datasources::Encrypted

Defined in:

lib/connect/datasources/encrypted.rb

Overview

The ‘Encrypted` datasource allows you to sue encrypted data in your configs.

Instance Method Summary

• #initialize(_name, password = nil, algorithm = 'AES-128-CBC') ⇒ Datasource::Base constructor

  Creates a Cypher with the specfied code and saves it.

• #lookup(encrypted_string) ⇒ Object

  Decrypt the data in the key and return the values.

Constructor Details

#initialize(_name, password = nil, algorithm = 'AES-128-CBC') ⇒ Datasource::Base

Creates a Cypher with the specfied code and saves it. The lookup will use the cypher to decrypt data

Parameters:

• _name (String) —

  the name of the datasource. In this case it will always be ‘yaml`

• password (String) (defaults to: nil) —

  The decryption password used for the cypher

• algorithm (String) (defaults to: 'AES-128-CBC') —

  The decryption algorithm

# File 'lib/connect/datasources/encrypted.rb', line 24

def initialize(_name, password = nil, algorithm = 'AES-128-CBC')
  fail ArgumentError, 'password required as first argument of encrypted datasource' unless password
  super
  @cipher     = OpenSSL::Cipher.new(algorithm)
  @cipher.decrypt
  @cipher.key = password
end

Instance Method Details

#lookup(encrypted_string) ⇒ Object

Decrypt the data in the key and return the values

Parameters:

• encrypted_string (String) —

  the encrypted data

Returns:

• The decrypted value of the encrypted string

# File 'lib/connect/datasources/encrypted.rb', line 37

def lookup(encrypted_string)
  crypted_iv, crypted_value = encrypted_string.split('|')
  fail ArgumentError, 'invalid value for decryption' unless crypted_iv && crypted_value
  iv = Base64.decode64(crypted_iv)
  value = Base64.decode64(crypted_value)
  @cipher.iv = iv
  @cipher.update(value) + @cipher.final
end