Class: ChefKeepass::Certificate

Inherits:

Object

• Object
• ChefKeepass::Certificate

Defined in:

lib/chef-keepass/certificate.rb

Instance Attribute Summary

• #name ⇒ Object

  Returns the value of attribute name.

Instance Method Summary

• #decrypt_contents ⇒ Object
• #initialize(data_bag, name) ⇒ Certificate constructor

  A new instance of Certificate.

Constructor Details

#initialize(data_bag, name) ⇒ Certificate

Returns a new instance of Certificate.

# File 'lib/chef-keepass/certificate.rb', line 5

def initialize(data_bag, name)
  @name = name
  @data_bag = data_bag
end

Instance Attribute Details

#name ⇒ Object

Returns the value of attribute name.

# File 'lib/chef-keepass/certificate.rb', line 3

def name
  @name
end

Instance Method Details

#decrypt_contents ⇒ Object

# File 'lib/chef-keepass/certificate.rb', line 10

def decrypt_contents
  # use the private client_key file to create a decryptor
  private_key = open(Chef::Config[:client_key]).read
  private_key = OpenSSL::PKey::RSA.new(private_key)
  keys = Chef::DataBagItem.load(@data_bag, "#{name}_keys")

  unless keys[Chef::Config[:node_name]]
    throw "#{name} is not encrypted for you!  Rebuild the certificate data bag"
  end

  node_key = Base64.decode64(keys[Chef::Config[:node_name]])
  shared_secret = private_key.private_decrypt(node_key)
  certificate = Chef::EncryptedDataBagItem.load(@data_bag, @name, shared_secret)

  certificate["contents"]
end