17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
# File 'lib/chef/knife/DecryptPassword.rb', line 17
def run
unless config[:username]
puts("You must supply a username to decrypt")
exit 1
end
Shef::Extensions.extend_context_object(self)
data_bag_path = "./data_bags/passwords"
username = config[:username]
user_private_key = OpenSSL::PKey::RSA.new(open(Chef::Config[:client_key]).read())
key = JSON.parse(IO.read("#{data_bag_path}/#{username}_keys.json"))
unless key[Chef::Config[:node_name]]
puts("Can't find a key for #{Chef::Config[:node_name]}... You can't decrypt!")
exit 1
end
data_bag_shared_key = user_private_key.private_decrypt(Base64.decode64(key[Chef::Config[:node_name]]))
credential = JSON.parse(open("#{data_bag_path}/#{username}.json").read())
credential = Chef::EncryptedDataBagItem.new credential, data_bag_shared_key
puts("username: #{credential['username']}, password: #{credential['password']}")
end
|