I have created an decryption script, and it complies without throwing any errors although it returns a junk string with strange symbols.
An example of encrypted string: fff: T3UZSkX4vsJxnWEaIMWK3w==
When decoded: ᄒヨ5pチᄒミᄒワᄒᆰ`ᄒᄆ,Chホᄌᄂ
The part of script I am using to decrypt is,
#Call decryption method
item = decryptDatabag(project, domain)
puts(item["chef_password"])
puts(item["Password"])
end
def decryptDatabag(project, domain)
#Read in the password for Artifactory
contents = File.read("\\\\############\\ChefEncryptedKeys\\secretpassword.txt")
#Get the secret file from Artifactory
system("wget -qP \\\\############\\ChefEncryptedDatabagKey\\#{@project}\ http://admin:#{contents}@############/artifactory/simple/chef-secrets-local//#{@project}//#{chefDomain}//secret.txt")
#Load the specifc secret file for the decryption
secret = Chef::EncryptedDataBagItem.load_secret("\\\\############\\ChefEncryptedDatabagKey\\#{@project}\\secret.txt")
#Calls the getSourceRest method to get the specific Chef address
getSourceRest
project = @project
#Loads and decrypts the data bag item with the given name.
item = Chef::EncryptedDataBagItem.load(project, "EncryptedItem", secret)
end
def getSourceRest
#Sets the chefClientConfig parameter to hold the directory of the specific knife file
@chefClientConfig = "c://chef//#{@domain}//knife.rb"
f = ::File.open(@chefClientConfig, "r")
while (line = f.gets)
if line.include?("chef_server_url")
@chefServerUrl = line.split(":")[1]
end
end
Chef::Config.from_file(@chefClientConfig)
#Sets the sourcerest parameter to hold the specific Chef address
@sourcerest = Chef::REST.new("http:" + @chefServerUrl + ":4000")
end
@domains = ["DEV","QA","PERF","BETA","LOAD","NL","SB"]
checkArguments
It is also pulling from the file encrypted_data_bag_item.rb.
ALGORITHM = 'aes-256-cbc'
def [](key)
value = @enc_hash[key]
if key == "id" || value.nil?
value
else
self.class.decrypt(value, @secret)
end
end
def self.decrypt(value, key)
YAML.load(self.decipher(:decrypt, Base64.decode64(value), key))
end
def self.decipher(direction, data, key)
decipher = OpenSSL::Cipher::Cipher.new(ALGORITHM)
decipher.decrypt
decipher.padding = 0
decipher.send(direction)
decipher.pkcs5_keyivgen(key)
ans = decipher.update(data)
ans << decipher.final
ans
end
Can anyone help me with this problem please?