Commit cc39f18e authored by Geoff Meakin's avatar Geoff Meakin

Ensured decrypts() is only called if Encryptor matches encryption type

parent cf7d026c
......@@ -4,3 +4,4 @@
keys/*.pem
pkg/
tmp/
.DS_Store
......@@ -22,5 +22,5 @@ Feature: eyaml encrypting
Scenario: encrypt using STDIN
When I run `./pipe_string.sh encrypt_me eyaml -e -o string --stdin`
Then the output should match /ENC\[PKCS7,(.*?)/]$/
Then the output should match /ENC\[PKCS7,(.*?)\]$/
......@@ -58,6 +58,7 @@ class Hiera
# blocks
output = @input_data.gsub( regex_encrypted_block ) { |match|
indentation = $1
next if $2.nil? and self.class.name.split('::').last.upcase != Utils.default_encryption
encryption_method = if $2.nil? then Utils.default_encryption else $2.split(',').first end
ciphertext = $3.gsub(/[ \n]/, '')
plaintext = decrypt_string(ciphertext)
......@@ -66,6 +67,7 @@ class Hiera
# strings
output.gsub!( regex_encrypted_string ) { |match|
next if $1.nil? and self.class.name.split('::').last.upcase != Utils.default_encryption
encryption_method = if $1.nil? then Utils.default_encryption else $1.split(',').first end
plaintext = decrypt_string($2)
"DEC::#{self.class::ENCRYPT_TAG}[" + plaintext + "]!"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment