in s3_file/libraries/s3_file.rb [165:184]
def self.aes256_decrypt(key, file)
Chef::Log.debug("Decrypting S3 file.")
key = key.strip
require "digest"
key = Digest::SHA256.digest(key) if(key.kind_of?(String) && 32 != key.bytesize)
aes = OpenSSL::Cipher.new('AES-256-CBC')
aes.decrypt
aes.key = key
decrypt_file = Tempfile.new("chef-s3-decrypt")
File.open(decrypt_file, "wb") do |df|
File.open(file, "rb") do |fi|
while buffer = fi.read(BLOCKSIZE_TO_READ)
df.write aes.update(buffer)
end
end
df.write aes.final
end
decrypt_file
end