Merge branch 'CHEF-3616-10-stable' into 10-stable

moxiespaces · Nov 16, 2012 · 8dc2072 · 8dc2072
2 parents 933cbb5 + 79e6406
commit 8dc2072
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 1 deletion.
diff --git a/chef/lib/chef/encrypted_data_bag_item.rb b/chef/lib/chef/encrypted_data_bag_item.rb
@@ -56,6 +56,9 @@ class UnsupportedEncryptedDataBagItemFormat < StandardError
   class DecryptionFailure < StandardError
   end
 
+  class UnsupportedCipher < StandardError
+  end
+
   #=== Decryptor
   # For backwards compatibility, Chef implements decryption/deserialization for
   # older encrypted data bag item formats in addition to the current version.
@@ -122,6 +125,7 @@ def decrypted_data
 
       def openssl_decryptor
         @openssl_decryptor ||= begin
+          assert_valid_cipher!
           d = OpenSSL::Cipher::Cipher.new(ALGORITHM)
           d.decrypt
           d.key = Digest::SHA256.digest(key)
@@ -130,6 +134,16 @@ def openssl_decryptor
         end
       end
 
+      def assert_valid_cipher!
+        # In the future, chef may support configurable ciphers. For now, only
+        # aes-256-cbc is supported.
+        requested_cipher = @encrypted_data["cipher"]
+        unless requested_cipher == ALGORITHM
+          raise UnsupportedCipher,
+            "Cipher '#{requested_cipher}' is not supported by this version of Chef. Available ciphers: ['#{ALGORITHM}']"
+        end
+      end
+
     end
 
     class Version0Decryptor

diff --git a/chef/spec/unit/encrypted_data_bag_item_spec.rb b/chef/spec/unit/encrypted_data_bag_item_spec.rb
@@ -60,7 +60,8 @@ def for_encrypted_item
     {
       "encrypted_data" => encrypted_data,
       "iv" => Base64.encode64(iv),
-      "version" => 1
+      "version" => 1,
+      "cipher" => ALGORITHM
     }
   end
 
@@ -135,6 +136,16 @@ def serialized_data
       end
     end
 
+    context "and the cipher is not supported" do
+      before do
+        @encrypted_value["cipher"] = "aes-256-foo"
+      end
+
+      it "raises a sensible error" do
+        lambda { @decryptor.for_decrypted_item }.should raise_error(Chef::EncryptedDataBagItem::UnsupportedCipher)
+      end
+    end
+
   end
 
   context "when decrypting a version 0 (YAML+aes-256-cbc+no iv) encrypted value" do