Merge pull request #3183 from dansteen/master

fix for https://github.com/chef/chef/issues/2113
author: Thom May <thom@may.lt> 2016-02-09 10:10:17 -0800
committer: Thom May <thom@may.lt> 2016-02-09 10:10:17 -0800
commit: 7755b93c72ef33d5041b6a9c4b53bcf29814579d (patch)
tree: a80408b8654047f8630971b910f5255996a66f44
parent: 09d1cbfb091094c6d5e0d9b5c715c1555ac21f83 (diff)
parent: 5692b8fd62795925d787e2c9870c5359a9a90f60 (diff)
download: chef-7755b93c72ef33d5041b6a9c4b53bcf29814579d.tar.gz
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/chef/encrypted_data_bag_item/decryptor.rb b/lib/chef/encrypted_data_bag_item/decryptor.rb
index 652c5bf718..a002a98a79 100644
--- a/lib/chef/encrypted_data_bag_item/decryptor.rb
+++ b/lib/chef/encrypted_data_bag_item/decryptor.rb
@@ -92,7 +92,8 @@ class Chef::EncryptedDataBagItem
           plaintext = openssl_decryptor.update(encrypted_bytes)
           plaintext << openssl_decryptor.final
         rescue OpenSSL::Cipher::CipherError => e
-          raise DecryptionFailure, "Error decrypting data bag value: '#{e.message}'. Most likely the provided key is incorrect"
+          # if the key length is less than 150 characters, and it contains slashes, we think it may be a path.
+          raise DecryptionFailure, "Error decrypting data bag value: '#{e.message}'. Most likely the provided key is incorrect. #{ @key.length < 255 and @key.include?('/') ? 'You may need to use --secret-file rather than --secret.' : '' }"
         end
       end
 
@@ -142,7 +143,8 @@ class Chef::EncryptedDataBagItem
           plaintext = openssl_decryptor.update(encrypted_bytes)
           plaintext << openssl_decryptor.final
         rescue OpenSSL::Cipher::CipherError => e
-          raise DecryptionFailure, "Error decrypting data bag value: '#{e.message}'. Most likely the provided key is incorrect"
+          # if the key length is less than 150 characters, and it contains slashes, we think it may be a path.
+          raise DecryptionFailure, "Error decrypting data bag value: '#{e.message}'. Most likely the provided key is incorrect. #{ @key.length < 255 and @key.include?('/') ? 'You may need to use --secret-file rather than --secret.' : '' }"
         end
       end
author	Thom May <thom@may.lt>	2016-02-09 10:10:17 -0800
committer	Thom May <thom@may.lt>	2016-02-09 10:10:17 -0800
commit	7755b93c72ef33d5041b6a9c4b53bcf29814579d (patch)
tree	a80408b8654047f8630971b910f5255996a66f44
parent	09d1cbfb091094c6d5e0d9b5c715c1555ac21f83 (diff)
parent	5692b8fd62795925d787e2c9870c5359a9a90f60 (diff)
download	chef-7755b93c72ef33d5041b6a9c4b53bcf29814579d.tar.gz