def self.decrypt ciphertext
gnupghome = self.gnupghome
unless defined?(GPGME)
RubyGpg.config.homedir = gnupghome if gnupghome
return RubyGpg.decrypt_string(ciphertext)
end
GPGME::Engine.home_dir = gnupghome
ctx = if hiera?
GPGME::Ctx.new
else
GPGME::Ctx.new(:passphrase_callback => method(:passfunc))
end
if !ctx.keys.empty?
raw = GPGME::Data.new(ciphertext)
txt = GPGME::Data.new
begin
txt = ctx.decrypt(raw)
rescue GPGME::Error::DecryptFailed => e
warn("Fatal: Failed to decrypt ciphertext (check settings and that you are a recipient)")
raise e
rescue Exception => e
warn("Warning: General exception decrypting GPG file")
raise e
end
txt.seek 0
txt.read
else
warn("No usable keys found in #{gnupghome}. Check :gpg_gnupghome value in hiera.yaml is correct")
raise ArgumentError, "No usable keys found in #{gnupghome}. Check :gpg_gnupghome value in hiera.yaml is correct"
end
end