Private/Get-VaultHeader.ps1
# Copyright: (c) 2018, Jordan Borean (@jborean93) <jborean93@gmail.com> # MIT License (see LICENSE or https://opensource.org/licenses/MIT) Function Get-VaultHeader { <# .SYNOPSIS Parses the vault text and get's the header information. .DESCRIPTION Takes in the full vault string and returns the header information as well as the byte array of the encrypted bytes. .PARAMETER Value [String] The Ansible vault contents as a string. .OUTPUTS [Version] The version of the vault. [String] The string identifying the cipher type. [String] The ID of the vault. [byte[]] The byte array of the encrypted vault contents. .EXAMPLE Get-VaultHeader -Value $vault_text .NOTES Currently only the 1.1 and 1.2 versions of Ansible Vault is supported, as of writting this, they are the latest and only supported versions in Ansible but that may change in the future. #> [CmdletBinding()] [OutputType([Object[]])] param( [Parameter(Mandatory = $true)] [String]$Value ) $vault_lines = $Value -split "[\r\n]" | Where-Object {$_} $header = $vault_lines[0].Trim().Split(";") $version = [Version]$header[1].Trim() if ($version -lt [Version]"1.1" -or $version -gt [Version]"1.2") { throw [System.NotSupportedException]"Cannot parse vault version $version, currently only 1.1 and 1.2 is supported by this tool" } $cipher = $header[2].Trim() $id = $null if ($header.Length -ge 4) { $id = $header[3].Trim() } $cipher_text = $vault_lines[1..($vault_lines.Length - 1)] -join "" $cipher_bytes = Convert-HexToByte -Value $cipher_text return $version, $cipher, $id, $cipher_bytes } |