ResiLien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
terraform/website/docs/configuration/functions/rsadecrypt.html.md

1.2 KiB
Raw Blame History

layout page_title sidebar_current description
functions rsadecrypt - Functions - Configuration Language docs-funcs-crypto-rsadecrypt The rsadecrypt function decrypts an RSA-encrypted message.

rsadecrypt Function

-> Note: This page is about Terraform 0.12 and later. For Terraform 0.11 and earlier, see 0.11 Configuration Language: Interpolation Syntax.

rsadecrypt decrypts an RSA-encrypted ciphertext, returning the corresponding cleartext.

rsadecrypt(ciphertext, privatekey)

ciphertext must be a base64-encoded representation of the ciphertext, using the PKCS #1 v1.5 padding scheme. Terraform uses the "standard" Base64 alphabet as defined in RFC 4648 section 4.

privatekey must be a PEM-encoded RSA private key that is not itself encrypted.

Terraform has no corresponding function for encrypting a message. Use this function to decrypt ciphertexts returned by remote services using a keypair negotiated out-of-band.

Examples

> rsadecrypt(filebase64("${path.module}/ciphertext"), file("privatekey.pem"))
Hello, world!