pub fn decrypt(value: &str, key_file: &str) -> Result<String, EnvError>Expand description
Decrypts an encrypted Geneos environment variable.
This function assumes the encryption was performed using AES-256 in CBC mode with PKCS7 padding. Encrypted values must start with “+encs+” followed by the hexadecimal representation of the ciphertext. The provided key file must contain the salt, key, and IV in the expected format. If the input value is not encrypted (i.e. does not start with “+encs+”), it is returned unchanged.
§Arguments
value- The encrypted string slice.key_file- The path to the key file containing decryption parameters.
§Returns
The decrypted string on success, or an error if decryption fails.
§Example
use geneos_toolkit::env;
let encrypted = "+encs+69B1E12815FA83702F0016B0E7FBD33B";
let decrypted = env::decrypt(encrypted, "path/to/key-file").unwrap();
println!("Decrypted value: {}", decrypted);