Class: Chef::EncryptedDataBagItem::Encryptor::Version2Encryptor
- Inherits:
-
Version1Encryptor
- Object
- Version1Encryptor
- Chef::EncryptedDataBagItem::Encryptor::Version2Encryptor
- Defined in:
- lib/chef/encrypted_data_bag_item/encryptor.rb
Instance Attribute Summary
Attributes inherited from Version1Encryptor
Class Method Summary collapse
Instance Method Summary collapse
-
#for_encrypted_item ⇒ Object
Returns a wrapped and encrypted version of
plaintext_data
suitable for using as the value in an encrypted data bag item. -
#hmac ⇒ Object
Generates an HMAC-SHA2-256 of the encrypted data (encrypt-then-mac).
Methods inherited from Version1Encryptor
#algorithm, #encrypted_data, #initialize, #iv, #openssl_encryptor, #serialized_data
Methods included from Assertions
#assert_aead_requirements_met!, #assert_format_version_acceptable!, #assert_requirements_met!, #assert_valid_cipher!
Constructor Details
This class inherits a constructor from Chef::EncryptedDataBagItem::Encryptor::Version1Encryptor
Class Method Details
.encryptor_keys ⇒ Object
157 158 159 |
# File 'lib/chef/encrypted_data_bag_item/encryptor.rb', line 157 def self.encryptor_keys super + %w{ hmac } end |
Instance Method Details
#for_encrypted_item ⇒ Object
Returns a wrapped and encrypted version of plaintext_data
suitable for using as the value in an encrypted data bag item.
138 139 140 141 142 143 144 145 146 |
# File 'lib/chef/encrypted_data_bag_item/encryptor.rb', line 138 def for_encrypted_item { "encrypted_data" => encrypted_data, "hmac" => hmac, "iv" => Base64.encode64(iv), "version" => 2, "cipher" => algorithm, } end |
#hmac ⇒ Object
Generates an HMAC-SHA2-256 of the encrypted data (encrypt-then-mac)
149 150 151 152 153 154 155 |
# File 'lib/chef/encrypted_data_bag_item/encryptor.rb', line 149 def hmac @hmac ||= begin digest = OpenSSL::Digest.new("sha256") raw_hmac = OpenSSL::HMAC.digest(digest, key, encrypted_data) Base64.encode64(raw_hmac) end end |