class Chef::EncryptedDataBagItem::Encryptor::Version2Encryptor
Public Class Methods
encryptor_keys()
click to toggle source
Calls superclass method
Chef::EncryptedDataBagItem::Encryptor::Version1Encryptor.encryptor_keys
# File lib/chef/encrypted_data_bag_item/encryptor.rb, line 157 def self.encryptor_keys super + %w{ hmac } end
Public Instance Methods
for_encrypted_item()
click to toggle source
Returns a wrapped and encrypted version of plaintext_data
suitable for using as the value in an encrypted data bag item.
# File lib/chef/encrypted_data_bag_item/encryptor.rb, line 138 def for_encrypted_item { "encrypted_data" => encrypted_data, "hmac" => hmac, "iv" => Base64.encode64(iv), "version" => 2, "cipher" => algorithm, } end
hmac()
click to toggle source
Generates an HMAC-SHA2-256 of the encrypted data (encrypt-then-mac)
# File lib/chef/encrypted_data_bag_item/encryptor.rb, line 149 def hmac @hmac ||= begin digest = OpenSSL::Digest.new("sha256") raw_hmac = OpenSSL::HMAC.digest(digest, key, encrypted_data) Base64.encode64(raw_hmac) end end