Files

Class/Module Index [+]

Quicksearch

Chef::EncryptedDataBagItem::Encryptor::Version2Encryptor

Public Instance Methods

for_encrypted_item() click to toggle source

Returns a wrapped and encrypted version of plaintext_data suitable for using as the value in an encrypted data bag item.

# File lib/chef/encrypted_data_bag_item/encryptor.rb, line 122
def for_encrypted_item
  {
    "encrypted_data" => encrypted_data,
    "hmac" => hmac,
    "iv" => Base64.encode64(iv),
    "version" => 2,
    "cipher" => ALGORITHM
  }
end
hmac() click to toggle source

Generates an HMAC-SHA2-256 of the encrypted data (encrypt-then-mac)

# File lib/chef/encrypted_data_bag_item/encryptor.rb, line 133
def hmac
  @hmac ||= begin
    digest = OpenSSL::Digest::Digest.new("sha256")
    raw_hmac = OpenSSL::HMAC.digest(digest, key, encrypted_data)
    Base64.encode64(raw_hmac)
  end
end

[Validate]

Generated with the Darkfish Rdoc Generator 2.