Add ::encryptor_keys to versioned encryptor classes.

author: Claire McQuin <claire@getchef.com> 2014-08-19 16:13:57 -0700
committer: Claire McQuin <claire@getchef.com> 2014-08-22 11:59:32 -0700
commit: 37a29399cfb0ea169835fe2fc7f52b982b9b4426 (patch)
tree: aa6fc4d7ed810c3610b4bda4a2c0ed2a9e554bf0
parent: f3450405e3411644baafa9e453cd64f23f269acd (diff)
download: chef-37a29399cfb0ea169835fe2fc7f52b982b9b4426.tar.gz
3 files changed, 24 insertions, 36 deletions
diff --git a/lib/chef/dsl/data_query.rb b/lib/chef/dsl/data_query.rb
index d0de15ce1c..e99411d3df 100644
--- a/lib/chef/dsl/data_query.rb
+++ b/lib/chef/dsl/data_query.rb
@@ -87,39 +87,15 @@ class Chef
         return false unless data.is_a?(Hash) && data.has_key?("version")
         case data["version"]
         when 1
-          version_1_encryptor_keys == data.keys.sort
+          Chef::EncryptedDataBagItem::Encryptor::Version1Encryptor.encryptor_keys.sort == data.keys.sort
         when 2
-          version_2_encryptor_keys == data.keys.sort
+          Chef::EncryptedDataBagItem::Encryptor::Version2Encryptor.encryptor_keys.sort == data.keys.sort
         when 3
-          version_3_encryptor_keys == data.keys.sort
+          Chef::EncryptedDataBagItem::Encryptor::Version3Encryptor.encryptor_keys.sort == data.keys.sort
         else
           false # version means something else... assume not encrypted.
         end
       end
-
-      ###
-      # The below methods return arrays of keys that are assigned to encrypted
-      # data hashes when a data bag item gets encrypted.
-      ###
-
-      # Chef::EncryptedDataBagItem::Encryptor::Version1Encryptor#for_encrypted_item
-      # Keys added to the encrypted data hash.
-      def version_1_encryptor_keys
-        %w(encrypted_data iv cipher version).sort
-      end
-
-      # Chef::EncryptedDataBagItem::Encryptor::Version2Encryptor#for_encrypted_item
-      # Keys added to the encrypted data hash.
-      def version_2_encryptor_keys
-        %w(encrypted_data hmac iv cipher version).sort
-      end
-
-      # Chef::EncryptedDataBagItem::Encryptor::Version3Encryptor#for_encrypted_item
-      # Keys added to the encrypted data hash.
-      def version_3_encryptor_keys
-        %w(encrypted_data auth_tag iv cipher version).sort
-      end
-
     end
   end
 end
diff --git a/lib/chef/encrypted_data_bag_item/encryptor.rb b/lib/chef/encrypted_data_bag_item/encryptor.rb
index 6bf340869a..034413c1bd 100644
--- a/lib/chef/encrypted_data_bag_item/encryptor.rb
+++ b/lib/chef/encrypted_data_bag_item/encryptor.rb
@@ -125,6 +125,10 @@ class Chef::EncryptedDataBagItem
       def serialized_data
         FFI_Yajl::Encoder.encode(:json_wrapper => plaintext_data)
       end
+
+      def self.encryptor_keys
+        %w( encrypted_data iv version cipher )
+      end
     end
 
     class Version2Encryptor < Version1Encryptor
@@ -149,6 +153,10 @@ class Chef::EncryptedDataBagItem
           Base64.encode64(raw_hmac)
         end
       end
+
+      def self.encryptor_keys
+        super + %w( hmac )
+      end
     end
 
     class Version3Encryptor < Version1Encryptor
@@ -207,6 +215,10 @@ class Chef::EncryptedDataBagItem
         end
       end
 
+      def self.encryptor_keys
+        super + %w( auth_tag )
+      end
+
     end
 
   end
diff --git a/spec/unit/dsl/data_query_spec.rb b/spec/unit/dsl/data_query_spec.rb
index 2e16d3c21d..2981c0dac9 100644
--- a/spec/unit/dsl/data_query_spec.rb
+++ b/spec/unit/dsl/data_query_spec.rb
@@ -103,7 +103,7 @@ describe Chef::DSL::DataQuery do
 
       shared_examples_for "encryption detected" do
         let(:encoded_data) do
-          Chef::Config[:data_bag_encrypt_version] = version_number
+          Chef::Config[:data_bag_encrypt_version] = version
           Chef::EncryptedDataBagItem.encrypt_data_bag_item(raw_data, default_secret)
         end
 
@@ -112,7 +112,7 @@ describe Chef::DSL::DataQuery do
         end
 
         it "detects encrypted data bag" do
-          expect( language ).to receive(encryptor_keys).at_least(:once).and_call_original
+          expect( encryptor ).to receive(:encryptor_keys).at_least(:once).and_call_original
           expect( Chef::Log ).to receive(:debug).with(/Data bag item looks encrypted/)
           language.data_bag_item(bag_name, item_name)
         end
@@ -120,22 +120,22 @@ describe Chef::DSL::DataQuery do
 
       context "when encryption version is 1" do
         include_examples "encryption detected" do
-          let(:version_number) { 1 }
-          let(:encryptor_keys) { :version_1_encryptor_keys }
+          let(:version) { 1 }
+          let(:encryptor) { Chef::EncryptedDataBagItem::Encryptor::Version1Encryptor }
         end
       end
 
       context "when encryption version is 2" do
         include_examples "encryption detected" do
-          let(:version_number) { 2 }
-          let(:encryptor_keys) { :version_2_encryptor_keys }
+          let(:version) { 2 }
+          let(:encryptor) { Chef::EncryptedDataBagItem::Encryptor::Version2Encryptor }
         end
       end
 
       context "when encryption version is 3" do
-        include_examples "encryption detected", "v3" do
-          let(:version_number) { 3 }
-          let(:encryptor_keys) { :version_3_encryptor_keys }
+        include_examples "encryption detected" do
+          let(:version) { 3 }
+          let(:encryptor) { Chef::EncryptedDataBagItem::Encryptor::Version3Encryptor }
         end
       end
author	Claire McQuin <claire@getchef.com>	2014-08-19 16:13:57 -0700
committer	Claire McQuin <claire@getchef.com>	2014-08-22 11:59:32 -0700
commit	37a29399cfb0ea169835fe2fc7f52b982b9b4426 (patch)
tree	aa6fc4d7ed810c3610b4bda4a2c0ed2a9e554bf0
parent	f3450405e3411644baafa9e453cd64f23f269acd (diff)
download	chef-37a29399cfb0ea169835fe2fc7f52b982b9b4426.tar.gz