summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorClaire McQuin <claire@getchef.com>2014-08-19 16:13:57 -0700
committerClaire McQuin <claire@getchef.com>2014-08-22 11:59:32 -0700
commit37a29399cfb0ea169835fe2fc7f52b982b9b4426 (patch)
treeaa6fc4d7ed810c3610b4bda4a2c0ed2a9e554bf0 /lib
parentf3450405e3411644baafa9e453cd64f23f269acd (diff)
downloadchef-37a29399cfb0ea169835fe2fc7f52b982b9b4426.tar.gz
Add ::encryptor_keys to versioned encryptor classes.
Diffstat (limited to 'lib')
-rw-r--r--lib/chef/dsl/data_query.rb30
-rw-r--r--lib/chef/encrypted_data_bag_item/encryptor.rb12
2 files changed, 15 insertions, 27 deletions
diff --git a/lib/chef/dsl/data_query.rb b/lib/chef/dsl/data_query.rb
index d0de15ce1c..e99411d3df 100644
--- a/lib/chef/dsl/data_query.rb
+++ b/lib/chef/dsl/data_query.rb
@@ -87,39 +87,15 @@ class Chef
return false unless data.is_a?(Hash) && data.has_key?("version")
case data["version"]
when 1
- version_1_encryptor_keys == data.keys.sort
+ Chef::EncryptedDataBagItem::Encryptor::Version1Encryptor.encryptor_keys.sort == data.keys.sort
when 2
- version_2_encryptor_keys == data.keys.sort
+ Chef::EncryptedDataBagItem::Encryptor::Version2Encryptor.encryptor_keys.sort == data.keys.sort
when 3
- version_3_encryptor_keys == data.keys.sort
+ Chef::EncryptedDataBagItem::Encryptor::Version3Encryptor.encryptor_keys.sort == data.keys.sort
else
false # version means something else... assume not encrypted.
end
end
-
- ###
- # The below methods return arrays of keys that are assigned to encrypted
- # data hashes when a data bag item gets encrypted.
- ###
-
- # Chef::EncryptedDataBagItem::Encryptor::Version1Encryptor#for_encrypted_item
- # Keys added to the encrypted data hash.
- def version_1_encryptor_keys
- %w(encrypted_data iv cipher version).sort
- end
-
- # Chef::EncryptedDataBagItem::Encryptor::Version2Encryptor#for_encrypted_item
- # Keys added to the encrypted data hash.
- def version_2_encryptor_keys
- %w(encrypted_data hmac iv cipher version).sort
- end
-
- # Chef::EncryptedDataBagItem::Encryptor::Version3Encryptor#for_encrypted_item
- # Keys added to the encrypted data hash.
- def version_3_encryptor_keys
- %w(encrypted_data auth_tag iv cipher version).sort
- end
-
end
end
end
diff --git a/lib/chef/encrypted_data_bag_item/encryptor.rb b/lib/chef/encrypted_data_bag_item/encryptor.rb
index 6bf340869a..034413c1bd 100644
--- a/lib/chef/encrypted_data_bag_item/encryptor.rb
+++ b/lib/chef/encrypted_data_bag_item/encryptor.rb
@@ -125,6 +125,10 @@ class Chef::EncryptedDataBagItem
def serialized_data
FFI_Yajl::Encoder.encode(:json_wrapper => plaintext_data)
end
+
+ def self.encryptor_keys
+ %w( encrypted_data iv version cipher )
+ end
end
class Version2Encryptor < Version1Encryptor
@@ -149,6 +153,10 @@ class Chef::EncryptedDataBagItem
Base64.encode64(raw_hmac)
end
end
+
+ def self.encryptor_keys
+ super + %w( hmac )
+ end
end
class Version3Encryptor < Version1Encryptor
@@ -207,6 +215,10 @@ class Chef::EncryptedDataBagItem
end
end
+ def self.encryptor_keys
+ super + %w( auth_tag )
+ end
+
end
end