class Ansible::Vault::Encryptor
The class that handles encrypting data to be written to a file.
Public Instance Methods
encrypt(plaintext)
click to toggle source
Encrypt supplied plaintext, calculate HMAC, and pass to supplied {FileWriter}
@param [String] plaintext The source data to be encrypted
# File lib/ansible/vault/encryptor.rb, line 12 def encrypt(plaintext) padding_length = BLOCK_SIZE - plaintext.bytesize % BLOCK_SIZE padded_plaintext = (plaintext + (padding_length.chr * padding_length)).shred_later file.ciphertext = cipher(mode: :encrypt).update(padded_plaintext) + cipher.final file.salt = salt file.hmac = calculated_hmac end
Private Instance Methods
salt()
click to toggle source
# File lib/ansible/vault/encryptor.rb, line 22 def salt @salt ||= SecureRandom.random_bytes(KEY_LENGTH) end