MCPcopy Index your code
hub / github.com/saltstack/salt / encrypt

Method encrypt

salt/crypt.py:1999–2013  ·  view source on GitHub ↗

encrypt data with AES-CBC and sign it with HMAC-SHA256

(self, data)

Source from the content-addressed store, hash-verified

1997 return key[: -cls.SIG_SIZE], key[-cls.SIG_SIZE :]
1998
1999 def encrypt(self, data):
2000 """
2001 encrypt data with AES-CBC and sign it with HMAC-SHA256
2002 """
2003 aes_key, hmac_key = self.keys
2004 pad = self.AES_BLOCK_SIZE - len(data) % self.AES_BLOCK_SIZE
2005 data = data + salt.utils.stringutils.to_bytes(pad * chr(pad))
2006 iv_bytes = os.urandom(self.AES_BLOCK_SIZE)
2007 cipher = Cipher(algorithms.AES(aes_key), modes.CBC(iv_bytes))
2008 encryptor = cipher.encryptor()
2009 encr = encryptor.update(data)
2010 encr += encryptor.finalize()
2011 data = iv_bytes + encr
2012 sig = hmac.new(hmac_key, data, hashlib.sha256).digest()
2013 return data + sig
2014
2015 def decrypt(self, data):
2016 """

Callers 3

dumpsMethod · 0.95
handle_pool_publishMethod · 0.95
test_aes_encryptFunction · 0.95

Calls 3

finalizeMethod · 0.80
digestMethod · 0.80
updateMethod · 0.45

Tested by 1

test_aes_encryptFunction · 0.76