MCPcopy
hub / github.com/getsops/sops / DetectKMSEncryptionContextBug

Function DetectKMSEncryptionContextBug

cmd/sops/common/common.go:203–217  ·  view source on GitHub ↗

DetectKMSEncryptionContextBug returns true if the encryption context bug is detected in a given runtime sops.Tree object

(tree *sops.Tree)

Source from the content-addressed store, hash-verified

201// DetectKMSEncryptionContextBug returns true if the encryption context bug is detected
202// in a given runtime sops.Tree object
203func DetectKMSEncryptionContextBug(tree *sops.Tree) (bool, error) {
204 versionCheck, err := version.AIsNewerThanB(KMS_ENC_CTX_BUG_FIXED_VERSION, tree.Metadata.Version)
205 if err != nil {
206 return false, err
207 }
208
209 if versionCheck {
210 _, _, key := GetKMSKeyWithEncryptionCtx(tree)
211 if key != nil {
212 return true, nil
213 }
214 }
215
216 return false, nil
217}
218
219// GetKMSKeyWithEncryptionCtx returns the first KMS key affected by the encryption context bug as well as its location in the key groups.
220func GetKMSKeyWithEncryptionCtx(tree *sops.Tree) (keyGroupIndex int, keyIndex int, key *kms.MasterKey) {

Callers 1

Calls 2

AIsNewerThanBFunction · 0.92

Tested by

no test coverage detected