MCPcopy
hub / github.com/getsops/sops / GetKMSKeyWithEncryptionCtx

Function GetKMSKeyWithEncryptionCtx

cmd/sops/common/common.go:220–238  ·  view source on GitHub ↗

GetKMSKeyWithEncryptionCtx returns the first KMS key affected by the encryption context bug as well as its location in the key groups.

(tree *sops.Tree)

Source from the content-addressed store, hash-verified

218
219// GetKMSKeyWithEncryptionCtx returns the first KMS key affected by the encryption context bug as well as its location in the key groups.
220func GetKMSKeyWithEncryptionCtx(tree *sops.Tree) (keyGroupIndex int, keyIndex int, key *kms.MasterKey) {
221 for i, kg := range tree.Metadata.KeyGroups {
222 for n, k := range kg {
223 kmsKey, ok := k.(*kms.MasterKey)
224 if ok {
225 if len(kmsKey.EncryptionContext) >= 2 {
226 duplicateValues := map[string]int{}
227 for _, v := range kmsKey.EncryptionContext {
228 duplicateValues[*v] = duplicateValues[*v] + 1
229 }
230 if len(duplicateValues) > 1 {
231 return i, n, kmsKey
232 }
233 }
234 }
235 }
236 }
237 return 0, 0, nil
238}
239
240// GenericDecryptOpts represents decryption options and config
241type GenericDecryptOpts struct {

Callers 2

Calls

no outgoing calls

Tested by

no test coverage detected