MCPcopy
hub / github.com/getsops/sops / decryptKeyGroup

Function decryptKeyGroup

sops.go:880–895  ·  view source on GitHub ↗

decryptKeyGroup tries to decrypt the contents of the provided KeyGroup with any of the MasterKeys in the KeyGroup with any of the provided key services, returning as soon as one key service succeeds.

(group KeyGroup, svcs []keyservice.KeyServiceClient, decryptionOrder []string)

Source from the content-addressed store, hash-verified

878// any of the MasterKeys in the KeyGroup with any of the provided key services,
879// returning as soon as one key service succeeds.
880func decryptKeyGroup(group KeyGroup, svcs []keyservice.KeyServiceClient, decryptionOrder []string) ([]byte, error) {
881 var keyErrs []error
882 // Sort MasterKeys in the group so we try them in specific order
883 // Use sorted indices to avoid group slice modification
884 indices := sortKeyGroupIndices(group, decryptionOrder)
885 for _, indexVal := range indices {
886 key := group[indexVal]
887 part, err := decryptKey(key, svcs)
888 if err != nil {
889 keyErrs = append(keyErrs, err)
890 } else {
891 return part, nil
892 }
893 }
894 return nil, decryptKeyErrors(keyErrs)
895}
896
897// sortKeyGroupIndices returns indices that would sort the KeyGroup
898// according to decryptionOrder

Callers 1

Calls 3

sortKeyGroupIndicesFunction · 0.85
decryptKeyFunction · 0.85
decryptKeyErrorsTypeAlias · 0.85

Tested by

no test coverage detected