decryptKeyGroup tries to decrypt the contents of the provided KeyGroup with any of the MasterKeys in the KeyGroup with any of the provided key services, returning as soon as one key service succeeds.
(group KeyGroup, svcs []keyservice.KeyServiceClient, decryptionOrder []string)
| 878 | // any of the MasterKeys in the KeyGroup with any of the provided key services, |
| 879 | // returning as soon as one key service succeeds. |
| 880 | func decryptKeyGroup(group KeyGroup, svcs []keyservice.KeyServiceClient, decryptionOrder []string) ([]byte, error) { |
| 881 | var keyErrs []error |
| 882 | // Sort MasterKeys in the group so we try them in specific order |
| 883 | // Use sorted indices to avoid group slice modification |
| 884 | indices := sortKeyGroupIndices(group, decryptionOrder) |
| 885 | for _, indexVal := range indices { |
| 886 | key := group[indexVal] |
| 887 | part, err := decryptKey(key, svcs) |
| 888 | if err != nil { |
| 889 | keyErrs = append(keyErrs, err) |
| 890 | } else { |
| 891 | return part, nil |
| 892 | } |
| 893 | } |
| 894 | return nil, decryptKeyErrors(keyErrs) |
| 895 | } |
| 896 | |
| 897 | // sortKeyGroupIndices returns indices that would sort the KeyGroup |
| 898 | // according to decryptionOrder |
no test coverage detected