MCPcopy Index your code
hub / github.com/getsops/sops / Encrypt

Method Encrypt

age/keysource.go:163–196  ·  view source on GitHub ↗

Encrypt takes a SOPS data key, encrypts it with the Recipient, and stores the result in the EncryptedKey field.

(dataKey []byte)

Source from the content-addressed store, hash-verified

161// Encrypt takes a SOPS data key, encrypts it with the Recipient, and stores
162// the result in the EncryptedKey field.
163func (key *MasterKey) Encrypt(dataKey []byte) error {
164 if key.parsedRecipient == nil {
165 parsedRecipient, err := parseRecipient(key.Recipient)
166 if err != nil {
167 log.WithField("recipient", key.parsedRecipient).Info("Encryption failed")
168 return err
169 }
170 key.parsedRecipient = parsedRecipient
171 }
172
173 var buffer bytes.Buffer
174 aw := armor.NewWriter(&buffer)
175 w, err := age.Encrypt(aw, key.parsedRecipient)
176 if err != nil {
177 log.WithField("recipient", key.parsedRecipient).Info("Encryption failed")
178 return fmt.Errorf("failed to create writer for encrypting sops data key with age: %w", err)
179 }
180 if _, err := w.Write(dataKey); err != nil {
181 log.WithField("recipient", key.parsedRecipient).Info("Encryption failed")
182 return fmt.Errorf("failed to encrypt sops data key with age: %w", err)
183 }
184 if err := w.Close(); err != nil {
185 log.WithField("recipient", key.parsedRecipient).Info("Encryption failed")
186 return fmt.Errorf("failed to close writer for encrypting sops data key with age: %w", err)
187 }
188 if err := aw.Close(); err != nil {
189 log.WithField("recipient", key.parsedRecipient).Info("Encryption failed")
190 return fmt.Errorf("failed to close armored writer: %w", err)
191 }
192
193 key.SetEncryptedDataKey(buffer.Bytes())
194 log.WithField("recipient", key.parsedRecipient).Info("Encryption succeeded")
195 return nil
196}
197
198// EncryptIfNeeded encrypts the provided SOPS data key, if it has not been
199// encrypted yet.

Callers 2

EncryptIfNeededMethod · 0.95
TestMasterKey_EncryptFunction · 0.95

Calls 3

SetEncryptedDataKeyMethod · 0.95
parseRecipientFunction · 0.85
EncryptMethod · 0.65

Tested by 1

TestMasterKey_EncryptFunction · 0.76