Decrypt takes a decrypt request and decrypts the provided ciphertext with the provided key, returning the decrypted result
(ctx context.Context, req *DecryptRequest)
| 282 | // Decrypt takes a decrypt request and decrypts the provided ciphertext with the provided key, returning the decrypted |
| 283 | // result |
| 284 | func (ks Server) Decrypt(ctx context.Context, |
| 285 | req *DecryptRequest) (*DecryptResponse, error) { |
| 286 | key := req.Key |
| 287 | var response *DecryptResponse |
| 288 | switch k := key.KeyType.(type) { |
| 289 | case *Key_PgpKey: |
| 290 | plaintext, err := ks.decryptWithPgp(k.PgpKey, req.Ciphertext) |
| 291 | if err != nil { |
| 292 | return nil, err |
| 293 | } |
| 294 | response = &DecryptResponse{ |
| 295 | Plaintext: plaintext, |
| 296 | } |
| 297 | case *Key_KmsKey: |
| 298 | plaintext, err := ks.decryptWithKms(k.KmsKey, req.Ciphertext) |
| 299 | if err != nil { |
| 300 | return nil, err |
| 301 | } |
| 302 | response = &DecryptResponse{ |
| 303 | Plaintext: plaintext, |
| 304 | } |
| 305 | case *Key_GcpKmsKey: |
| 306 | plaintext, err := ks.decryptWithGcpKms(k.GcpKmsKey, req.Ciphertext) |
| 307 | if err != nil { |
| 308 | return nil, err |
| 309 | } |
| 310 | response = &DecryptResponse{ |
| 311 | Plaintext: plaintext, |
| 312 | } |
| 313 | case *Key_AzureKeyvaultKey: |
| 314 | plaintext, err := ks.decryptWithAzureKeyVault(k.AzureKeyvaultKey, req.Ciphertext) |
| 315 | if err != nil { |
| 316 | return nil, err |
| 317 | } |
| 318 | response = &DecryptResponse{ |
| 319 | Plaintext: plaintext, |
| 320 | } |
| 321 | case *Key_VaultKey: |
| 322 | plaintext, err := ks.decryptWithVault(k.VaultKey, req.Ciphertext) |
| 323 | if err != nil { |
| 324 | return nil, err |
| 325 | } |
| 326 | response = &DecryptResponse{ |
| 327 | Plaintext: plaintext, |
| 328 | } |
| 329 | case *Key_AgeKey: |
| 330 | plaintext, err := ks.decryptWithAge(k.AgeKey, req.Ciphertext) |
| 331 | if err != nil { |
| 332 | return nil, err |
| 333 | } |
| 334 | response = &DecryptResponse{ |
| 335 | Plaintext: plaintext, |
| 336 | } |
| 337 | case *Key_HckmsKey: |
| 338 | plaintext, err := ks.decryptWithHckms(k.HckmsKey, req.Ciphertext) |
| 339 | if err != nil { |
| 340 | return nil, err |
| 341 | } |
nothing calls this directly
no test coverage detected