MCPcopy
hub / github.com/scality/cloudserver / createDecipherBundle

Method createDecipherBundle

lib/kms/wrapper.js:458–521  ·  view source on GitHub ↗

* createDecipherBundle * @param {object} serverSideEncryptionInfo - info for decryption * @param {number} serverSideEncryptionInfo.cryptoScheme - * cryptoScheme used * @param {string} serverSideEncryptionInfo.algorithm - * algorithm to use * @param {string} server

(serverSideEncryptionInfo, offset,
                                log, cb)

Source from the content-addressed store, hash-verified

456 * @callback called with (err, decipherBundle)
457 */
458 static createDecipherBundle(serverSideEncryptionInfo, offset,
459 log, cb) {
460 if (!serverSideEncryptionInfo.masterKeyId ||
461 !serverSideEncryptionInfo.cipheredDataKey ||
462 !serverSideEncryptionInfo.cryptoScheme) {
463 log.error('Invalid cryptographic information', { implName });
464 return cb(errors.InternalError);
465 }
466 const decipherBundle = {
467 cryptoScheme: serverSideEncryptionInfo.cryptoScheme,
468 decipher: null,
469 };
470
471 // shadowing global client for key - implName already used can't be shadowed here
472 const { error, client, implName: _impl, key } = getClientForKey(
473 serverSideEncryptionInfo.masterKeyId, log);
474 if (error) {
475 return cb(error);
476 }
477
478 return async.waterfall([
479 function decipherDataKey(next) {
480 return client.decipherDataKey(
481 decipherBundle.cryptoScheme,
482 key,
483 serverSideEncryptionInfo.cipheredDataKey,
484 log, (err, plainTextDataKey) => {
485 log.debug('deciphering a data key');
486 if (err) {
487 log.debug('error from kms',
488 { implName: _impl, error: err });
489 return next(err);
490 }
491 log.trace('data key deciphered by the kms');
492 return next(null, plainTextDataKey);
493 });
494 },
495 function createDecipher(plainTextDataKey, next) {
496 log.debug('creating a decipher');
497 return Common.createDecipher(decipherBundle.cryptoScheme,
498 plainTextDataKey, offset, log, (err, decipher) => {
499 plainTextDataKey.fill(0);
500 if (err) {
501 log.debug('error from kms',
502 { implName: _impl, error: err });
503 return next(err);
504 }
505 log.trace('decipher created by the kms');
506 return next(null, decipher);
507 });
508 },
509 function finishDecipherBundle(decipher, next) {
510 decipherBundle.decipher = decipher;
511 return next(null, decipherBundle);
512 },
513 ], (err, decipherBundle) => {
514 if (err) {
515 log.error('error processing decipher bundle',

Callers 2

objectGetFunction · 0.80
_utestCreateBundlePairFunction · 0.80

Calls 5

getClientForKeyFunction · 0.85
errorMethod · 0.80
debugMethod · 0.80
traceMethod · 0.80
createDecipherMethod · 0.80

Tested by

no test coverage detected