* createDecipherBundle * @param {object} serverSideEncryptionInfo - info for decryption * @param {number} serverSideEncryptionInfo.cryptoScheme - * cryptoScheme used * @param {string} serverSideEncryptionInfo.algorithm - * algorithm to use * @param {string} server
(serverSideEncryptionInfo, offset,
log, cb)
| 456 | * @callback called with (err, decipherBundle) |
| 457 | */ |
| 458 | static createDecipherBundle(serverSideEncryptionInfo, offset, |
| 459 | log, cb) { |
| 460 | if (!serverSideEncryptionInfo.masterKeyId || |
| 461 | !serverSideEncryptionInfo.cipheredDataKey || |
| 462 | !serverSideEncryptionInfo.cryptoScheme) { |
| 463 | log.error('Invalid cryptographic information', { implName }); |
| 464 | return cb(errors.InternalError); |
| 465 | } |
| 466 | const decipherBundle = { |
| 467 | cryptoScheme: serverSideEncryptionInfo.cryptoScheme, |
| 468 | decipher: null, |
| 469 | }; |
| 470 | |
| 471 | // shadowing global client for key - implName already used can't be shadowed here |
| 472 | const { error, client, implName: _impl, key } = getClientForKey( |
| 473 | serverSideEncryptionInfo.masterKeyId, log); |
| 474 | if (error) { |
| 475 | return cb(error); |
| 476 | } |
| 477 | |
| 478 | return async.waterfall([ |
| 479 | function decipherDataKey(next) { |
| 480 | return client.decipherDataKey( |
| 481 | decipherBundle.cryptoScheme, |
| 482 | key, |
| 483 | serverSideEncryptionInfo.cipheredDataKey, |
| 484 | log, (err, plainTextDataKey) => { |
| 485 | log.debug('deciphering a data key'); |
| 486 | if (err) { |
| 487 | log.debug('error from kms', |
| 488 | { implName: _impl, error: err }); |
| 489 | return next(err); |
| 490 | } |
| 491 | log.trace('data key deciphered by the kms'); |
| 492 | return next(null, plainTextDataKey); |
| 493 | }); |
| 494 | }, |
| 495 | function createDecipher(plainTextDataKey, next) { |
| 496 | log.debug('creating a decipher'); |
| 497 | return Common.createDecipher(decipherBundle.cryptoScheme, |
| 498 | plainTextDataKey, offset, log, (err, decipher) => { |
| 499 | plainTextDataKey.fill(0); |
| 500 | if (err) { |
| 501 | log.debug('error from kms', |
| 502 | { implName: _impl, error: err }); |
| 503 | return next(err); |
| 504 | } |
| 505 | log.trace('decipher created by the kms'); |
| 506 | return next(null, decipher); |
| 507 | }); |
| 508 | }, |
| 509 | function finishDecipherBundle(decipher, next) { |
| 510 | decipherBundle.decipher = decipher; |
| 511 | return next(null, decipherBundle); |
| 512 | }, |
| 513 | ], (err, decipherBundle) => { |
| 514 | if (err) { |
| 515 | log.error('error processing decipher bundle', |
no test coverage detected