( storedKey: string, apiEncryptionKey: string | null )
| 72 | * value looks encrypted but the caller has no encryption key. |
| 73 | */ |
| 74 | export function deriveKeyHashForStoredKey( |
| 75 | storedKey: string, |
| 76 | apiEncryptionKey: string | null |
| 77 | ): string { |
| 78 | if (isEncryptedKey(storedKey)) { |
| 79 | if (!apiEncryptionKey) { |
| 80 | throw new Error('API_ENCRYPTION_KEY is required to decrypt an encrypted stored key') |
| 81 | } |
| 82 | return hashApiKey(decryptApiKey(storedKey, apiEncryptionKey)) |
| 83 | } |
| 84 | return hashApiKey(storedKey) |
| 85 | } |
| 86 | |
| 87 | interface BackfillStats { |
| 88 | scanned: number |
no test coverage detected