(ctx context.Context, id string)
| 189 | } |
| 190 | |
| 191 | func (c *cache) VerifyingKey(ctx context.Context, id string) (interface{}, error) { |
| 192 | if !isSigningKeyFeature(c.feature) { |
| 193 | return nil, ErrInvalidFeature |
| 194 | } |
| 195 | |
| 196 | seq, err := strconv.ParseInt(id, 10, 32) |
| 197 | if err != nil { |
| 198 | return nil, xerrors.Errorf("parse id: %w", err) |
| 199 | } |
| 200 | //nolint:gocritic // cache can only read crypto keys. |
| 201 | ctx = dbauthz.AsKeyReader(ctx) |
| 202 | _, secret, err := c.cryptoKey(ctx, int32(seq)) |
| 203 | if err != nil { |
| 204 | return nil, xerrors.Errorf("crypto key: %w", err) |
| 205 | } |
| 206 | |
| 207 | return secret, nil |
| 208 | } |
| 209 | |
| 210 | func isEncryptionKeyFeature(feature codersdk.CryptoKeyFeature) bool { |
| 211 | return feature == codersdk.CryptoKeyFeatureWorkspaceAppsAPIKey |
nothing calls this directly
no test coverage detected