MCPcopy Index your code
hub / github.com/coder/coder / decryptField

Method decryptField

enterprise/dbcrypt/dbcrypt.go:958–988  ·  view source on GitHub ↗

decryptFields decrypts the given field using the key with the given digest. If the value fails to decrypt, sql.ErrNoRows will be returned.

(field *string, digest sql.NullString)

Source from the content-addressed store, hash-verified

956// decryptFields decrypts the given field using the key with the given digest.
957// If the value fails to decrypt, sql.ErrNoRows will be returned.
958func (db *dbCrypt) decryptField(field *string, digest sql.NullString) error {
959 if field == nil {
960 return xerrors.Errorf("developer error: decryptField called with nil field")
961 }
962
963 if !digest.Valid || digest.String == "" {
964 // This field is not encrypted.
965 return nil
966 }
967
968 key, ok := db.ciphers[digest.String]
969 if !ok {
970 return &DecryptFailedError{
971 Inner: xerrors.Errorf("no cipher with digest %q", digest.String),
972 }
973 }
974
975 data, err := b64decode(*field)
976 if err != nil {
977 // If it's not valid base64, we should complain loudly.
978 return &DecryptFailedError{
979 Inner: xerrors.Errorf("malformed encrypted field %q: %w", *field, err),
980 }
981 }
982 decrypted, err := key.Decrypt(data)
983 if err != nil {
984 return &DecryptFailedError{Inner: err}
985 }
986 *field = string(decrypted)
987 return nil
988}
989
990func (db *dbCrypt) ensureEncryptedWithRetry(ctx context.Context) error {
991 var err error

Callers 15

GetDBCryptKeysMethod · 0.95
GetUserLinkByLinkedIDMethod · 0.95
GetUserLinksByUserIDMethod · 0.95
InsertUserLinkMethod · 0.95
UpdateUserLinkMethod · 0.95
GetExternalAuthLinkMethod · 0.95
GetCryptoKeysMethod · 0.95

Calls 2

DecryptMethod · 0.65
ErrorfMethod · 0.45

Tested by 1

TestEncryptDecryptFieldFunction · 0.64