-
Notifications
You must be signed in to change notification settings - Fork 12
Fix #1822: Update vault unlock for crypto4 #2003
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: features/crypto4
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good
* @throws GenericServiceException Thrown in case vault unlock reason format is invalid. | ||
*/ | ||
private void checkVaultUnlockReason(String reason) throws GenericServiceException { | ||
if (reason != null && !reason.matches("[A-Za-z0-9_\\-.]{3,255}")) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This will compile the regex into Pattern
object every time. We can get some performance benefit by defining static final Pattern
.
* Decrypt the incoming AEAD request. | ||
* | ||
* @param request Vault unlock request. | ||
* @return Vault unlok decryption result. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
typo
* @return Vault unlok decryption result. | |
* @return Vault unlock decryption result. |
* @throws GenericServiceException Thrown in case key identifier is invalid. | ||
*/ | ||
private void checkKeyIdentifier(String keyIdentifier, AuthenticationCodeType authenticationCodeType, String applicationId) throws GenericServiceException { | ||
if (keyIdentifier == null) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the specification recommends a fallback to v3 if the identifier is null, but I guess this is solved by dedicated endpoints?
Implementation of vault unlock for crypto4.