Skip to content

fix(core): Let default basic keymanager work again #2858

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Oct 30, 2025
Merged

fix(core): Let default basic keymanager work again #2858

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
362c360
fix(core): Let default basic keymanager work again
dmihalcik-virtru Oct 30, 2025
709d23d
Update delegating_key_service.go
dmihalcik-virtru Oct 30, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 4 additions & 13 deletions service/trust/delegating_key_service.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -119,9 +119,6 @@ func (d *DelegatingKeyService) Decrypt(ctx context.Context, keyID KeyIdentifier,
}

pcfg := keyDetails.ProviderConfig()
if pcfg == nil {
return nil, fmt.Errorf("decrypt: key details for key ID '%s' returned nil ProviderConfig", keyID)
}
manager, err := d.getKeyManager(ctx, pcfg)
if err != nil {
return nil, fmt.Errorf("decrypt: unable to get key manager [%s#%s]: %w", pcfg.GetManager(), pcfg.GetName(), err)
Expand All @@ -137,9 +134,6 @@ func (d *DelegatingKeyService) DeriveKey(ctx context.Context, keyID KeyIdentifie
}

pcfg := keyDetails.ProviderConfig()
if pcfg == nil {
return nil, fmt.Errorf("derive: key details for key ID '%s' returned nil ProviderConfig", keyID)
}
manager, err := d.getKeyManager(ctx, pcfg)
if err != nil {
return nil, fmt.Errorf("derive: unable to get key manager [%s#%s]: %w", pcfg.GetManager(), pcfg.GetName(), err)
Expand Down Expand Up @@ -212,9 +206,11 @@ func (d *DelegatingKeyService) _defKM(ctx context.Context) (KeyManager, error) {
}

func (d *DelegatingKeyService) getKeyManager(ctx context.Context, cfg *policy.KeyProviderConfig) (KeyManager, error) {
d.mutex.Lock()
if cfg == nil {
return d._defKM(ctx)
}

// Check For Manager First
d.mutex.Lock()
designation := keyManagerDesignation{
Manager: cfg.GetManager(),
Name: cfg.GetName(),
Expand All @@ -223,11 +219,7 @@ func (d *DelegatingKeyService) getKeyManager(ctx context.Context, cfg *policy.Ke
d.mutex.Unlock()
return manager.KeyManager, nil
}

// Check Factory
factory, factoryExists := d.managerFactories[designation.Manager]
// Read defaultMode under lock for comparison.
currentDefaultMode := d.defaultMode
allManagers := slices.Collect(maps.Keys(d.managerFactories))
d.mutex.Unlock()

Expand Down Expand Up @@ -258,7 +250,6 @@ func (d *DelegatingKeyService) getKeyManager(ctx context.Context, cfg *policy.Ke
d.l.Debug("key manager factory not found for name, attempting to use/load default",
slog.Any("key_managers", allManagers),
slog.Any("requested_name", designation),
slog.Any("configured_default_mode", currentDefaultMode),
)
return d._defKM(ctx) // _defKM handles erroring if the default manager itself cannot be loaded.
}
Loading