Open patmantru opened 4 days ago
Ran into something similar after regenerating keys. The error kas / sdk returned wasn't really clear what the exact issue was.
time=2024-06-24T13:53:09.391Z level=DEBUG msg="default rewrap algorithm" namespace=kas
time=2024-06-24T13:53:09.392Z level=WARN msg="failure to decrypt dek" namespace=kas err="error decrypting data: x509.ParsePKCS8PrivateKey failed: crypto/rsa: decryption error"
time=2024-06-24T13:53:09.393Z level=ERROR msg="rewrap tdf3" err="request error\nrpc error: code = InvalidArgument desc = bad request"
the same 'bad request' error text appears in multiple error paths, making it more difficult to diagnose this sort of thing. It would be better if there were unique responses to the different conditions. Even something with filename+linenumber would be better.
Not the only example, but one case that illustrates the problem:
https://github.com/opentdf/platform/blob/588827c6b4b7b1c0b8f39002eefd294357b5a206/service/kas/access/rewrap.go#L193