func()

in client/confidentialspace/confidentialspace.go [100:125]

• 18 lines of code
• 7 McCabe index (conditional complexity)

func (c *Config) FindMatchingCredentials(kekURI string, mode configpb.CredentialMode) string {
	// Return empty if not in Confidential Space.
	if !c.tokenFileFound {
		return ""
	}

	for _, cred := range c.inner.GetKekCredentials() {
		// Check the mode matches.
		if cred.GetMode() == configpb.CredentialMode_DEFAULT_ENCRYPT_AND_DECRYPT_MODE || cred.GetMode() == mode {
			// Check the KEK pattern matches.
			match, err := regexp.MatchString(cred.GetKekUriPattern(), kekURI)

			// If there was an error, log and move to the next set of credentials.
			if err != nil {
				glog.Errorf("Invalid KEK URI pattern: %s", cred.GetKekUriPattern())
				continue
			}

			if match {
				return CreateJSONCredentials(cred, c.tokenFile)
			}
		}
	}

	return ""
}