if (secretData.hasEncryptedWith() && secretData.getEncryptedWith() != EncryptedWith.SECRET_KEY) {
throw new IllegalStateException();
}
UserSecretData userSecretData;
try {
userSecretData = unlock(secretData, secretToken, UserSecretData.newBuilder());
} catch (IOException e) {
log.debug("Error decoding secret data (likely because of wrong password)");
return null;
}
// This stuff is deprecated because we sign the secret data
if (userSecretData.hasDeprecatedVerifyPublicKey()) {
// throw new IllegalStateException();
log.warn("UserSecretData has deprecated verify public key");
//
// long hash =
// Hashing.md5().hashBytes(user.getPublicKey().getEncoded().toByteArray()).asLong();
// if (userSecretData.getDeprecatedVerifyPublicKey() != hash) {
// // This is unexpected
// log.warn("Verify public key did not match (but decode did not fail)");
// return null;
// }
} else if (userSecretData.hasDeprecatedVerifyUserId()) {
log.warn("UserSecretData has deprecated verify user id");
// // This is deprecated because it makes creation painful. A
// // pretty crappy reason, really.
// log.warn("Falling back to deprecated user id validation for user: {}",