Skip to content

Feature merge #47

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Aug 29, 2018
Merged

Feature merge #47

merged 5 commits into from
Aug 29, 2018

Conversation

SalusaSecondus
Copy link
Contributor

This pull-request is a roll-up to synchronize functionality and release several minor features.

Together these changes are sufficiently important that a minor version bump to 1.12.0 is included in this PR.

Changes:

  • Minor version change to 1.12.0
  • Dependency versions are updated
  • Added MetaStore.replicate to make it easier to copy data-keys from one MetaStore to another
  • Better support for non-standard JCA providers
  • Fixed thread-safety issue in LRUCache

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

bdonlan
bdonlan suggested changes Aug 29, 2018
View reviewed changes
src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/DynamoDBEncryptor.java Outdated
@@ -371,6 +380,10 @@ private void actualDecryption(Map<String, AttributeValue> itemAttributes,
}
}

protected int getBlockSize(final String encryptionMode) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should be static.

src/main/java/com/amazonaws/services/dynamodbv2/datamodeling/encryption/DynamoDBEncryptor.java
cipherText.put(iv);
cipher.init(Cipher.ENCRYPT_MODE, encryptionKey, Utils.getRng());
cipherText = ByteBuffer.allocate(blockSize + cipher.getOutputSize(plainText.remaining()));
cipherText.position(blockSize);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Block size may not equal IV size, depending on the mode (e.g. AES-GCM would use a 12 byte IV with a 16 byte block size.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In this data-format version of the client they must be the same. It's a limitation of the format which we cannot change until we do a more significant version rev.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please leave a comment to this effect, and a runtime check to confirm that the returned iv array is the correct size.

@SalusaSecondus SalusaSecondus merged commit c4fc260 into aws:master Aug 29, 2018
@SalusaSecondus SalusaSecondus mentioned this pull request Aug 29, 2018
Merged
seebees pushed a commit that referenced this pull request Dec 12, 2023
@SalusaSecondus
Merge pull request #47 from SalusaSecondus/allIvsFix
6385048 
Fix FrameEncryptionHandlerVeryLongTest so that last frame is final.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bdonlan bdonlan bdonlan approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@SalusaSecondus @bdonlan