Closed justinrhammonds closed 1 year ago
Thank you @justinrhammonds for this PR. It helped the team diagnose the issue much faster! We ended up addressing this issue via this PR, we also added some unit tests. The fix has been released in version 2.0.5 on 02/13/2023.
Description
Replaces the referenced algorithm (instructions.MaterialsDescription[EncryptionUtils.XAmzEncryptionContextCekAlg]), which evaluates to null with the algortithm referenced as a property on instructions (instructions.cekAlgorithm) which is populated with the expected algorithm earlier in the call stack.
Motivation and Context
Fixes issue #26 where the content encryption algorithm used at encryption time does not match the algorithm stored for decryption time. The end-result is users of the library will be able to client side decryption library in cases such as my use case, where we have SES store emails as encrypted s3 objects and wish to decrypt those objects in our code.
Testing
I first used JetBrains dotPeek to decompile a version I could test against my particular use case. Once I made the appropriate change in that local version, I took the main changes from that fix and updated this repo. Once updated, I tested the code change by executing the code locally. I verified that this code is only utilized inside s3 object decryption, so it wouldn't impact other functionality outside of that scope.
Types of changes
Checklist