-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CORE-18635 Avro schemas for session encryption operations #1400
Conversation
Scanning for breaking API changes introduced by this PR Scan Succeeded |
Jenkins build for PR 1400 build 7 Build Successful: |
# Conflicts: # gradle.properties
# Conflicts: # gradle.properties
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a minor suggestion, as I found it easier to read if the order is consistent.
"doc": "Error result while performing encryption or decryption operation.", | ||
"namespace": "net.corda.data.crypto.wire.ops.encryption.response", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"doc": "Error result while performing encryption or decryption operation.", | |
"namespace": "net.corda.data.crypto.wire.ops.encryption.response", | |
"namespace": "net.corda.data.crypto.wire.ops.encryption.response", | |
"doc": "Error result while performing encryption or decryption operation.", |
"doc": "The symmetric key alias.", | ||
"type": ["null", "string"] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"doc": "The symmetric key alias.", | |
"type": ["null", "string"] | |
"type": ["null", "string"] | |
"doc": "The symmetric key alias.", |
"doc": "The symmetric key alias.", | ||
"type": ["null", "string"] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"doc": "The symmetric key alias.", | |
"type": ["null", "string"] | |
"type": ["null", "string"] | |
"doc": "The symmetric key alias.", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM.
"doc": "The data to decrypt." | ||
}, | ||
{ | ||
"name": "context", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think adding this context
was was decided at design level.
However, I have seen before a case where we have been using it while we shouldn't and we had to go in there and revert all of that, to use some other field instead back then (IRRC we used to pass the signature spec in context. This piece of work can be found here).
I would say if you are not planning on using it remove it as it will cause at the very least confusion on the API, like what is good for. It can always be added later if found it's needed which I doubt It will be needed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I prefer to remove it.
@dickon WDYT?
"doc": "Request to decrypt the given byte array", | ||
"fields": [ | ||
{ | ||
"name": "category", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: so this means we could be passing in any category. So for example LEDGER
(ledger keys are meant to be used for signing) to decrypt secrets. Should we be restricting this field with an enum of valid categories?
Quality Gate passedKudos, no new issues were introduced! 0 New issues |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK (crypto)
APIs for an implementation of encryption and decryption.
Runtime pull request in corda/corda-runtime-os#5258