Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SNOW-1524263: Implement GCM encryption #753

Merged
merged 17 commits into from
Nov 14, 2024
Merged

SNOW-1524263: Implement GCM encryption #753

merged 17 commits into from
Nov 14, 2024

Conversation

sfc-gh-mkubik
Copy link
Contributor

@sfc-gh-mkubik sfc-gh-mkubik commented Oct 16, 2024
edited
Loading

Changes

  • Add support for GCM initialization - move initialize encryption and initalize decryption processes to a separate functions. GCM initialization takes more steps, the IV len is being set separately.
  • extract padding configuration to a separate function
  • add finalize(out, tag) method to finalize the GCM encryption or decryption. For encryption the finalize method returns the generated tag while for decryption the tag is being validated
  • add ERROR logs before throws in cases where something went wrong
  • add AAD option for GCM initialization

Testing

  • unit tests for both existing CBC and GCM mode

Next steps: enabling GCM once it's available in backend

  1. switch CipherContext mode to GCM
  2. switch finalize method to finalize(out, tag)
  3. update metadata in cloud clients
  4. test the solution e2e

@sfc-gh-mkubik sfc-gh-mkubik marked this pull request as ready for review October 17, 2024 09:03
@sfc-gh-mkubik sfc-gh-mkubik requested a review from a team as a code owner October 17, 2024 09:03
sfc-gh-jszczerbinski
sfc-gh-jszczerbinski reviewed Oct 17, 2024
View reviewed changes
cpp/crypto/CipherContext.cpp Outdated Show resolved Hide resolved
cpp/crypto/CipherContext.cpp Outdated Show resolved Hide resolved
sfc-gh-pfus
sfc-gh-pfus reviewed Oct 17, 2024
View reviewed changes
cpp/crypto/CipherContext.cpp Show resolved Hide resolved
cpp/crypto/CipherContext.cpp Outdated Show resolved Hide resolved
cpp/crypto/CipherContext.cpp Outdated Show resolved Hide resolved
tests/test_unit_encryption.cpp Outdated Show resolved Hide resolved
@sfc-gh-dprzybysz sfc-gh-dprzybysz changed the title Snow 1524263 implement gcm encryption SNOW-1524263: Implement GCM encryption Oct 17, 2024
@sfc-gh-mkubik sfc-gh-mkubik merged commit 64e0f71 into master Nov 14, 2024
43 checks passed
@sfc-gh-mkubik sfc-gh-mkubik deleted the SNOW-1524263-implement-gcm-encryption branch November 14, 2024 09:00
@github-actions github-actions bot locked and limited conversation to collaborators Nov 14, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@sfc-gh-jszczerbinski sfc-gh-jszczerbinski sfc-gh-jszczerbinski approved these changes

@sfc-gh-pfus sfc-gh-pfus sfc-gh-pfus approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@sfc-gh-mkubik @sfc-gh-pfus @sfc-gh-jszczerbinski