-
Notifications
You must be signed in to change notification settings - Fork 50
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[PM-6108] Add support for missing AES decrypt types #335
Conversation
No New Or Fixed Issues Found |
a89e868
to
a76b21b
Compare
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## main #335 +/- ##
=======================================
Coverage ? 58.90%
=======================================
Files ? 171
Lines ? 10211
Branches ? 0
=======================================
Hits ? 6015
Misses ? 4196
Partials ? 0 ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we add some tests to confirm we're decrypting this correctly?
// TODO: SymmetricCryptoKey is designed to handle 32 byte keys only, but this | ||
// variant uses a 16 byte key This means the key+mac are going to be | ||
// parsed as a single 32 byte key, at the moment we split it manually | ||
// When refactoring the key handling, this should be fixed. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we have a ticket for this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I created a new one in SDK future: PM-6164
Type of change
Objective
Add support for the missing AES decryption types:
AesCbc256_B64
andAesCbc128_HmacSha256_B64
.Note that
SymmetricCryptoKey
at the moment expects 32 byte keys, and AES128 used 16 byte keys, so the 16byte key+mac get parsed as a single 32byte key. At the moment we just split it by hand, but ultimately we would need to handle this better in a future refactor.