address feddback

Author: josecorella

Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/keyring/KmsEcdhKeyringExample.java

@@ -178,9 +178,8 @@ public static void KmsEcdhKeyringGetItemPutItem(
   }
 
   /*
-    This example takes in the recipient's KMS ECC key ARN,
-    and the algorithm definition where the ECC keys lie.
-    The eccRecipientKeyArn parameter takes in the sender's KMS ECC key ARN
+    This example takes in the recipient's KMS ECC key ARN via
+    the eccRecipientKeyArn parameter.
 
     This example attempts to decrypt a test item using the provided eccRecipientKeyArn,
     it does so by checking if the message header contains the recipient's public key.
@@ -581,6 +580,8 @@ public static void main(final String[] args) {
       eccPublicKeyRecipientFilename = EXAMPLE_ECC_PUBLIC_KEY_RECIPIENT_FILENAME;
     }
     if (args.length == 5) {
+      eccPublicKeySenderFilename = args[2];
+      eccPublicKeyRecipientFilename = args[3];
       eccRecipientKeyArn = args[4];
     } else {
       eccRecipientKeyArn = null;

Examples/runtimes/java/DynamoDbEncryption/src/main/java/software/amazon/cryptography/examples/keyring/RawEcdhKeyringExample.java

@@ -195,7 +195,7 @@ public static void RawEcdhKeyringGetItemPutItem(
 
   /*
     This example takes in the recipient's public key located at EXAMPLE_ECC_PUBLIC_KEY_FILENAME_RECIPIENT
-    as a UTF8 PEM-encoded (PKCS #8 PrivateKeyInfo structures), and the Curve Specification where the key lies.
+    as a UTF8 PEM-encoded X.509 public key, and the Curve Specification where the key lies.
 
     This examples creates a RawECDH keyring with the EphemeralPrivateKeyToStaticPublicKey key agreement scheme.
     This configuration will always create a new key pair as the sender key pair for the key agreement operation.
@@ -252,7 +252,7 @@ public static void EphemeralRawEcdhKeyringPutItem(
     // This keyring uses an ephemeral configuration. This configuration will always create a new
     // key pair as the sender key pair for the key agreement operation. The ephemeral configuration can only
     // encrypt data and CANNOT decrypt messages.
-    // The DynamoDb encryption client uses this to encrypt and decrypt items.
+    // The DynamoDb encryption client uses this to encrypt items.
     final CreateRawEcdhKeyringInput keyringInput = CreateRawEcdhKeyringInput
       .builder()
       .curveSpec(ecdhCurveSpec)
@@ -283,7 +283,7 @@ public static void EphemeralRawEcdhKeyringPutItem(
 
   /*
     This example takes in the recipient's private key located at EXAMPLE_ECC_PRIVATE_KEY_FILENAME_RECIPIENT
-    as a UTF8 PEM-encoded X.509 public key, also known as SubjectPublicKeyInfo (SPKI),
+    as a UTF8 PEM-encoded (PKCS #8 PrivateKeyInfo structures) private key,
     and the Curve Specification where the key lies.
 
     This examples creates a RawECDH keyring with the PublicKeyDiscovery key agreement scheme.
@@ -319,7 +319,7 @@ public static void DiscoveryRawEcdhKeyringGetItem(
     // This keyring uses a discovery configuration. This configuration will check on decrypt
     // if it is meant to decrypt the message by checking if the configured public key is stored on the message.
     // The discovery configuration can only decrypt messages and CANNOT encrypt messages.
-    // The DynamoDb encryption client uses this to encrypt and decrypt items.
+    // The DynamoDb encryption client uses this to decrypt items.
     final CreateRawEcdhKeyringInput keyringInput = CreateRawEcdhKeyringInput
       .builder()
       .curveSpec(ecdhCurveSpec)

cfn/CI.yaml

@@ -64,131 +64,13 @@ Resources:
         WriteCapacityUnits: "5"
       TableName: !Ref TableName
 
-  #BasicTestJavaTable:
-  #  Type: AWS::DynamoDB::Table
-  #  Properties:
-  #    AttributeDefinitions:
-  #      - AttributeName: "partition_key"
-  #        AttributeType: "S"
-  #      - AttributeName: "sort_key"
-  #        AttributeType: "N"
-  #    KeySchema:
-  #      - AttributeName: "partition_key"
-  #        KeyType: "HASH"
-  #      - AttributeName: "sort_key"
-  #        KeyType: "RANGE"
-  #    ProvisionedThroughput:
-  #      ReadCapacityUnits: "5"
-  #      WriteCapacityUnits: "5"
-  #    TableName: !Ref BasicTestJavaTableName
-
-  #BasicTestDotnetTable:
-  #  Type: AWS::DynamoDB::Table
-  #  Properties:
-  #    AttributeDefinitions:
-  #      - AttributeName: "partition_key"
-  #        AttributeType: "S"
-  #      - AttributeName: "sort_key"
-  #        AttributeType: "N"
-  #    KeySchema:
-  #      - AttributeName: "partition_key"
-  #        KeyType: "HASH"
-  #      - AttributeName: "sort_key"
-  #        KeyType: "RANGE"
-  #    ProvisionedThroughput:
-  #      ReadCapacityUnits: "5"
-  #      WriteCapacityUnits: "5"
-  #    TableName: !Ref BasicTestDotnetTableName
-
-  #SearchTestJavaTable:
-  #  Type: AWS::DynamoDB::Table
-  #  Properties:
-  #    AttributeDefinitions:
-  #      - AttributeName: "aws_dbe_b_inspector_id_last4"
-  #        AttributeType: "S"
-  #      - AttributeName: "aws_dbe_b_last4UnitCompound"
-  #        AttributeType: "S"
-  #      - AttributeName: "aws_dbe_b_unit"
-  #        AttributeType: "S"
-  #      - AttributeName: "inspection_date"
-  #        AttributeType: "S"
-  #      - AttributeName: "work_id"
-  #        AttributeType: "S"
-  #    KeySchema:
-  #      - AttributeName: "work_id"
-  #        KeyType: "HASH"
-  #      - AttributeName: "inspection_date"
-  #        KeyType: "RANGE"
-  #    ProvisionedThroughput:
-  #      ReadCapacityUnits: "5"
-  #      WriteCapacityUnits: "5"
-  #    TableName: !Ref SearchTestJavaTableName
-  #    GlobalSecondaryIndexes:
-  #      - IndexName: "last4-unit-index"
-  #        KeySchema:
-  #          - AttributeName: "aws_dbe_b_inspector_id_last4"
-  #            KeyType: "HASH"
-  #          - AttributeName: "aws_dbe_b_unit"
-  #            KeyType: "RANGE"
-  #        Projection:
-  #          ProjectionType: ALL
-  #        ProvisionedThroughput:
-  #          ReadCapacityUnits: "5"
-  #          WriteCapacityUnits: "5"
-  #      - IndexName: "last4UnitCompound-index"
-  #        KeySchema:
-  #          - AttributeName: "aws_dbe_b_last4UnitCompound"
-  #            KeyType: "HASH"
-  #        Projection:
-  #          ProjectionType: ALL
-  #        ProvisionedThroughput:
-  #          ReadCapacityUnits: "5"
-  #          WriteCapacityUnits: "5"
-
-  #SearchTestDotnetTable:
-  #  Type: AWS::DynamoDB::Table
-  #  Properties:
-  #    AttributeDefinitions:
-  #      - AttributeName: "aws_dbe_b_inspector_id_last4"
-  #        AttributeType: "S"
-  #      - AttributeName: "aws_dbe_b_last4UnitCompound"
-  #        AttributeType: "S"
-  #      - AttributeName: "aws_dbe_b_unit"
-  #        AttributeType: "S"
-  #      - AttributeName: "inspection_date"
-  #        AttributeType: "S"
-  #      - AttributeName: "work_id"
-  #        AttributeType: "S"
-  #    KeySchema:
-  #      - AttributeName: "work_id"
-  #        KeyType: "HASH"
-  #      - AttributeName: "inspection_date"
-  #        KeyType: "RANGE"
-  #    ProvisionedThroughput:
-  #      ReadCapacityUnits: "5"
-  #      WriteCapacityUnits: "5"
-  #    TableName: !Ref SearchTestDotnetTableName
-  #    GlobalSecondaryIndexes:
-  #      - IndexName: "last4-unit-index"
-  #        KeySchema:
-  #          - AttributeName: "aws_dbe_b_inspector_id_last4"
-  #            KeyType: "HASH"
-  #          - AttributeName: "aws_dbe_b_unit"
-  #            KeyType: "RANGE"
-  #        Projection:
-  #          ProjectionType: ALL
-  #        ProvisionedThroughput:
-  #          ReadCapacityUnits: "5"
-  #          WriteCapacityUnits: "5"
-  #      - IndexName: "last4UnitCompound-index"
-  #        KeySchema:
-  #          - AttributeName: "aws_dbe_b_last4UnitCompound"
-  #            KeyType: "HASH"
-  #        Projection:
-  #          ProjectionType: ALL
-  #        ProvisionedThroughput:
-  #          ReadCapacityUnits: "5"
-  #          WriteCapacityUnits: "5"
+  # These tables were manually created but not used in CI
+  # If we have to start using them in CI we just have to add
+  # them to the policy below.
+  # BasicTestJavaTable:
+  # BasicTestDotnetTable:
+  # SearchTestJavaTable:
+  # SearchTestDotnetTable:
 
   TestTableWithSimpleBeaconIndex:
     Type: AWS::DynamoDB::Table