Update docs in prep for 1.6.1 #133
Conversation
CHANGELOG.md
Outdated
|
|
||
| ### Deprecation Warnings | ||
| * `AwsCrypto.encryptString()` and `AwsCrypto.decryptString()` are now deprecated. | ||
| Please move to `AwsCrypto.encryptData()` and `AwsCrypto.decryptData()` with manual Base64 encoding/decoding. |
There was a problem hiding this comment.
| Please move to `AwsCrypto.encryptData()` and `AwsCrypto.decryptData()` with manual Base64 encoding/decoding. | |
| Replace your calls to these methods with calls to `AwsCrypto.encryptData()` and `AwsCrypto.decryptData()`. These methods use manual Base64 encoding/decoding, so they are fully compatible with other language implementations of the AWS Encryption SDK. |
There was a problem hiding this comment.
The new methods don't use Base64 encoding and will require the developer to apply it themselves. Do you have better wording for that?
There was a problem hiding this comment.
Replace your calls to these methods with calls to AwsCrypto.encryptData() and AwsCrypto.decryptData(). Because these methods don't perform any Base64 encoding or decoding, they are fully compatible with other language implementations of the AWS Encryption SDK.
There was a problem hiding this comment.
Replace your calls to these methods with calls to AwsCrypto.encryptData() and AwsCrypto.decryptData(). Unlike the deprecated methods, these methods don't perform any Base64 encoding or decoding, so they are fully compatible with other language implementations of the AWS Encryption SDK.
If you need Base64 encoding or decoding for your application, you can add it outside of the AWS Encryption SDK.
README.md
Outdated
| As of version 1.6.1, | ||
| the AWS Encryption SDK will also work with Bouncy Castle FIPS (groupId: `org.bouncycastle`, artifactId: `bc-fips`). | ||
| Please follow Bouncy Castle's FIPS [documentation](https://www.bouncycastle.org/documentation.html), | ||
| including User Guides and Security Policy for proper installation and configuration. |
There was a problem hiding this comment.
| including User Guides and Security Policy for proper installation and configuration. | |
| For help installing and configuring Bouncy Castle FIPS, see Bouncy Castle's [BC FIPS Documentation](https://www.bouncycastle.org/documentation.html), | |
| including the User Guides and Security Policy. |
There was a problem hiding this comment.
I moved the end of the sentence to the beginning, so we can remove the end ("for proper installation and configuration"). Otherwise, it's redundant. If you want the "proper" in there, put it in the opening clause.
Change voice of CHANGELOG to declarative Co-Authored-By: June Blender <[email protected]>
Minor language fix Co-Authored-By: June Blender <[email protected]>
Minor language tweak Co-Authored-By: June Blender <[email protected]>
Minor language tweak Co-Authored-By: June Blender <[email protected]>
Minor language tweak Co-Authored-By: June Blender <[email protected]>
Co-Authored-By: June Blender <[email protected]>
Co-Authored-By: June Blender <[email protected]>
CHANGELOG.md
Outdated
|
|
||
| ### Deprecation Warnings | ||
| * `AwsCrypto.encryptString()` and `AwsCrypto.decryptString()` are now deprecated. | ||
| Please move to `AwsCrypto.encryptData()` and `AwsCrypto.decryptData()` with manual Base64 encoding/decoding. |
There was a problem hiding this comment.
Replace your calls to these methods with calls to AwsCrypto.encryptData() and AwsCrypto.decryptData(). Because these methods don't perform any Base64 encoding or decoding, they are fully compatible with other language implementations of the AWS Encryption SDK.
README.md
Outdated
|
|
||
| Bouncy Castle provides a cryptography API for Java. If you do not have Bouncy Castle, go to https://bouncycastle.org/latest_releases.html, then download the provider file that corresponds to your JDK. Or, you can pick it up from Maven: | ||
| The AWS Encryption SDK for Java uses Bouncy Castle for serializing and deserializing cryptographic objects. |
There was a problem hiding this comment.
| The AWS Encryption SDK for Java uses Bouncy Castle for serializing and deserializing cryptographic objects. | |
| The AWS Encryption SDK for Java uses Bouncy Castle to serialize and deserialize cryptographic objects. |
|
|
||
| Bouncy Castle provides a cryptography API for Java. If you do not have Bouncy Castle, go to https://bouncycastle.org/latest_releases.html, then download the provider file that corresponds to your JDK. Or, you can pick it up from Maven: | ||
| The AWS Encryption SDK for Java uses Bouncy Castle for serializing and deserializing cryptographic objects. | ||
| It does not explicitly use Bouncy Castle (or any other [JCA Provider](https://docs.oracle.com/javase/8/docs/api/java/security/Provider.html)) for the underlying cryptography. |
There was a problem hiding this comment.
"explicitly use?" Do we use anything implicitly? Or: It does not require Bouncy Castle (or ...).
There was a problem hiding this comment.
We do not specify the provider and thus receive the highest priority implementation from the JCA. We could explicitly request a provider (or explicitly use provider specific classes), in which case only that explicit provider could/would be used.
We don't know (or care) which provider we are using any more. It might be Bouncy Castle (if our callers have configured that to be the default), it might by the SUN provider (from Java), it might be ACCP.
README.md
Outdated
| As of version 1.6.1, | ||
| the AWS Encryption SDK will also work with Bouncy Castle FIPS (groupId: `org.bouncycastle`, artifactId: `bc-fips`). | ||
| Please follow Bouncy Castle's FIPS [documentation](https://www.bouncycastle.org/documentation.html), | ||
| including User Guides and Security Policy for proper installation and configuration. |
There was a problem hiding this comment.
I moved the end of the sentence to the beginning, so we can remove the end ("for proper installation and configuration"). Otherwise, it's redundant. If you want the "proper" in there, put it in the opening clause.
README.md
Outdated
| @@ -37,6 +42,10 @@ You don't need an Amazon Web Services (AWS) account to use this SDK, but some of | |||
|
|
|||
| * **To download and install the AWS SDK for Java**, go to [Installing the AWS SDK for Java](https://docs.aws.amazon.com/AWSSdkDocsJava/latest/DeveloperGuide/java-dg-install-sdk.html) in the AWS SDK for Java documentation and then follow the instructions on that page. | |||
|
|
|||
| #### Amazon Corretto Crypto Provider | |||
| Many users find that the Amazon Corretto Crypto Provider (ACCP) significantly improves the performance of the AWS Encryption SDK. | |||
| For help with installation and using ACCP, see the [ACCP GitHub Respository](https://github.com/corretto/amazon-corretto-crypto-provider) . | |||
There was a problem hiding this comment.
| For help with installation and using ACCP, see the [ACCP GitHub Respository](https://github.com/corretto/amazon-corretto-crypto-provider) . | |
| For help installing and using ACCP, see the [ACCP GitHub Respository](https://github.com/corretto/amazon-corretto-crypto-provider) . |
* Update docs in prep for 1.6.1 * Actually bump version for release
* Add a basic example for encrypting and decrypting with a KMS CMK (#136) * *Issue #, if available:* #108 *Description of changes:* Add a basic example for encrypting and decrypting with a KMS CMK. By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. # Check any applicable: - [ ] Were any files moved? Moving files changes their URL, which breaks all hyperlinks to the files. * Add test and Maven plugin to include examples directory as test source * Update docs in prep for 1.6.1 (#133) * Update docs in prep for 1.6.1 * Actually bump version for release * Fix for new versions of gpg * Refactor JceMasterKey to extract logic to be shared by raw keyrings. (#139) * Refactor JceMasterKey to extract logic to be shared by raw keyrings. *Issue #, if available:* #102 *Description of changes:* In anticipation of the RawAesKeyring and RawRsaKeyring needing logic currently embedded in the JceMasterKey, this change extracts that logic into the JceKeyCipher class so it may be shared. By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. - [ ] Were any files moved? Moving files changes their URL, which breaks all hyperlinks to the files. * fix: The final frame can not be larger than the Frame Length (#166) * Add validation to ensure the length of the final frame in the final frame header does not exceed the frame size specified in the message header. * Validate that frame length is positive for framed data * Reverting removal of variable frame length code * Reverting removal of variable frame length code * Fix spacing after if Co-authored-by: SalusaSecondus <[email protected]> Co-authored-by: Greg Rubin <[email protected]>
Description of changes:
Update docs in prep for 1.6.1
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
Check any applicable: