aws
diff --git a/‎.eslintrc.js
Lines changed: 7 additions & 2 deletions b/‎.eslintrc.js
Lines changed: 7 additions & 2 deletions
diff --git a/‎buildspec.yml
Lines changed: 5 additions & 1 deletion b/‎buildspec.yml
Lines changed: 5 additions & 1 deletion
diff --git a/‎karma.conf.js
Lines changed: 49 additions & 21 deletions b/‎karma.conf.js
Lines changed: 49 additions & 21 deletions
diff --git a/‎modules/cache-material/src/build_cryptographic_materials_cache_key_helpers.ts
Lines changed: 1 addition & 1 deletion b/‎modules/cache-material/src/build_cryptographic_materials_cache_key_helpers.ts
Lines changed: 1 addition & 1 deletion
diff --git a/‎modules/cache-material/src/caching_cryptographic_materials_decorators.ts
Lines changed: 16 additions & 4 deletions b/‎modules/cache-material/src/caching_cryptographic_materials_decorators.ts
Lines changed: 16 additions & 4 deletions
diff --git a/‎modules/cache-material/test/caching_cryptographic_materials_decorators.test.ts
Lines changed: 10 additions & 0 deletions b/‎modules/cache-material/test/caching_cryptographic_materials_decorators.test.ts
Lines changed: 10 additions & 0 deletions
diff --git a/‎modules/caching-materials-manager-browser/src/caching_materials_manager_browser.ts
Lines changed: 1 addition & 1 deletion b/‎modules/caching-materials-manager-browser/src/caching_materials_manager_browser.ts
Lines changed: 1 addition & 1 deletion
diff --git a/‎modules/caching-materials-manager-node/src/caching_materials_manager_node.ts
Lines changed: 1 addition & 1 deletion b/‎modules/caching-materials-manager-node/src/caching_materials_manager_node.ts
Lines changed: 1 addition & 1 deletion
diff --git a/‎modules/caching-materials-manager-node/test/caching_materials_manager_node.test.ts
Lines changed: 1 addition & 1 deletion b/‎modules/caching-materials-manager-node/test/caching_materials_manager_node.test.ts
Lines changed: 1 addition & 1 deletion
diff --git a/‎modules/client-browser/Readme.md
Lines changed: 6 additions & 0 deletions b/‎modules/client-browser/Readme.md
Lines changed: 6 additions & 0 deletions
diff --git a/‎modules/client-browser/src/index.ts
Lines changed: 14 additions & 0 deletions b/‎modules/client-browser/src/index.ts
Lines changed: 14 additions & 0 deletions
diff --git a/‎modules/client-node/Readme.md
Lines changed: 6 additions & 1 deletion b/‎modules/client-node/Readme.md
Lines changed: 6 additions & 1 deletion
@@ -42,7 +42,10 @@ module.exports = {
     // it is good for understanding
     // for the source files to get more detailed
     // as you read down from the top.
-    'no-use-before-define': ['error', { functions: false }],
+    // Note: eslint has gotten better
+    // at parsing typescript
+    // and now errors for interfaces as well.
+    'no-use-before-define': 'off',
     '@typescript-eslint/no-use-before-define': ['error', { functions: false }],
     // This is used in a few specific ways.
     // It may be that adding this to overrides for the tests
@@ -74,7 +77,9 @@ module.exports = {
     '@typescript-eslint/no-empty-interface': 'off',
     // To minimize the source change,
     // this is turned of.
-    '@typescript-eslint/ban-ts-ignore': 'off',
+    '@typescript-eslint/ban-ts-comment': ['error', { 'ts-ignore': false }],
+    // This rule fights with Prettier and no-semi
+    '@typescript-eslint/no-extra-semi': 'off',
   },
   // This is a good rule,
   // but in many tests,
 
@@ -1,11 +1,15 @@
 version: 0.2
 
+env:
+    variables:
+        NODE_OPTIONS: "--max-old-space-size=4096"
+
 phases:
     install:
         runtime-versions:
             nodejs: 10
         commands:
-            - npm ci
+            - npm ci --unsafe-perm
             - npm run build
     build:
         commands:
 
@@ -3,8 +3,9 @@
 
 // Karma configuration
 
-module.exports = function (config) {
+const credentialsPromise = require('@aws-sdk/credential-provider-node').defaultProvider()()
 
+module.exports = function (config) {
   process.on('infrastructure_error', (error) => {
     /* @aws-sdk/karma-credential-loader get credential
      * as configured by the AWS SDK.
@@ -14,7 +15,7 @@ module.exports = function (config) {
      * The following will log errors link this,
      * but still let the karma-server shut down.
      */
-    console.error('infrastructure_error', error);
+    console.error('infrastructure_error', error)
   })
 
   config.set({
@@ -30,7 +31,7 @@ module.exports = function (config) {
     },
     webpack: {
       resolve: {
-        extensions: [ '.ts', '.js' ]
+        extensions: ['.ts', '.js'],
       },
       mode: 'development',
       module: {
@@ -43,47 +44,49 @@ module.exports = function (config) {
                 options: {
                   logInfoToStdOut: true,
                   projectReferences: true,
-                  configFile: `${__dirname}/tsconfig.module.json`
-                }
-              }
+                  configFile: `${__dirname}/tsconfig.module.json`,
+                },
+              },
             ],
             exclude: /node_modules/,
           },
           {
             test: /\.ts$/,
-            exclude: [ /\/test\// ],
+            exclude: [/\/test\//],
             enforce: 'post',
             use: {
               loader: 'istanbul-instrumenter-loader',
-              options: { esModules: true }
-            }
-          }
-        ]
+              options: { esModules: true },
+            },
+          },
+        ],
       },
       stats: {
         colors: true,
         modules: true,
         reasons: true,
-        errorDetails: true
+        errorDetails: true,
       },
       devtool: 'inline-source-map',
       node: {
-        fs: 'empty'
-      }
+        fs: 'empty',
+      },
     },
     coverageIstanbulReporter: {
-      reports: [ 'json' ],
+      reports: ['json'],
       dir: '.karma_output',
-      fixWebpackSourcePaths: true
+      fixWebpackSourcePaths: true,
     },
     plugins: [
-      '@aws-sdk/karma-credential-loader',
+      {
+        'preprocessor:credentials': ['factory', createCredentialPreprocessor],
+      },
       'karma-chrome-launcher',
       'karma-mocha',
       'karma-chai',
       'karma-webpack',
       'karma-coverage-istanbul-reporter',
-      'karma-json-fixtures-preprocessor'
+      'karma-json-fixtures-preprocessor',
     ],
     reporters: ['progress', 'coverage-istanbul'],
     port: 9876,
@@ -94,11 +97,36 @@ module.exports = function (config) {
     customLaunchers: {
       ChromeHeadlessDisableCors: {
         base: 'ChromeHeadless',
-        flags: ['--disable-web-security', '--no-sandbox']
-      }
+        flags: ['--disable-web-security', '--no-sandbox'],
+      },
     },
     singleRun: true,
     concurrency: Infinity,
-    exclude: ['**/*.d.ts']
+    exclude: ['**/*.d.ts'],
   })
 }
+
+function createCredentialPreprocessor() {
+  return async function (content, file, done) {
+    // strip the extension from the file since it won't match the preprocessor pattern
+    const fileName = file.originalPath
+    // add region and credentials to each file
+    const region = process.env.AWS_SMOKE_TEST_REGION || ''
+    const credentials = await credentialsPromise
+    // This will affect the generated (ES5) JS
+    const regionCode = `var defaultRegion = '${region}';`
+    const credentialsCode = `var credentials = ${JSON.stringify(credentials)};`
+    const isBrowser = `var isBrowser = true;`
+    const contents = content.split('\n')
+    let idx = -1
+    for (let i = 0; i < contents.length; i++) {
+      const line = contents[i]
+      if (line.indexOf(fileName) !== -1) {
+        idx = i
+        break
+      }
+    }
+    contents.splice(idx + 1, 0, regionCode, credentialsCode, isBrowser)
+    done(contents.join('\n'))
+  }
+}
@@ -92,7 +92,7 @@ export interface CryptographicMaterialsCacheKeyHelpersInterface<
 > {
   buildEncryptionMaterialCacheKey(
     partition: string,
-    { suite, encryptionContext }: EncryptionRequest<S>
+    { suite, encryptionContext }: Omit<EncryptionRequest<S>, 'commitmentPolicy'>
   ): Promise<string>
   buildDecryptionMaterialCacheKey(
     partition: string,
 
@@ -86,14 +86,23 @@ export function getEncryptionMaterials<S extends SupportedAlgorithmSuites>({
     this: CachingMaterialsManager<S>,
     request: EncryptionRequest<S>
   ): Promise<EncryptionMaterial<S>> {
-    const { suite, encryptionContext, plaintextLength } = request
+    const {
+      suite,
+      encryptionContext,
+      plaintextLength,
+      commitmentPolicy,
+    } = request
+
     /* Check for early return (Postcondition): If I can not cache the EncryptionMaterial, do not even look. */
     if (
       (suite && !suite.cacheSafe) ||
       typeof plaintextLength !== 'number' ||
       plaintextLength < 0
     ) {
-      return this._backingMaterialsManager.getEncryptionMaterials(request)
+      const material = await this._backingMaterialsManager.getEncryptionMaterials(
+        request
+      )
+      return material
     }
 
     const cacheKey = await buildEncryptionMaterialCacheKey(this._partition, {
@@ -112,7 +121,7 @@ export function getEncryptionMaterials<S extends SupportedAlgorithmSuites>({
       /* Strip any information about the plaintext from the backing request,
        * because the resulting response may be used to encrypt multiple plaintexts.
        */
-      .getEncryptionMaterials({ suite, encryptionContext, plaintextLength })
+      .getEncryptionMaterials({ suite, encryptionContext, commitmentPolicy })
 
     /* Check for early return (Postcondition): If I can not cache the EncryptionMaterial, just return it. */
     if (!material.suite.cacheSafe) return material
@@ -157,7 +166,10 @@ export function decryptMaterials<S extends SupportedAlgorithmSuites>({
     const { suite } = request
     /* Check for early return (Postcondition): If I can not cache the DecryptionMaterial, do not even look. */
     if (!suite.cacheSafe) {
-      return this._backingMaterialsManager.decryptMaterials(request)
+      const material = await this._backingMaterialsManager.decryptMaterials(
+        request
+      )
+      return material
     }
 
     const cacheKey = await buildDecryptionMaterialCacheKey(
 
@@ -21,6 +21,7 @@ import {
   EncryptedDataKey,
   NodeEncryptionMaterial,
   NodeDecryptionMaterial,
+  CommitmentPolicy,
 } from '@aws-crypto/material-management'
 
 describe('decorateProperties', () => {
@@ -33,6 +34,7 @@ describe('decorateProperties', () => {
       partition: 'something',
       maxBytesEncrypted: 100,
       maxMessagesEncrypted: 200,
+      commitmentPolicy: CommitmentPolicy.FORBID_ENCRYPT_ALLOW_DECRYPT,
     } as any)
 
     expect(test._cache).to.equal('cache')
@@ -121,6 +123,7 @@ describe('cacheEntryHasExceededLimits', () => {
     partition: 'something',
     maxBytesEncrypted,
     maxMessagesEncrypted,
+    commitmentPolicy: CommitmentPolicy.FORBID_ENCRYPT_ALLOW_DECRYPT,
   } as any)
 
   test.cacheEntryHasExceededLimits = cacheEntryHasExceededLimits()
@@ -275,6 +278,7 @@ describe('Cryptographic Material Functions', () => {
     _cacheEntryHasExceededLimits: cacheEntryHasExceededLimits(),
     getEncryptionMaterials: getEncryptionMaterials(cacheKeyHelpers),
     decryptMaterials: decryptMaterials(cacheKeyHelpers),
+    _commitmentPolicy: CommitmentPolicy.FORBID_ENCRYPT_ALLOW_DECRYPT,
   } as any
 
   describe('getEncryptionMaterials', () => {
@@ -310,6 +314,7 @@ describe('Cryptographic Material Functions', () => {
         _cacheEntryHasExceededLimits: cacheEntryHasExceededLimits(),
         getEncryptionMaterials: getEncryptionMaterials(cacheKeyHelpers),
         decryptMaterials: decryptMaterials(cacheKeyHelpers),
+        _commitmentPolicy: CommitmentPolicy.FORBID_ENCRYPT_ALLOW_DECRYPT,
       } as any
 
       const testSuiteCacheSafe = await testCMM.getEncryptionMaterials({
@@ -356,6 +361,7 @@ describe('Cryptographic Material Functions', () => {
         decryptMaterials: () => {
           throw new Error('this should never happen')
         },
+        _commitmentPolicy: CommitmentPolicy.FORBID_ENCRYPT_ALLOW_DECRYPT,
       } as any
 
       await testCMM.getEncryptionMaterials({
@@ -444,6 +450,7 @@ describe('Cryptographic Material Functions', () => {
         decryptMaterials: () => {
           throw new Error('this should never happen')
         },
+        _commitmentPolicy: CommitmentPolicy.FORBID_ENCRYPT_ALLOW_DECRYPT,
       } as any
 
       const test = await testCMM.getEncryptionMaterials({
@@ -539,6 +546,7 @@ describe('Cryptographic Material Functions', () => {
         decryptMaterials: () => {
           throw new Error('this should never happen')
         },
+        _commitmentPolicy: CommitmentPolicy.FORBID_ENCRYPT_ALLOW_DECRYPT,
       } as any
 
       const test = await testCMM.getEncryptionMaterials({
@@ -582,6 +590,7 @@ describe('Cryptographic Material Functions', () => {
           },
         },
         _backingMaterialsManager,
+        _commitmentPolicy: CommitmentPolicy.FORBID_ENCRYPT_ALLOW_DECRYPT,
         _cacheEntryHasExceededLimits: cacheEntryHasExceededLimits(),
         getEncryptionMaterials: getEncryptionMaterials(cacheKeyHelpers),
         decryptMaterials: decryptMaterials(cacheKeyHelpers),
@@ -618,6 +627,7 @@ describe('Cryptographic Material Functions', () => {
           assertCount += 1
           return false
         },
+        _commitmentPolicy: CommitmentPolicy.FORBID_ENCRYPT_ALLOW_DECRYPT,
         getEncryptionMaterials: getEncryptionMaterials(cacheKeyHelpers),
         decryptMaterials: decryptMaterials(cacheKeyHelpers),
       } as any
 
@@ -8,8 +8,8 @@ import {
   decryptMaterials,
   cacheEntryHasExceededLimits,
   buildCryptographicMaterialsCacheKeyHelpers,
-  CachingMaterialsManagerInput,
   CryptographicMaterialsCache,
+  CachingMaterialsManagerInput,
 } from '@aws-crypto/cache-material'
 import {
   WebCryptoMaterialsManager,
 
@@ -8,8 +8,8 @@ import {
   decryptMaterials,
   cacheEntryHasExceededLimits,
   buildCryptographicMaterialsCacheKeyHelpers,
-  CachingMaterialsManagerInput,
   CryptographicMaterialsCache,
+  CachingMaterialsManagerInput,
 } from '@aws-crypto/cache-material'
 import {
   NodeMaterialsManager,
 
@@ -8,9 +8,9 @@ import { NodeCachingMaterialsManager } from '../src/index'
 import {} from '@aws-crypto/cache-material'
 import {
   KeyringNode,
-  NodeDefaultCryptographicMaterialsManager,
   NodeEncryptionMaterial,
   NodeDecryptionMaterial,
+  NodeDefaultCryptographicMaterialsManager,
 } from '@aws-crypto/material-management-node'
 
 describe('NodeCachingMaterialsManager', () => {
 
@@ -26,6 +26,12 @@ npm install @aws-crypto/client-browser
 
 ## use
 
+For detailed code examples
+that show you how to these modules
+to create keyrings 
+and encrypt and decrypt data,
+install the [example-browser](https://github.com/aws/aws-encryption-sdk-javascript/tree/master/modules/example-browser) module. 
+
 ```javascript
 
 /* Start by constructing a keyring. We'll create a KMS keyring.
 
@@ -9,3 +9,17 @@ export * from '@aws-crypto/kms-keyring-browser'
 export * from '@aws-crypto/raw-aes-keyring-browser'
 export * from '@aws-crypto/raw-rsa-keyring-browser'
 export * from '@aws-crypto/web-crypto-backend'
+
+import { CommitmentPolicy } from '@aws-crypto/material-management-browser'
+
+import { buildEncrypt } from '@aws-crypto/encrypt-browser'
+import { buildDecrypt } from '@aws-crypto/decrypt-browser'
+
+export function buildClient(
+  commitmentPolicy: CommitmentPolicy
+): ReturnType<typeof buildEncrypt> & ReturnType<typeof buildDecrypt> {
+  return {
+    ...buildEncrypt(commitmentPolicy),
+    ...buildDecrypt(commitmentPolicy),
+  }
+}
@@ -25,9 +25,14 @@ npm install @aws-crypto/client-node
 
 ## use
 
+For detailed code examples
+that show you how to these modules
+to create keyrings 
+and encrypt and decrypt data,
+install the [example-node](https://github.com/aws/aws-encryption-sdk-javascript/tree/master/modules/example-node) module. 
+
 ```javascript
 
-const { KmsKeyringNode, encrypt, decrypt } = require('@aws-crypto/client-node')
 /* Start by constructing a keyring. We'll create a KMS keyring.
  * Specify an AWS Key Management Service (AWS KMS) customer master key (CMK) to be the
  * generator key in the keyring. This CMK generates a data key and encrypts it.