diff options
author | Stuart Stock <stuart@int08h.com> | 2018-10-28 20:27:02 -0500 |
---|---|---|
committer | Stuart Stock <stuart@int08h.com> | 2018-10-28 20:27:02 -0500 |
commit | 846128d08bd3fcd72f23b3123b332d0692782e41 (patch) | |
tree | 744a99e904a11c4460d1eb134206c36d4d461ccb /src | |
parent | 9bd014d9225e5d9d408df4205ee0a4edd48dcd3f (diff) | |
download | roughenough-846128d08bd3fcd72f23b3123b332d0692782e41.zip |
Release 1.1.1 to correct missing aux data in AWS KMS decrypt path
Auxilliary data was not provided in encryption context provided
to AWS KMS decrypt() call, causing unwrapping to fail.
Diffstat (limited to 'src')
-rw-r--r-- | src/kms/awskms.rs | 4 | ||||
-rw-r--r-- | src/lib.rs | 2 |
2 files changed, 5 insertions, 1 deletions
diff --git a/src/kms/awskms.rs b/src/kms/awskms.rs index 4a244db..7ff131a 100644 --- a/src/kms/awskms.rs +++ b/src/kms/awskms.rs @@ -99,6 +99,10 @@ pub mod inner { let mut decrypt_req: DecryptRequest = Default::default(); decrypt_req.ciphertext_blob = encrypted_dek.clone(); + let mut dec_context = HashMap::new(); + dec_context.insert("AD".to_string(), AD.to_string()); + decrypt_req.encryption_context = Some(dec_context); + match self.kms_client.decrypt(decrypt_req).sync() { Ok(result) => { if let Some(plaintext_dek) = result.plaintext { @@ -84,7 +84,7 @@ pub use message::RtMessage; pub use tag::Tag; /// Version of Roughenough -pub const VERSION: &str = "1.1.0"; +pub const VERSION: &str = "1.1.1"; /// Roughenough version string enriched with any compile-time optional features pub fn roughenough_version() -> String { |