Verification of version and type on deserialization base64 encoding error #42
Description
When deserializing an encrypted blob.
The version and type are fixed.
However binary data is often stored as a base64 encoded string.
This is especially true of the AWS Encryption SDK Java functions encryptString.
Customers will take a base64 encoded string and pass this to a decrypt function without the proper decoding, resulting in a failure.
Since the version and type are fixed,
and these values can be translated into their base64 equivalent,
when the blob is rejected as invalid,
the notification can suggest that this failure is an encoding issue.
This may be codified into the specification
or as a recommendation for implementations.
Changes needed:
- Specification
- Javascript:
fix: version and type are required by the message format aws/aws-encryption-sdk-javascript#217 - C
Base64 error messaging in version and type verification aws/aws-encryption-sdk-c#445 - CLI
Base64 error messaging in version and type verification aws/aws-encryption-sdk-cli#162 - Java
Base64 error messaging in version and type verification aws/aws-encryption-sdk-java#124 - Python
Base64 error messaging in version and type verification aws/aws-encryption-sdk-python#192
Metadata
Metadata
Assignees
Labels
No labels