- feat: Add support for AWS-LC build in ESDK (#750)
- fix(default_cmm): track unset default alg separately (#687)
- fix: out-of-bounds constant in default_cmm.c (#752)
- docs(SupportPolicy): Mark 1.x End-of-Support (#756)
- fix: initialize buffer in cipher_openssl.c (#751)
- docs: Add missing library to compilation example (#697)
- docs(examples): adjust discovery example wording (#738)
- docs: Use recommended RSA padding mode (#522)
- feat(examples): add DiscoveryFilter example (#737)
- feat: Add CBMC proof-running GitHub Action (#763)
- fix: return type of aws_default_allocator stub in CBMC proofs (#760)
- feat: use latest aws-cpp-sdk (#761)
- fix: kms delay (#758)
- chore: Update CBMC starter kit (#753)
- ci(CodeBuild): run ubuntu latest in series (#747)
- chore: bump openssl (#746)
- chore: Update submodules (#725)
- chore: Remove CBMC CI configuration (#741)
- chore: Bump Litani version to 1.16.0 (#740)
- chore: Upgrade CBMC templates submodule (#739)
- chore: Add CODEOWNERS file (#733)
- Mark high-memory proofs expensive (#710)
- Simplify / update build instructions (#713)
- Update submodules (#726)
- Remove OOM test, as OOM is no longer possible from aws allocators (#728)
- Pin newer aws-sdk-cpp in macOS CI builds (#729)
- Add support policy.
- Fix missing include in
kms_mrk_keyring.hthat could result in compilation failure.
-
AWS KMS multi-Region Key support
Added the new keyring KmsMrkAwareSymmetricKeyring that support AWS KMS multi-Region keys. Added the helper MultiKeyringBuilder that compose multiple KmsMrkAwareSymmetricKeyrings together to handle multiple CMKs.
See https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html for more details about AWS KMS multi-Region Keys. See https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/configure.html#config-mrks for more details about how the AWS Encryption SDK interoperates with AWS KMS multi-Region keys.
-
Improvements to the message decryption process.
See https://github.com/aws/aws-encryption-sdk-c/security/advisories/GHSA-r8cc-xhh9-rg65
-
Updates to the AWS Encryption SDK. c43d706
This change includes fixes for issues that were reported by Thai Duong from Google's Security team, and for issues that were identified by AWS Cryptography.
See: https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/migration.html
- AWS KMS KeyIDs must be specified explicitly or Discovery mode explicitly chosen.
- Key committing suites are now default.
- CommitmentPolicy requires commitment by default.
-
Updates to the AWS Encryption SDK. 4ba5825
This change includes fixes for issues that were reported by Thai Duong from Google's Security team, and for issues that were identified by AWS Cryptography.
See: https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/migration.html
- Add security reporting instruction. (#467)
- Cbmc to master (#454)
- aws-cpp-sdk dependency bump to version 1.7.231
- Modified Doxygen config file to generate dependency graphs #376
- Ran reformat #426
- Strengthen memory_order for refcount_down #433
- Update PR template #391
- Refreshing the clang-format file and checking the version #430
- Fix MultiKeyringNew proof so it runs again. #444
- Windows build fixes #446
- OSX build steps and README updates #453
- Fix duplicate in encryption context deserialization bug #408
- Fix a bug where framefmt serialize returns a wrong ciphertext size #385
- Fix: Improve initialization. #451
- Changed links from awslabs to aws
- Initial stable release
- Added API function to make session from keyring
- Added API function to make caching CMM from keyring
- Added
_from_cmmto end ofaws_cryptosdk_caching_cmm_newfunction name - Changed
aws_cryptosdk_session_get_algorithmtoaws_cryptosdk_session_get_alg_id - Fixed HKDF bug
- Fixed empty string bug on git version of KMS user agent
- Local tests only by default
- Fix of MAP_ANONYMOUS issue for older Linuxes
- Fixed cmake bug regarding git version of KMS user agent
- Added CBMC header file needed by newer aws-c-common versions
- Initial public release