From 616780963b75dea6c9fc745128900207d81ab12e Mon Sep 17 00:00:00 2001 From: texastony <5892063+texastony@users.noreply.github.com> Date: Tue, 10 May 2022 14:06:08 -0700 Subject: [PATCH 1/2] feat(Example): NonSigningAlgorithmSuiteExample --- .../non-signing-algorithm-suite.md | 63 +++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 examples/templates/configuration/non-signing-algorithm-suite.md diff --git a/examples/templates/configuration/non-signing-algorithm-suite.md b/examples/templates/configuration/non-signing-algorithm-suite.md new file mode 100644 index 00000000..063b1e2d --- /dev/null +++ b/examples/templates/configuration/non-signing-algorithm-suite.md @@ -0,0 +1,63 @@ +[//]: # "Copyright Amazon.com Inc. or its affiliates. All Rights Reserved." +[//]: # "SPDX-License-Identifier: CC-BY-SA-4.0" + +# NonSigning Algorithm Suite example + +Implementations of this example MUST follow the rules defined in +[Example Templates](../../../examples.md#example-templates). + +## Implementations + +- [NET](https://github.com/aws/aws-encryption-sdk-dafny/blob/mainline/aws-encryption-sdk-net/Examples/NonSigningAlgorithmSuiteExample.cs) + +## Definitions + +### Conventions used in this document + +The key words +"MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", +"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" +in this document are to be interpreted as described in +[RFC 2119](https://tools.ietf.org/html/rfc2119). + +## Header + +```c# +/// Demonstrate an encrypt/decrypt cycle using a raw AES keyring and a non-signing Algorithm Suite. +/// This also demonstrates how to customize the Algorithm Suite used to encrypt the plaintext. +/// For a full list of the Algorithm Suites the Encryption SDK supports, +/// see https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/algorithms-reference.html +``` + +## Summary + +```c# +/// Demonstrate an encrypt/decrypt cycle using a non-signing Algorithm Suite. +``` + +## Inputs + +- **plaintext** : + Plaintext to encrypt + +## Steps + +1. Instantiate the EncryptionSDK and a Keyring + +2. Encrypt the plaintext with a non-signing algorithm. + +```c# +// Here, we customize the Algorithm Suite that is used to Encrypt the plaintext. +// In particular, we use an Algorithm Suite without Signing. +// Signature verification adds a significant performance cost on decryption. +// If the users encrypting data and the users decrypting data are equally trusted, +// consider using an algorithm suite that does not include signing. +// See more about Digital Signatures: +// https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/concepts.html#digital-sigs +``` + +3. Demonstrate that the ciphertext and plaintext are different. + +4. Decrypt the ciphertext + +5. Demonstrate that the decrypted plaintext and the plaintext are the same. From e5e2a0e9ecb768de5442baab61d33b72db7c9fad Mon Sep 17 00:00:00 2001 From: texastony <5892063+texastony@users.noreply.github.com> Date: Wed, 15 Jun 2022 17:27:02 -0700 Subject: [PATCH 2/2] fix(example): remove comment syntax --- .../non-signing-algorithm-suite.md | 30 +++++++++---------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/examples/templates/configuration/non-signing-algorithm-suite.md b/examples/templates/configuration/non-signing-algorithm-suite.md index 063b1e2d..271c7cec 100644 --- a/examples/templates/configuration/non-signing-algorithm-suite.md +++ b/examples/templates/configuration/non-signing-algorithm-suite.md @@ -22,17 +22,17 @@ in this document are to be interpreted as described in ## Header -```c# -/// Demonstrate an encrypt/decrypt cycle using a raw AES keyring and a non-signing Algorithm Suite. -/// This also demonstrates how to customize the Algorithm Suite used to encrypt the plaintext. -/// For a full list of the Algorithm Suites the Encryption SDK supports, -/// see https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/algorithms-reference.html +``` +Demonstrate an encrypt/decrypt cycle using a raw AES keyring and a non-signing Algorithm Suite. +This also demonstrates how to customize the Algorithm Suite used to encrypt the plaintext. +For a full list of the Algorithm Suites the Encryption SDK supports, +see https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/algorithms-reference.html ``` ## Summary -```c# -/// Demonstrate an encrypt/decrypt cycle using a non-signing Algorithm Suite. +``` +Demonstrate an encrypt/decrypt cycle using a non-signing Algorithm Suite. ``` ## Inputs @@ -46,14 +46,14 @@ in this document are to be interpreted as described in 2. Encrypt the plaintext with a non-signing algorithm. -```c# -// Here, we customize the Algorithm Suite that is used to Encrypt the plaintext. -// In particular, we use an Algorithm Suite without Signing. -// Signature verification adds a significant performance cost on decryption. -// If the users encrypting data and the users decrypting data are equally trusted, -// consider using an algorithm suite that does not include signing. -// See more about Digital Signatures: -// https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/concepts.html#digital-sigs +``` +Here, we customize the Algorithm Suite that is used to Encrypt the plaintext. +In particular, we use an Algorithm Suite without Signing. +Signature verification adds a significant performance cost on decryption. +If the users encrypting data and the users decrypting data are equally trusted, +consider using an algorithm suite that does not include signing. +See more about Digital Signatures: +https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/concepts.html#digital-sigs ``` 3. Demonstrate that the ciphertext and plaintext are different.