diff --git a/.github/workflows/daily_ci.yml b/.github/workflows/daily_ci.yml index ed5cf7e78..3073749df 100644 --- a/.github/workflows/daily_ci.yml +++ b/.github/workflows/daily_ci.yml @@ -61,6 +61,11 @@ jobs: uses: ./.github/workflows/library_rust_tests.yml with: dafny: ${{needs.getVersion.outputs.version}} + daily-ci-go: + needs: getVersion + uses: ./.github/workflows/ci_test_go.yml + with: + dafny: ${{needs.getVersion.outputs.version}} daily-ci-net-test-vectors: needs: getVersion uses: ./.github/workflows/ci_test_vector_net.yml diff --git a/DynamoDbEncryption/Makefile b/DynamoDbEncryption/Makefile index 5138879c0..1ad542b3e 100644 --- a/DynamoDbEncryption/Makefile +++ b/DynamoDbEncryption/Makefile @@ -164,6 +164,21 @@ STRUCTUREDENCRYPTION_INDEX_FILE_PATH=dafny/StructuredEncryption/src/Index.dfy STRUCTUREDENCRYPTION_INDEX_FILE_WITH_EXTERN_STRING="module {:extern \"software.amazon.cryptography.dbencryptionsdk.structuredencryption.internaldafny\" } StructuredEncryption" STRUCTUREDENCRYPTION_INDEX_FILE_WITHOUT_EXTERN_STRING="module StructuredEncryption" +# Target to restore all directories in a list +# TODO: Remove this once we don't copy all of the directories into implementation and test https://sim.amazon.com/issues/CrypTool-5447 +RESTORE_DIRS := README.md +_polymorph_go: restore_directories +restore_directories: + @for dir in $(RESTORE_DIRS); do \ + if [ -d "runtimes/go/ImplementationFromDafny-go/$$dir" ]; then \ + cp -Rf runtimes/go/ImplementationFromDafny-go/$$dir runtimes/go/; \ + rm -rf runtimes/go/ImplementationFromDafny-go/$$dir; \ + rm -rf runtimes/go/TestsFromDafny-go/$$dir; \ + else \ + echo "Directory $$dir not found"; \ + fi \ + done + _sed_types_file_remove_extern: $(MAKE) _sed_file SED_FILE_PATH=$(DYNAMODB_TYPES_FILE_PATH) SED_BEFORE_STRING=$(DYNAMODB_TYPES_FILE_WITH_EXTERN_STRING) SED_AFTER_STRING=$(DYNAMODB_TYPES_FILE_WITHOUT_EXTERN_STRING) $(MAKE) _sed_file SED_FILE_PATH=$(ITEMENCRYPTOR_TYPES_FILE_PATH) SED_BEFORE_STRING=$(ITEMENCRYPTOR_TYPES_FILE_WITH_EXTERN_STRING) SED_AFTER_STRING=$(ITEMENCRYPTOR_TYPES_FILE_WITHOUT_EXTERN_STRING) diff --git a/DynamoDbEncryption/README.md b/DynamoDbEncryption/README.md index 85f552d91..66714cc01 100644 --- a/DynamoDbEncryption/README.md +++ b/DynamoDbEncryption/README.md @@ -40,6 +40,13 @@ Within `runtimes/java`: - `src/` contains all hand written Dotnet code, including externs, and also all Smithy to Rust generated code. - `src/implementation_from_dafny.cs` contains all Dafny to .NET transpiled code. +#### Go + +`runtimes/go` contains the Go related code and build instructions for this project. + +- `ImplementationFromDafny-go/` contains all the implementation code which is Smithy to Go generated code, Dafny to Go transpiled code and hand written Go code +- `TestsFromDafny-go` contains all the test code which is Smithy to Go generated code, Dafny to Go transpiled code and hand written Go code. + ### Development Common Makefile targets are: @@ -83,6 +90,8 @@ Common Makefile targets are: - `make test_net_mac_intel` builds and tests the transpiled code in .NET in an Intel-MacOS environment. - `make transpile_rust` transpiles all of the Dafny code into runtimes/rust/src/implementation_from_dafny. - `make polymorph_rust` transpiles the smithy files into untimes/rust/src/\*.rs +- `make transpile_go` transpiles all of the Dafny code into runtimes/go/\*.go +- `make polymorph_go` transpiles the smithy files into runtimes/go/\*.go ### Development Requirements diff --git a/DynamoDbEncryption/runtimes/go/README.md b/DynamoDbEncryption/runtimes/go/README.md new file mode 100644 index 000000000..25d4f5ccb --- /dev/null +++ b/DynamoDbEncryption/runtimes/go/README.md @@ -0,0 +1,83 @@ +# AWS Database Encryption SDK for DynamoDB in Go + +The AWS Database Encryption SDK (DB-ESDK) for DynamoDB in Go is a client-side encryption +library that allows you to perform attribute-level encryption, enabling you to encrypt specific +attribute values within items before storing them in your DynamoDB table. All encryption and +decryption are performed within your application. This lets you protect sensitive data in-transit +and at-rest, as data cannot be exposed unless decrypted by your application. + +For more details about the design and architecture of the DB-ESDK for DynamoDB, +see the [AWS Database Encryption SDK Developer Guide](https://docs.aws.amazon.com/database-encryption-sdk/latest/devguide/). + +# Security + +If you discover a potential security issue in this project +we ask that you notify AWS/Amazon Security via our +[vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). +Please **do not** create a public GitHub issue. + +# Support Policy + +See [Support Policy](./SUPPORT_POLICY.rst) for details +on the current support status of all major versions of this library. + +## Giving Feedback + +We need your help in making this SDK great. +Please participate in the community and contribute to this effort by +submitting issues, +participating in discussion forums and +submitting pull requests through the following channels: + +- Submit [issues](https://github.com/aws/aws-database-encryption-sdk-dynamodb/issues) + \- this is the **preferred** channel to interact with our team +- Articulate your + [feature request](https://github.com/aws/aws-database-encryption-sdk-dynamodb/issues?q=is%3Aopen+is%3Aissue+label%3A%22feature-request%22) + or upvote existing ones +- Ask [questions](https://repost.aws/tags/TAc3VKZnkNQyimpHnCHetNOQ/aws-crypto-tools) on AWS re:Post under AWS Crypto Tools tag + +# Getting Started + +## Required Prerequisites + +To use the DB-ESDK for DynamoDB in Go, you must have: + +### A supported version of Go + +- Go 1.23 or later is required by AWS Encryption SDK for Go. + +For more information on downloading and installing Go, see [Go installation](https://go.dev/doc/install) + +### AWS Integration + +You need an Amazon Web Services (AWS) account to use the DB-ESDK for DynamoDB as it's specifically designed to work with Amazon DynamoDB. Optionally, you can use AWS Key Management Service (AWS KMS) as your main keyring provider. + +- **To create an AWS account**, go to + [Sign In or Create an AWS Account](https://portal.aws.amazon.com/gp/aws/developer/registration/index.html) + and then choose **I am a new user.** + Follow the instructions to create an AWS account. + +- **(Optional) To create a key in AWS KMS**, see + [Creating Keys](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html). + +### Amazon Corretto Crypto Provider + +Many developers find that the Amazon Corretto Crypto Provider (ACCP) +significantly improves the performance of the library. +For help installing and using ACCP, see the +[amazon-corretto-crypto-provider repository](https://github.com/corretto/amazon-corretto-crypto-provider). + +## Using the DB-ESDK for DynamoDB in Java + +There are several ways to use the library. +More details are provided in the +[AWS Database Encryption SDK Developer Guide](https://docs.aws.amazon.com/database-encryption-sdk/latest/devguide/). +Also see the [Examples](Examples/runtimes/go/). + +# Contributing + +See [CONTRIBUTING](CONTRIBUTING.md) for more information. + +# License + +This project is licensed under the Apache-2.0 License.