From fea0f83d78c9fd64deca21a399dc88436db37502 Mon Sep 17 00:00:00 2001 From: rishav-karanjit Date: Mon, 2 Jun 2025 09:25:06 -0700 Subject: [PATCH 01/12] auto commit --- .github/actions/polymorph_codegen/action.yml | 6 ++++++ .github/workflows/ci_test_go.yml | 13 ++++++++----- 2 files changed, 14 insertions(+), 5 deletions(-) diff --git a/.github/actions/polymorph_codegen/action.yml b/.github/actions/polymorph_codegen/action.yml index 302523dae..f349590a5 100644 --- a/.github/actions/polymorph_codegen/action.yml +++ b/.github/actions/polymorph_codegen/action.yml @@ -141,6 +141,12 @@ runs: run: | make polymorph_dotnet ${{ steps.dependencies.outputs.PROJECT_DEPENDENCIES }} + - name: Regenerate Go code using smithy-dafny + working-directory: ./${{ inputs.library }} + shell: bash + run: | + make polymorph_go ${{ steps.dependencies.outputs.PROJECT_DEPENDENCIES }} + - name: Check regenerated code against commited code # Composite action inputs seem to not actually support booleans properly for some reason if: inputs.diff-generated-code == 'true' diff --git a/.github/workflows/ci_test_go.yml b/.github/workflows/ci_test_go.yml index ae0819451..f314f8eef 100644 --- a/.github/workflows/ci_test_go.yml +++ b/.github/workflows/ci_test_go.yml @@ -116,11 +116,14 @@ jobs: CORES=$(node -e 'console.log(os.cpus().length)') make transpile_go CORES=$CORES - - name: Regenerate code using smithy-dafny - shell: bash - working-directory: ./${{ matrix.library }} - run: | - make polymorph_go + - name: Regenerate code using smithy-dafny if necessary + if: ${{ inputs.regenerate-code }} + uses: ./.github/actions/polymorph_codegen + with: + dafny: ${{ env.DAFNY_VERSION }} + library: ${{ matrix.library }} + diff-generated-code: false + update-and-regenerate-mpl: true - name: Copy ${{ matrix.library }} Vector Files if: ${{ matrix.library == 'TestVectors' }} From 49fd61983cac709ec55480ad62fa282af4989b7f Mon Sep 17 00:00:00 2001 From: rishav-karanjit Date: Mon, 2 Jun 2025 09:27:26 -0700 Subject: [PATCH 02/12] auto commit --- .github/workflows/daily_ci.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/daily_ci.yml b/.github/workflows/daily_ci.yml index ed5cf7e78..3073749df 100644 --- a/.github/workflows/daily_ci.yml +++ b/.github/workflows/daily_ci.yml @@ -61,6 +61,11 @@ jobs: uses: ./.github/workflows/library_rust_tests.yml with: dafny: ${{needs.getVersion.outputs.version}} + daily-ci-go: + needs: getVersion + uses: ./.github/workflows/ci_test_go.yml + with: + dafny: ${{needs.getVersion.outputs.version}} daily-ci-net-test-vectors: needs: getVersion uses: ./.github/workflows/ci_test_vector_net.yml From e6df4bac41b8a7cd9547f2d64b708d827a6f6344 Mon Sep 17 00:00:00 2001 From: rishav-karanjit Date: Mon, 2 Jun 2025 09:50:27 -0700 Subject: [PATCH 03/12] auto commit --- DynamoDbEncryption/README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/DynamoDbEncryption/README.md b/DynamoDbEncryption/README.md index 85f552d91..2262b764e 100644 --- a/DynamoDbEncryption/README.md +++ b/DynamoDbEncryption/README.md @@ -40,6 +40,13 @@ Within `runtimes/java`: - `src/` contains all hand written Dotnet code, including externs, and also all Smithy to Rust generated code. - `src/implementation_from_dafny.cs` contains all Dafny to .NET transpiled code. +#### Go + +`runtimes/go` contains the Go related code and build instructions for this project. + +- `ImplementationFromDafny-go/` contains all the implementation code which is Smithy to Go generated code, Dafny to Go transpiled code and hand written Go code +- `TestsFromDafny-go` contains all the test code which is Smithy to Go generated code, Dafny to Go transpiled code and hand written Go code. + ### Development Common Makefile targets are: From 909eea5e3645498c592e2b650a90ce61de1bd4d6 Mon Sep 17 00:00:00 2001 From: rishav-karanjit Date: Mon, 2 Jun 2025 10:39:08 -0700 Subject: [PATCH 04/12] auto commit --- DynamoDbEncryption/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/DynamoDbEncryption/README.md b/DynamoDbEncryption/README.md index 2262b764e..8bb2e859d 100644 --- a/DynamoDbEncryption/README.md +++ b/DynamoDbEncryption/README.md @@ -90,6 +90,8 @@ Common Makefile targets are: - `make test_net_mac_intel` builds and tests the transpiled code in .NET in an Intel-MacOS environment. - `make transpile_rust` transpiles all of the Dafny code into runtimes/rust/src/implementation_from_dafny. - `make polymorph_rust` transpiles the smithy files into untimes/rust/src/\*.rs +- `make transpile_go` transpiles all of the Dafny code into runtimes/go/\*.go +- `make polymorph_go` transpiles the smithy files into runtimes/go/\*.go ### Development Requirements From 48ce261b42ae19499d414738702ff30b076e9f15 Mon Sep 17 00:00:00 2001 From: rishav-karanjit Date: Mon, 2 Jun 2025 10:45:13 -0700 Subject: [PATCH 05/12] auto commit --- .github/actions/polymorph_codegen/action.yml | 6 ------ .github/workflows/ci_test_go.yml | 13 +++++-------- 2 files changed, 5 insertions(+), 14 deletions(-) diff --git a/.github/actions/polymorph_codegen/action.yml b/.github/actions/polymorph_codegen/action.yml index f349590a5..302523dae 100644 --- a/.github/actions/polymorph_codegen/action.yml +++ b/.github/actions/polymorph_codegen/action.yml @@ -141,12 +141,6 @@ runs: run: | make polymorph_dotnet ${{ steps.dependencies.outputs.PROJECT_DEPENDENCIES }} - - name: Regenerate Go code using smithy-dafny - working-directory: ./${{ inputs.library }} - shell: bash - run: | - make polymorph_go ${{ steps.dependencies.outputs.PROJECT_DEPENDENCIES }} - - name: Check regenerated code against commited code # Composite action inputs seem to not actually support booleans properly for some reason if: inputs.diff-generated-code == 'true' diff --git a/.github/workflows/ci_test_go.yml b/.github/workflows/ci_test_go.yml index f314f8eef..ae0819451 100644 --- a/.github/workflows/ci_test_go.yml +++ b/.github/workflows/ci_test_go.yml @@ -116,14 +116,11 @@ jobs: CORES=$(node -e 'console.log(os.cpus().length)') make transpile_go CORES=$CORES - - name: Regenerate code using smithy-dafny if necessary - if: ${{ inputs.regenerate-code }} - uses: ./.github/actions/polymorph_codegen - with: - dafny: ${{ env.DAFNY_VERSION }} - library: ${{ matrix.library }} - diff-generated-code: false - update-and-regenerate-mpl: true + - name: Regenerate code using smithy-dafny + shell: bash + working-directory: ./${{ matrix.library }} + run: | + make polymorph_go - name: Copy ${{ matrix.library }} Vector Files if: ${{ matrix.library == 'TestVectors' }} From 1dedf2bd120eb634bd13885038eb470a6bff9ca0 Mon Sep 17 00:00:00 2001 From: rishav-karanjit Date: Mon, 2 Jun 2025 11:06:45 -0700 Subject: [PATCH 06/12] auto commit --- DynamoDbEncryption/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/DynamoDbEncryption/README.md b/DynamoDbEncryption/README.md index 8bb2e859d..66714cc01 100644 --- a/DynamoDbEncryption/README.md +++ b/DynamoDbEncryption/README.md @@ -45,7 +45,7 @@ Within `runtimes/java`: `runtimes/go` contains the Go related code and build instructions for this project. - `ImplementationFromDafny-go/` contains all the implementation code which is Smithy to Go generated code, Dafny to Go transpiled code and hand written Go code -- `TestsFromDafny-go` contains all the test code which is Smithy to Go generated code, Dafny to Go transpiled code and hand written Go code. +- `TestsFromDafny-go` contains all the test code which is Smithy to Go generated code, Dafny to Go transpiled code and hand written Go code. ### Development From 86c653947949699982bb1e3e9322d38382b390cb Mon Sep 17 00:00:00 2001 From: rishav-karanjit Date: Mon, 2 Jun 2025 11:29:31 -0700 Subject: [PATCH 07/12] auto commit --- DynamoDbEncryption/Makefile | 15 +++++ DynamoDbEncryption/runtimes/go/README.md | 82 ++++++++++++++++++++++++ 2 files changed, 97 insertions(+) create mode 100644 DynamoDbEncryption/runtimes/go/README.md diff --git a/DynamoDbEncryption/Makefile b/DynamoDbEncryption/Makefile index 5138879c0..a273c995f 100644 --- a/DynamoDbEncryption/Makefile +++ b/DynamoDbEncryption/Makefile @@ -164,6 +164,21 @@ STRUCTUREDENCRYPTION_INDEX_FILE_PATH=dafny/StructuredEncryption/src/Index.dfy STRUCTUREDENCRYPTION_INDEX_FILE_WITH_EXTERN_STRING="module {:extern \"software.amazon.cryptography.dbencryptionsdk.structuredencryption.internaldafny\" } StructuredEncryption" STRUCTUREDENCRYPTION_INDEX_FILE_WITHOUT_EXTERN_STRING="module StructuredEncryption" +# Target to restore all directories in a list +# TODO: remove this once we don't copy all of the directories into implementation and test. This is done by make file target _mv_polymorph_go in smithy-dafny. https://sim.amazon.com/issues/0371eaa5-61b5-490c-ad0b-927b6dc4d2d2 +RESTORE_DIRS := README.md +_polymorph_go: restore_directories +restore_directories: + @for dir in $(RESTORE_DIRS); do \ + if [ -d "runtimes/go/ImplementationFromDafny-go/$$dir" ]; then \ + cp -Rf runtimes/go/ImplementationFromDafny-go/$$dir runtimes/go/; \ + rm -rf runtimes/go/ImplementationFromDafny-go/$$dir; \ + rm -rf runtimes/go/TestsFromDafny-go/$$dir; \ + else \ + echo "Directory $$dir not found"; \ + fi \ + done + _sed_types_file_remove_extern: $(MAKE) _sed_file SED_FILE_PATH=$(DYNAMODB_TYPES_FILE_PATH) SED_BEFORE_STRING=$(DYNAMODB_TYPES_FILE_WITH_EXTERN_STRING) SED_AFTER_STRING=$(DYNAMODB_TYPES_FILE_WITHOUT_EXTERN_STRING) $(MAKE) _sed_file SED_FILE_PATH=$(ITEMENCRYPTOR_TYPES_FILE_PATH) SED_BEFORE_STRING=$(ITEMENCRYPTOR_TYPES_FILE_WITH_EXTERN_STRING) SED_AFTER_STRING=$(ITEMENCRYPTOR_TYPES_FILE_WITHOUT_EXTERN_STRING) diff --git a/DynamoDbEncryption/runtimes/go/README.md b/DynamoDbEncryption/runtimes/go/README.md new file mode 100644 index 000000000..96bfb3658 --- /dev/null +++ b/DynamoDbEncryption/runtimes/go/README.md @@ -0,0 +1,82 @@ +# AWS Database Encryption SDK for DynamoDB in Go + +The AWS Database Encryption SDK (DB-ESDK) for DynamoDB in Go is a client-side encryption +library that allows you to perform attribute-level encryption, enabling you to encrypt specific +attribute values within items before storing them in your DynamoDB table. All encryption and +decryption are performed within your application. This lets you protect sensitive data in-transit +and at-rest, as data cannot be exposed unless decrypted by your application. + +For more details about the design and architecture of the DB-ESDK for DynamoDB, +see the [AWS Database Encryption SDK Developer Guide](https://docs.aws.amazon.com/database-encryption-sdk/latest/devguide/). + +# Security + +If you discover a potential security issue in this project +we ask that you notify AWS/Amazon Security via our +[vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). +Please **do not** create a public GitHub issue. + +# Support Policy + +See [Support Policy](./SUPPORT_POLICY.rst) for details +on the current support status of all major versions of this library. + +## Giving Feedback + +We need your help in making this SDK great. +Please participate in the community and contribute to this effort by +submitting issues, +participating in discussion forums and +submitting pull requests through the following channels: + +- Submit [issues](https://github.com/aws/aws-database-encryption-sdk-dynamodb/issues) + \- this is the **preferred** channel to interact with our team +- Articulate your + [feature request](https://github.com/aws/aws-database-encryption-sdk-dynamodb/issues?q=is%3Aopen+is%3Aissue+label%3A%22feature-request%22) + or upvote existing ones +- Ask [questions](https://repost.aws/tags/TAc3VKZnkNQyimpHnCHetNOQ/aws-crypto-tools) on AWS re:Post under AWS Crypto Tools tag + +# Getting Started + +## Required Prerequisites + +To use the DB-ESDK for DynamoDB in Go, you must have: + +### A supported version of Go +- Go 1.23 or later is required by AWS Encryption SDK for Go. + +For more information on downloading and installing Go, see [Go installation](https://go.dev/doc/install) + +### AWS Integration + +You need an Amazon Web Services (AWS) account to use the DB-ESDK for DynamoDB as it's specifically designed to work with Amazon DynamoDB. Optionally, you can use AWS Key Management Service (AWS KMS) as your main keyring provider. + +- **To create an AWS account**, go to + [Sign In or Create an AWS Account](https://portal.aws.amazon.com/gp/aws/developer/registration/index.html) + and then choose **I am a new user.** + Follow the instructions to create an AWS account. + +- **(Optional) To create a key in AWS KMS**, see + [Creating Keys](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html). + +### Amazon Corretto Crypto Provider + +Many developers find that the Amazon Corretto Crypto Provider (ACCP) +significantly improves the performance of the library. +For help installing and using ACCP, see the +[amazon-corretto-crypto-provider repository](https://github.com/corretto/amazon-corretto-crypto-provider). + +## Using the DB-ESDK for DynamoDB in Java + +There are several ways to use the library. +More details are provided in the +[AWS Database Encryption SDK Developer Guide](https://docs.aws.amazon.com/database-encryption-sdk/latest/devguide/). +Also see the [Examples](Examples/runtimes/go/). + +# Contributing + +See [CONTRIBUTING](CONTRIBUTING.md) for more information. + +# License + +This project is licensed under the Apache-2.0 License. From e5a80362cfe4985188ea68e12767bf4a3c38610c Mon Sep 17 00:00:00 2001 From: rishav-karanjit Date: Mon, 2 Jun 2025 11:29:57 -0700 Subject: [PATCH 08/12] auto commit --- DynamoDbEncryption/runtimes/go/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/DynamoDbEncryption/runtimes/go/README.md b/DynamoDbEncryption/runtimes/go/README.md index 96bfb3658..25d4f5ccb 100644 --- a/DynamoDbEncryption/runtimes/go/README.md +++ b/DynamoDbEncryption/runtimes/go/README.md @@ -43,6 +43,7 @@ submitting pull requests through the following channels: To use the DB-ESDK for DynamoDB in Go, you must have: ### A supported version of Go + - Go 1.23 or later is required by AWS Encryption SDK for Go. For more information on downloading and installing Go, see [Go installation](https://go.dev/doc/install) From f95c5871cbe02e2c4e1300b2aeefeec429ccf6e5 Mon Sep 17 00:00:00 2001 From: rishav-karanjit Date: Mon, 2 Jun 2025 11:31:51 -0700 Subject: [PATCH 09/12] auto commit --- DynamoDbEncryption/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/DynamoDbEncryption/Makefile b/DynamoDbEncryption/Makefile index a273c995f..13aac8bab 100644 --- a/DynamoDbEncryption/Makefile +++ b/DynamoDbEncryption/Makefile @@ -165,7 +165,7 @@ STRUCTUREDENCRYPTION_INDEX_FILE_WITH_EXTERN_STRING="module {:extern \"software.a STRUCTUREDENCRYPTION_INDEX_FILE_WITHOUT_EXTERN_STRING="module StructuredEncryption" # Target to restore all directories in a list -# TODO: remove this once we don't copy all of the directories into implementation and test. This is done by make file target _mv_polymorph_go in smithy-dafny. https://sim.amazon.com/issues/0371eaa5-61b5-490c-ad0b-927b6dc4d2d2 +# TODO: remove this once we don't copy all of the directories into implementation and test. https://sim.amazon.com/issues/0371eaa5-61b5-490c-ad0b-927b6dc4d2d2 RESTORE_DIRS := README.md _polymorph_go: restore_directories restore_directories: From fe8ecc8aadfe71d2a48ef1a6f1a135e9e027507d Mon Sep 17 00:00:00 2001 From: rishav-karanjit Date: Mon, 2 Jun 2025 11:32:30 -0700 Subject: [PATCH 10/12] auto commit --- DynamoDbEncryption/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/DynamoDbEncryption/Makefile b/DynamoDbEncryption/Makefile index 13aac8bab..49b4c04ac 100644 --- a/DynamoDbEncryption/Makefile +++ b/DynamoDbEncryption/Makefile @@ -165,7 +165,7 @@ STRUCTUREDENCRYPTION_INDEX_FILE_WITH_EXTERN_STRING="module {:extern \"software.a STRUCTUREDENCRYPTION_INDEX_FILE_WITHOUT_EXTERN_STRING="module StructuredEncryption" # Target to restore all directories in a list -# TODO: remove this once we don't copy all of the directories into implementation and test. https://sim.amazon.com/issues/0371eaa5-61b5-490c-ad0b-927b6dc4d2d2 +# remove this once we don't copy all of the directories into implementation and test. https://sim.amazon.com/issues/0371eaa5-61b5-490c-ad0b-927b6dc4d2d2 RESTORE_DIRS := README.md _polymorph_go: restore_directories restore_directories: From b6f577bdba29ddd1f1546eb1441a941be69d1f92 Mon Sep 17 00:00:00 2001 From: rishav-karanjit Date: Mon, 2 Jun 2025 11:38:22 -0700 Subject: [PATCH 11/12] auto commit --- DynamoDbEncryption/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/DynamoDbEncryption/Makefile b/DynamoDbEncryption/Makefile index 49b4c04ac..1ad542b3e 100644 --- a/DynamoDbEncryption/Makefile +++ b/DynamoDbEncryption/Makefile @@ -165,7 +165,7 @@ STRUCTUREDENCRYPTION_INDEX_FILE_WITH_EXTERN_STRING="module {:extern \"software.a STRUCTUREDENCRYPTION_INDEX_FILE_WITHOUT_EXTERN_STRING="module StructuredEncryption" # Target to restore all directories in a list -# remove this once we don't copy all of the directories into implementation and test. https://sim.amazon.com/issues/0371eaa5-61b5-490c-ad0b-927b6dc4d2d2 +# TODO: Remove this once we don't copy all of the directories into implementation and test https://sim.amazon.com/issues/CrypTool-5447 RESTORE_DIRS := README.md _polymorph_go: restore_directories restore_directories: From 7bc1ca0dd4732ae9c52e80c08181c07fa9297599 Mon Sep 17 00:00:00 2001 From: rishav-karanjit Date: Mon, 2 Jun 2025 11:38:59 -0700 Subject: [PATCH 12/12] emtpy commit to run CI