Skip to content

fix: BYTES_PER_KEY value #193

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 11 commits into from
Sep 6, 2019
Merged

fix: BYTES_PER_KEY value #193

Changes from 3 commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
5d1ae29
fix: BYTES_PER_KEY value
seebees Aug 19, 2019
9d66051
update comment
seebees Aug 22, 2019
82ab605
Merge branch 'master' into max_bytes_per_key
seebees Aug 23, 2019
3e94d83
lint
seebees Aug 23, 2019
4e9cd58
Update modules/serialize/src/identifiers.ts
seebees Aug 23, 2019
f820a63
Update modules/serialize/src/identifiers.ts
seebees Aug 23, 2019
1dcd9fb
update constant names
seebees Aug 27, 2019
5a15639
Update modules/serialize/src/identifiers.ts
seebees Aug 28, 2019
206f169
Merge branch 'master' into max_bytes_per_key
seebees Aug 28, 2019
15dc255
Merge branch 'master' into max_bytes_per_key
seebees Aug 28, 2019
61562e2
Merge branch 'master' into max_bytes_per_key
seebees Sep 6, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 28 additions & 2 deletions modules/serialize/src/identifiers.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,8 +62,34 @@ Object.freeze(SequenceIdentifier)
export enum Maximum {
// Maximum number of messages which are allowed to be encrypted under a single cached data key
MESSAGES_PER_KEY = 2 ** 32, // eslint-disable-line no-unused-vars
// Maximum number of bytes which are allowed to be encrypted under a single cached data key
BYTES_PER_KEY = 2 ** 63 - 1, // eslint-disable-line no-unused-vars
/* Maximum number of bytes which are allowed to be encrypted
* under a cached single data key across messages.
* The _real_ maximum is 2 ** 63 - 1,
* However Javascript can only perform safe operations on values
* up to Number.MAX_SAFE_INTEGER === 9007199254740991 === 2 ** 53 - 1.
* e.g
* Number.MAX_SAFE_INTEGER + 1 === Number.MAX_SAFE_INTEGER + 2 => true
* Number.MAX_SAFE_INTEGER + 1 > Number.MAX_SAFE_INTEGER + 2 => false
* Number.MAX_SAFE_INTEGER + 1 < Number.MAX_SAFE_INTEGER + 2 => false
*
* This means that after 2 ** 53 - 1 the process of accumulating a byte count
* will never yield an accurate comparison and so, never halt.
*
* The choice here to use 2 ** 53 - 1 instead of Number.MAX_SAFE_INTEGER is deliberate.
* This is because in the future Number.MAX_SAFE_INTEGER could be raised to 2 ** 66
* or some value larger 2 ** 63.
*
* This is *not* the maximum amount of data that can be encrypted under a single data key
* or under a single AES operation.
* The maximum amount of data that can be safely encrypted under a single AES operation is 2 ** 36 -32.
* However the AWS Encryption SDK for Javascript does not support non-framed encryption.
* Therefore the largest single AES operation supported
* by the AWS Encryption SDK for Javascript is the maximum frame size 2 **32 -1.
* The maximum amount of data that can be encrypted by the AWS Encryption SDK
* is the maximum number of frames at the maximum frame size.
* (number of frames) * (frame size) == (2 ** 32 - 1) * (2 ** 32 -1) ~ 2 ** 64 ~ 1.8e19 bytes.
*/
BYTES_PER_KEY = 2 ** 53 - 1, // eslint-disable-line no-unused-vars
// Maximum number of frames allowed in one message as defined in specification
FRAME_COUNT = 2 ** 32 - 1, // eslint-disable-line no-unused-vars
// Maximum bytes allowed in a single frame as defined in specification
Expand Down