maxmustermann/kibana
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Compute AAD to encrypty/decrypt SO only if needed (#75818)

Browse source
This commit is contained in:
Nicolas Chaulet 2020-08-26 08:50:52 -04:00 committed by GitHub
parent 86d7050822
commit 63265b6f57
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
x-pack/plugins/encrypted_saved_objects/server/crypto/encrypted_saved_objects_service.ts
View file

@ -198,12 +198,15 @@ export class EncryptedSavedObjectsService {
if (typeDefinition === undefined) {
return attributes;
}
let encryptionAAD: string | undefined;
const encryptionAAD = this.getAAD(typeDefinition, descriptor, attributes);
const encryptedAttributes: Record<string, string> = {};
for (const attributeName of typeDefinition.attributesToEncrypt) {
const attributeValue = attributes[attributeName];
if (attributeValue != null) {
if (!encryptionAAD) {
encryptionAAD = this.getAAD(typeDefinition, descriptor, attributes);
}
try {
encryptedAttributes[attributeName] = (yield [attributeValue, encryptionAAD])!;
} catch (err) {
@ -376,8 +379,7 @@ export class EncryptedSavedObjectsService {
if (typeDefinition === undefined) {
return attributes;
}
const encryptionAAD = this.getAAD(typeDefinition, descriptor, attributes);
let encryptionAAD: string | undefined;
const decryptedAttributes: Record<string, EncryptOutput> = {};
for (const attributeName of typeDefinition.attributesToEncrypt) {
const attributeValue = attributes[attributeName];
@ -393,7 +395,9 @@ export class EncryptedSavedObjectsService {
)}`
);
}
if (!encryptionAAD) {
encryptionAAD = this.getAAD(typeDefinition, descriptor, attributes);
}
try {
decryptedAttributes[attributeName] = (yield [attributeValue, encryptionAAD])!;
} catch (err) {