Range queries for undefined start or end bytes fails due to regex #182
Comments
|
This will likely need adjustments to the lower/upper bound calls to support ranges without a start or end. |
|
Hello @tbaeg, We've released a fix on 3.1.2 which allows the range to specify only the starting bytes without ending range However, adding a feature to S3EC for range queries that only specify an end range, such as retrieving the last 20 bytes of a file, is difficult due to how encryption works. The S3EC supports decryption of objects encrypted using either AES-CBC or AES-GCM for content encryption. For GCM objects, an authentication tag is appended to the object. The content type is pulled from the object metadata, so it is not possible for the client to determine which algorithm is used before adjusting the range from the plaintext range to ciphertext range. It is possible to, for example, pull down additional bytes assuming GCM encryption, then discard the extra bytes if the algorithm is actually CBC. However, this is not trivial to implement, and will need be prioritized against other work. Currently, this feature is not on our immediate roadmap. |
|
Thank you for the work and the update! |
Problem:
Range queries without a start or end byte range fail due to https://github.com/aws/amazon-s3-encryption-client-java/blob/main/src/main/java/software/amazon/encryption/s3/legacy/internal/RangedGetUtils.java#L21.
Solution:
Adjust the regex to allow for start or end byte range to not exist.
The text was updated successfully, but these errors were encountered: