Skip to content

Commit 49b8b67

Browse files
chore: move put cache after signature verification (#2223)
1 parent 7aad5fb commit 49b8b67

2 files changed

Lines changed: 5 additions & 1 deletion

File tree

DynamoDbEncryption/runtimes/java/src/main/sdkv2/com/amazonaws/services/dynamodbv2/datamodeling/sdkv2/encryption/DynamoDBEncryptor.java

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -355,6 +355,7 @@ public Map<String, AttributeValue> decryptRecord(
355355
materials.getVerificationKey(),
356356
signature
357357
);
358+
DynamoDbSigner.putCacheIfEmpty(signer);
358359
itemAttributes.remove(materialDescriptionFieldName);
359360

360361
actualDecryption(

DynamoDbEncryption/runtimes/java/src/main/sdkv2/com/amazonaws/services/dynamodbv2/datamodeling/sdkv2/encryption/DynamoDbSigner.java

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -62,11 +62,14 @@ static DynamoDbSigner getInstance(String signingAlgorithm, SecureRandom rnd) {
6262
DynamoDbSigner result = cache.get(signingAlgorithm);
6363
if (result == null) {
6464
result = new DynamoDbSigner(signingAlgorithm, rnd);
65-
cache.putIfAbsent(signingAlgorithm, result);
6665
}
6766
return result;
6867
}
6968

69+
static void putCacheIfEmpty(DynamoDbSigner signer) {
70+
cache.putIfAbsent(signer.getSigningAlgorithm(), signer);
71+
}
72+
7073
/**
7174
* @param signingAlgorithm is the algorithm used for asymmetric signing (ex: SHA256withRSA). This
7275
* is ignored for symmetric HMACs as that algorithm is fully specified by the key.

0 commit comments

Comments
 (0)