Name of the Vulnerable Software and Affected Versions: Encryption SDK versions prior to 1.9 Encryption SDK versions prior to 2.2

Description: This issue affects the Encryption SDK, which supports a streaming mode for signed messages. The SDK uses AES-GCM encryption and verifies plaintext before releasing it to callers. However, some callers may rely on ECDSA signatures for non-repudiation. Without validating the ECDSA signature, an actor with trusted KMS permissions may be able to encrypt messages. The issue introduces a new API for streaming unsigned messages and a configuration to limit the number of Encrypted Data Keys processed per message. It also adds early rejection of invalid messages with certain invalid combinations of algorithm suite and header data.

Recommendations: For versions prior to 1.9, upgrade to version 1.9 or later to address these issues. For versions prior to 2.2, upgrade to version 2.2 or later to address these issues. Customers leveraging the ESDK's streaming features should ensure that client code reads to the end of the stream before using released plaintext. Using the new API for streaming and falling back to the non-streaming decrypt API for signed messages prevents using any plaintext from signed data before the signature is validated. Users processing ESDK messages from untrusted sources should use the new maximum encrypted data keys parameter.