WIP

netf · netf · commit c435d4f9380e · 2024-03-22T23:05:15.000+07:00
diff --git a/pkg/encrypted/client.go b/pkg/encrypted/client.go
@@ -32,25 +32,25 @@ type PrimaryKeyInfo struct {
 
 // EncryptedPaginator is a paginator for encrypted DynamoDB items.
 type EncryptedPaginator struct {
-	client    *EncryptedClient
-	nextToken map[string]types.AttributeValue
+	Client    *EncryptedClient
+	NextToken map[string]types.AttributeValue
 }
 
 // NewEncryptedPaginator creates a new instance of EncryptedPaginator.
 func NewEncryptedPaginator(client *EncryptedClient) *EncryptedPaginator {
 	return &EncryptedPaginator{
-		client:    client,
-		nextToken: nil,
+		Client:    client,
+		NextToken: nil,
 	}
 }
 
 func (p *EncryptedPaginator) Query(ctx context.Context, input *dynamodb.QueryInput, fn func(*dynamodb.QueryOutput, bool) bool) error {
 	for {
-		if p.nextToken != nil {
-			input.ExclusiveStartKey = p.nextToken
+		if p.NextToken != nil {
+			input.ExclusiveStartKey = p.NextToken
 		}
 
-		output, err := p.client.Query(ctx, input)
+		output, err := p.Client.Query(ctx, input)
 		if err != nil {
 			return err
 		}
@@ -64,19 +64,19 @@ func (p *EncryptedPaginator) Query(ctx context.Context, input *dynamodb.QueryInp
 			break
 		}
 
-		p.nextToken = output.LastEvaluatedKey
+		p.NextToken = output.LastEvaluatedKey
 	}
 
 	return nil
 }
 
 func (p *EncryptedPaginator) Scan(ctx context.Context, input *dynamodb.ScanInput, fn func(*dynamodb.ScanOutput, bool) bool) error {
 	for {
-		if p.nextToken != nil {
-			input.ExclusiveStartKey = p.nextToken
+		if p.NextToken != nil {
+			input.ExclusiveStartKey = p.NextToken
 		}
 
-		output, err := p.client.Scan(ctx, input)
+		output, err := p.Client.Scan(ctx, input)
 		if err != nil {
 			return err
 		}
@@ -90,29 +90,28 @@ func (p *EncryptedPaginator) Scan(ctx context.Context, input *dynamodb.ScanInput
 			break
 		}
 
-		p.nextToken = output.LastEvaluatedKey
+		p.NextToken = output.LastEvaluatedKey
 	}
 
 	return nil
 }
 
 // EncryptedClient facilitates encrypted operations on DynamoDB items.
 type EncryptedClient struct {
-	client            DynamoDBClientInterface
-	materialsProvider provider.CryptographicMaterialsProvider
-	primaryKeyCache   map[string]*PrimaryKeyInfo
-	attributeActions  *AttributeActions
-
-	lock sync.RWMutex
+	Client            DynamoDBClientInterface
+	MaterialsProvider provider.CryptographicMaterialsProvider
+	PrimaryKeyCache   map[string]*PrimaryKeyInfo
+	AttributeActions  *AttributeActions
+	lock              sync.RWMutex
 }
 
 // NewEncryptedClient creates a new instance of EncryptedClient.
 func NewEncryptedClient(client DynamoDBClientInterface, materialsProvider provider.CryptographicMaterialsProvider, attributeActions *AttributeActions) *EncryptedClient {
 	return &EncryptedClient{
-		client:            client,
-		materialsProvider: materialsProvider,
-		primaryKeyCache:   make(map[string]*PrimaryKeyInfo),
-		attributeActions:  attributeActions,
+		Client:            client,
+		MaterialsProvider: materialsProvider,
+		PrimaryKeyCache:   make(map[string]*PrimaryKeyInfo),
+		AttributeActions:  attributeActions,
 		lock:              sync.RWMutex{},
 	}
 }
@@ -139,13 +138,13 @@ func (ec *EncryptedClient) PutItem(ctx context.Context, input *dynamodb.PutItemI
 	}
 
 	// Put the encrypted item into the DynamoDB table
-	return ec.client.PutItem(ctx, encryptedInput)
+	return ec.Client.PutItem(ctx, encryptedInput)
 }
 
 // GetItem retrieves an item from a DynamoDB table and decrypts it.
 func (ec *EncryptedClient) GetItem(ctx context.Context, input *dynamodb.GetItemInput) (*dynamodb.GetItemOutput, error) {
 	// First, retrieve the encrypted item from DynamoDB
-	encryptedOutput, err := ec.client.GetItem(ctx, input)
+	encryptedOutput, err := ec.Client.GetItem(ctx, input)
 	if err != nil {
 		return nil, fmt.Errorf("error retrieving encrypted item: %v", err)
 	}
@@ -171,7 +170,7 @@ func (ec *EncryptedClient) GetItem(ctx context.Context, input *dynamodb.GetItemI
 
 // Query executes a Query operation on DynamoDB and decrypts the returned items.
 func (ec *EncryptedClient) Query(ctx context.Context, input *dynamodb.QueryInput) (*dynamodb.QueryOutput, error) {
-	encryptedOutput, err := ec.client.Query(ctx, input)
+	encryptedOutput, err := ec.Client.Query(ctx, input)
 	if err != nil {
 		return nil, fmt.Errorf("error querying encrypted items: %v", err)
 	}
@@ -190,7 +189,7 @@ func (ec *EncryptedClient) Query(ctx context.Context, input *dynamodb.QueryInput
 
 // Scan executes a Scan operation on DynamoDB and decrypts the returned items.
 func (ec *EncryptedClient) Scan(ctx context.Context, input *dynamodb.ScanInput) (*dynamodb.ScanOutput, error) {
-	encryptedOutput, err := ec.client.Scan(ctx, input)
+	encryptedOutput, err := ec.Client.Scan(ctx, input)
 	if err != nil {
 		return nil, fmt.Errorf("error scanning encrypted items: %v", err)
 	}
@@ -223,12 +222,12 @@ func (ec *EncryptedClient) BatchWriteItem(ctx context.Context, input *dynamodb.B
 		}
 	}
 
-	return ec.client.BatchWriteItem(ctx, input)
+	return ec.Client.BatchWriteItem(ctx, input)
 }
 
 // BatchGetItem retrieves a batch of items from DynamoDB and decrypts them.
 func (ec *EncryptedClient) BatchGetItem(ctx context.Context, input *dynamodb.BatchGetItemInput) (*dynamodb.BatchGetItemOutput, error) {
-	encryptedOutput, err := ec.client.BatchGetItem(ctx, input)
+	encryptedOutput, err := ec.Client.BatchGetItem(ctx, input)
 	if err != nil {
 		return nil, fmt.Errorf("error batch getting encrypted items: %v", err)
 	}
@@ -250,7 +249,7 @@ func (ec *EncryptedClient) BatchGetItem(ctx context.Context, input *dynamodb.Bat
 // DeleteItem deletes an item and its associated metadata from a DynamoDB table.
 func (ec *EncryptedClient) DeleteItem(ctx context.Context, input *dynamodb.DeleteItemInput) (*dynamodb.DeleteItemOutput, error) {
 	// First, delete the item from DynamoDB
-	deleteOutput, err := ec.client.DeleteItem(ctx, input)
+	deleteOutput, err := ec.Client.DeleteItem(ctx, input)
 	if err != nil {
 		return nil, fmt.Errorf("error deleting encrypted item: %v", err)
 	}
@@ -268,7 +267,7 @@ func (ec *EncryptedClient) DeleteItem(ctx context.Context, input *dynamodb.Delet
 	}
 
 	// Delete the associated metadata
-	tableName := ec.materialsProvider.TableName()
+	tableName := ec.MaterialsProvider.TableName()
 	queryInput := &dynamodb.QueryInput{
 		TableName:              aws.String(tableName),
 		KeyConditionExpression: aws.String("MaterialName = :materialName"),
@@ -277,7 +276,7 @@ func (ec *EncryptedClient) DeleteItem(ctx context.Context, input *dynamodb.Delet
 		},
 	}
 
-	queryOutput, err := ec.client.Query(ctx, queryInput)
+	queryOutput, err := ec.Client.Query(ctx, queryInput)
 	if err != nil {
 		return nil, fmt.Errorf("error querying for versions: %v", err)
 	}
@@ -297,7 +296,7 @@ func (ec *EncryptedClient) DeleteItem(ctx context.Context, input *dynamodb.Delet
 		}
 
 		batchWriteInput := &dynamodb.BatchWriteItemInput{RequestItems: deleteRequest}
-		_, err = ec.client.BatchWriteItem(ctx, batchWriteInput)
+		_, err = ec.Client.BatchWriteItem(ctx, batchWriteInput)
 		if err != nil {
 			return nil, fmt.Errorf("error deleting a version: %v", err)
 		}
@@ -309,7 +308,7 @@ func (ec *EncryptedClient) DeleteItem(ctx context.Context, input *dynamodb.Delet
 // getPrimaryKeyInfo lazily loads and caches primary key information in a thread-safe manner.
 func (ec *EncryptedClient) getPrimaryKeyInfo(ctx context.Context, tableName string) (*PrimaryKeyInfo, error) {
 	ec.lock.RLock()
-	pkInfo, exists := ec.primaryKeyCache[tableName]
+	pkInfo, exists := ec.PrimaryKeyCache[tableName]
 	ec.lock.RUnlock()
 
 	if exists {
@@ -319,17 +318,17 @@ func (ec *EncryptedClient) getPrimaryKeyInfo(ctx context.Context, tableName stri
 	ec.lock.Lock()
 	defer ec.lock.Unlock()
 
-	pkInfo, exists = ec.primaryKeyCache[tableName]
+	pkInfo, exists = ec.PrimaryKeyCache[tableName]
 	if exists {
 		return pkInfo, nil
 	}
 
-	pkInfo, err := TableInfo(ctx, ec.client, tableName)
+	pkInfo, err := TableInfo(ctx, ec.Client, tableName)
 	if err != nil {
 		return nil, err
 	}
 
-	ec.primaryKeyCache[tableName] = pkInfo
+	ec.PrimaryKeyCache[tableName] = pkInfo
 
 	return pkInfo, nil
 }
@@ -347,7 +346,7 @@ func (ec *EncryptedClient) encryptItem(ctx context.Context, tableName string, it
 	if err != nil {
 		return nil, fmt.Errorf("error constructing material name: %v", err)
 	}
-	encryptionMaterials, err := ec.materialsProvider.EncryptionMaterials(ctx, materialName)
+	encryptionMaterials, err := ec.MaterialsProvider.EncryptionMaterials(ctx, materialName)
 	if err != nil {
 		return nil, fmt.Errorf("failed to fetch encryption materials: %v", err)
 	}
@@ -365,7 +364,7 @@ func (ec *EncryptedClient) encryptItem(ctx context.Context, tableName string, it
 			return nil, fmt.Errorf("error converting attribute value to bytes: %v", err)
 		}
 
-		action := ec.attributeActions.GetAttributeAction(key)
+		action := ec.AttributeActions.GetAttributeAction(key)
 		switch action {
 		case AttributeActionEncrypt, AttributeActionEncryptDeterministically:
 			// TODO: Implement deterministic encryption
@@ -394,7 +393,7 @@ func (ec *EncryptedClient) decryptItem(ctx context.Context, tableName string, it
 	if err != nil {
 		return nil, fmt.Errorf("error constructing material name: %v", err)
 	}
-	decryptionMaterials, err := ec.materialsProvider.DecryptionMaterials(ctx, materialName, 0)
+	decryptionMaterials, err := ec.MaterialsProvider.DecryptionMaterials(ctx, materialName, 0)
 	if err != nil {
 		return nil, fmt.Errorf("failed to fetch decryption materials: %v", err)
 	}
@@ -414,7 +413,7 @@ func (ec *EncryptedClient) decryptItem(ctx context.Context, tableName string, it
 			continue
 		}
 
-		action := ec.attributeActions.GetAttributeAction(key)
+		action := ec.AttributeActions.GetAttributeAction(key)
 		switch action {
 		case AttributeActionEncrypt, AttributeActionEncryptDeterministically:
 			// TODO: Implement deterministic encryption

Original file line number	Diff line number	Diff line change
`@@ -32,25 +32,25 @@ type PrimaryKeyInfo struct {`
`32`	`32`
`33`	`33`	`// EncryptedPaginator is a paginator for encrypted DynamoDB items.`
`34`	`34`	`type EncryptedPaginator struct {`
`35`		`- client *EncryptedClient`
`36`		`- nextToken map[string]types.AttributeValue`
	`35`	`+ Client *EncryptedClient`
	`36`	`+ NextToken map[string]types.AttributeValue`
`37`	`37`	`}`
`38`	`38`
`39`	`39`	`// NewEncryptedPaginator creates a new instance of EncryptedPaginator.`
`40`	`40`	`func NewEncryptedPaginator(client EncryptedClient) EncryptedPaginator {`
`41`	`41`	`return &EncryptedPaginator{`
`42`		`- client: client,`
`43`		`- nextToken: nil,`
	`42`	`+ Client: client,`
	`43`	`+ NextToken: nil,`
`44`	`44`	`}`
`45`	`45`	`}`
`46`	`46`
`47`	`47`	`func (p EncryptedPaginator) Query(ctx context.Context, input dynamodb.QueryInput, fn func(*dynamodb.QueryOutput, bool) bool) error {`
`48`	`48`	`for {`
`49`		`- if p.nextToken != nil {`
`50`		`- input.ExclusiveStartKey = p.nextToken`
	`49`	`+ if p.NextToken != nil {`
	`50`	`+ input.ExclusiveStartKey = p.NextToken`
`51`	`51`	`}`
`52`	`52`
`53`		`- output, err := p.client.Query(ctx, input)`
	`53`	`+ output, err := p.Client.Query(ctx, input)`
`54`	`54`	`if err != nil {`
`55`	`55`	`return err`
`56`	`56`	`}`
`@@ -64,19 +64,19 @@ func (p EncryptedPaginator) Query(ctx context.Context, input dynamodb.QueryInp`
`64`	`64`	`break`
`65`	`65`	`}`
`66`	`66`
`67`		`- p.nextToken = output.LastEvaluatedKey`
	`67`	`+ p.NextToken = output.LastEvaluatedKey`
`68`	`68`	`}`
`69`	`69`
`70`	`70`	`return nil`
`71`	`71`	`}`
`72`	`72`
`73`	`73`	`func (p EncryptedPaginator) Scan(ctx context.Context, input dynamodb.ScanInput, fn func(*dynamodb.ScanOutput, bool) bool) error {`
`74`	`74`	`for {`
`75`		`- if p.nextToken != nil {`
`76`		`- input.ExclusiveStartKey = p.nextToken`
	`75`	`+ if p.NextToken != nil {`
	`76`	`+ input.ExclusiveStartKey = p.NextToken`
`77`	`77`	`}`
`78`	`78`
`79`		`- output, err := p.client.Scan(ctx, input)`
	`79`	`+ output, err := p.Client.Scan(ctx, input)`
`80`	`80`	`if err != nil {`
`81`	`81`	`return err`
`82`	`82`	`}`
`@@ -90,29 +90,28 @@ func (p EncryptedPaginator) Scan(ctx context.Context, input dynamodb.ScanInput`
`90`	`90`	`break`
`91`	`91`	`}`
`92`	`92`
`93`		`- p.nextToken = output.LastEvaluatedKey`
	`93`	`+ p.NextToken = output.LastEvaluatedKey`
`94`	`94`	`}`
`95`	`95`
`96`	`96`	`return nil`
`97`	`97`	`}`
`98`	`98`
`99`	`99`	`// EncryptedClient facilitates encrypted operations on DynamoDB items.`
`100`	`100`	`type EncryptedClient struct {`
`101`		`- client DynamoDBClientInterface`
`102`		`- materialsProvider provider.CryptographicMaterialsProvider`
`103`		`- primaryKeyCache map[string]*PrimaryKeyInfo`
`104`		`- attributeActions *AttributeActions`
`105`		`-`
`106`		`- lock sync.RWMutex`
	`101`	`+ Client DynamoDBClientInterface`
	`102`	`+ MaterialsProvider provider.CryptographicMaterialsProvider`
	`103`	`+ PrimaryKeyCache map[string]*PrimaryKeyInfo`
	`104`	`+ AttributeActions *AttributeActions`
	`105`	`+ lock sync.RWMutex`
`107`	`106`	`}`
`108`	`107`
`109`	`108`	`// NewEncryptedClient creates a new instance of EncryptedClient.`
`110`	`109`	`func NewEncryptedClient(client DynamoDBClientInterface, materialsProvider provider.CryptographicMaterialsProvider, attributeActions AttributeActions) EncryptedClient {`
`111`	`110`	`return &EncryptedClient{`
`112`		`- client: client,`
`113`		`- materialsProvider: materialsProvider,`
`114`		`- primaryKeyCache: make(map[string]*PrimaryKeyInfo),`
`115`		`- attributeActions: attributeActions,`
	`111`	`+ Client: client,`
	`112`	`+ MaterialsProvider: materialsProvider,`
	`113`	`+ PrimaryKeyCache: make(map[string]*PrimaryKeyInfo),`
	`114`	`+ AttributeActions: attributeActions,`
`116`	`115`	`lock: sync.RWMutex{},`
`117`	`116`	`}`
`118`	`117`	`}`
`@@ -139,13 +138,13 @@ func (ec EncryptedClient) PutItem(ctx context.Context, input dynamodb.PutItemI`
`139`	`138`	`}`
`140`	`139`
`141`	`140`	`// Put the encrypted item into the DynamoDB table`
`142`		`- return ec.client.PutItem(ctx, encryptedInput)`
	`141`	`+ return ec.Client.PutItem(ctx, encryptedInput)`
`143`	`142`	`}`
`144`	`143`
`145`	`144`	`// GetItem retrieves an item from a DynamoDB table and decrypts it.`
`146`	`145`	`func (ec EncryptedClient) GetItem(ctx context.Context, input dynamodb.GetItemInput) (*dynamodb.GetItemOutput, error) {`
`147`	`146`	`// First, retrieve the encrypted item from DynamoDB`
`148`		`- encryptedOutput, err := ec.client.GetItem(ctx, input)`
	`147`	`+ encryptedOutput, err := ec.Client.GetItem(ctx, input)`
`149`	`148`	`if err != nil {`
`150`	`149`	`return nil, fmt.Errorf("error retrieving encrypted item: %v", err)`
`151`	`150`	`}`
`@@ -171,7 +170,7 @@ func (ec EncryptedClient) GetItem(ctx context.Context, input dynamodb.GetItemI`
`171`	`170`
`172`	`171`	`// Query executes a Query operation on DynamoDB and decrypts the returned items.`
`173`	`172`	`func (ec EncryptedClient) Query(ctx context.Context, input dynamodb.QueryInput) (*dynamodb.QueryOutput, error) {`
`174`		`- encryptedOutput, err := ec.client.Query(ctx, input)`
	`173`	`+ encryptedOutput, err := ec.Client.Query(ctx, input)`
`175`	`174`	`if err != nil {`
`176`	`175`	`return nil, fmt.Errorf("error querying encrypted items: %v", err)`
`177`	`176`	`}`
`@@ -190,7 +189,7 @@ func (ec EncryptedClient) Query(ctx context.Context, input dynamodb.QueryInput`
`190`	`189`
`191`	`190`	`// Scan executes a Scan operation on DynamoDB and decrypts the returned items.`
`192`	`191`	`func (ec EncryptedClient) Scan(ctx context.Context, input dynamodb.ScanInput) (*dynamodb.ScanOutput, error) {`
`193`		`- encryptedOutput, err := ec.client.Scan(ctx, input)`
	`192`	`+ encryptedOutput, err := ec.Client.Scan(ctx, input)`
`194`	`193`	`if err != nil {`
`195`	`194`	`return nil, fmt.Errorf("error scanning encrypted items: %v", err)`
`196`	`195`	`}`
`@@ -223,12 +222,12 @@ func (ec EncryptedClient) BatchWriteItem(ctx context.Context, input dynamodb.B`
`223`	`222`	`}`
`224`	`223`	`}`
`225`	`224`
`226`		`- return ec.client.BatchWriteItem(ctx, input)`
	`225`	`+ return ec.Client.BatchWriteItem(ctx, input)`
`227`	`226`	`}`
`228`	`227`
`229`	`228`	`// BatchGetItem retrieves a batch of items from DynamoDB and decrypts them.`
`230`	`229`	`func (ec EncryptedClient) BatchGetItem(ctx context.Context, input dynamodb.BatchGetItemInput) (*dynamodb.BatchGetItemOutput, error) {`
`231`		`- encryptedOutput, err := ec.client.BatchGetItem(ctx, input)`
	`230`	`+ encryptedOutput, err := ec.Client.BatchGetItem(ctx, input)`
`232`	`231`	`if err != nil {`
`233`	`232`	`return nil, fmt.Errorf("error batch getting encrypted items: %v", err)`
`234`	`233`	`}`
`@@ -250,7 +249,7 @@ func (ec EncryptedClient) BatchGetItem(ctx context.Context, input dynamodb.Bat`
`250`	`249`	`// DeleteItem deletes an item and its associated metadata from a DynamoDB table.`
`251`	`250`	`func (ec EncryptedClient) DeleteItem(ctx context.Context, input dynamodb.DeleteItemInput) (*dynamodb.DeleteItemOutput, error) {`
`252`	`251`	`// First, delete the item from DynamoDB`
`253`		`- deleteOutput, err := ec.client.DeleteItem(ctx, input)`
	`252`	`+ deleteOutput, err := ec.Client.DeleteItem(ctx, input)`
`254`	`253`	`if err != nil {`
`255`	`254`	`return nil, fmt.Errorf("error deleting encrypted item: %v", err)`
`256`	`255`	`}`
`@@ -268,7 +267,7 @@ func (ec EncryptedClient) DeleteItem(ctx context.Context, input dynamodb.Delet`
`268`	`267`	`}`
`269`	`268`
`270`	`269`	`// Delete the associated metadata`
`271`		`- tableName := ec.materialsProvider.TableName()`
	`270`	`+ tableName := ec.MaterialsProvider.TableName()`
`272`	`271`	`queryInput := &dynamodb.QueryInput{`
`273`	`272`	`TableName: aws.String(tableName),`
`274`	`273`	`KeyConditionExpression: aws.String("MaterialName = :materialName"),`
`@@ -277,7 +276,7 @@ func (ec EncryptedClient) DeleteItem(ctx context.Context, input dynamodb.Delet`
`277`	`276`	`},`
`278`	`277`	`}`
`279`	`278`
`280`		`- queryOutput, err := ec.client.Query(ctx, queryInput)`
	`279`	`+ queryOutput, err := ec.Client.Query(ctx, queryInput)`
`281`	`280`	`if err != nil {`
`282`	`281`	`return nil, fmt.Errorf("error querying for versions: %v", err)`
`283`	`282`	`}`
`@@ -297,7 +296,7 @@ func (ec EncryptedClient) DeleteItem(ctx context.Context, input dynamodb.Delet`
`297`	`296`	`}`
`298`	`297`
`299`	`298`	`batchWriteInput := &dynamodb.BatchWriteItemInput{RequestItems: deleteRequest}`
`300`		`- _, err = ec.client.BatchWriteItem(ctx, batchWriteInput)`
	`299`	`+ _, err = ec.Client.BatchWriteItem(ctx, batchWriteInput)`
`301`	`300`	`if err != nil {`
`302`	`301`	`return nil, fmt.Errorf("error deleting a version: %v", err)`
`303`	`302`	`}`
`@@ -309,7 +308,7 @@ func (ec EncryptedClient) DeleteItem(ctx context.Context, input dynamodb.Delet`
`309`	`308`	`// getPrimaryKeyInfo lazily loads and caches primary key information in a thread-safe manner.`
`310`	`309`	`func (ec EncryptedClient) getPrimaryKeyInfo(ctx context.Context, tableName string) (PrimaryKeyInfo, error) {`
`311`	`310`	`ec.lock.RLock()`
`312`		`- pkInfo, exists := ec.primaryKeyCache[tableName]`
	`311`	`+ pkInfo, exists := ec.PrimaryKeyCache[tableName]`
`313`	`312`	`ec.lock.RUnlock()`
`314`	`313`
`315`	`314`	`if exists {`
`@@ -319,17 +318,17 @@ func (ec *EncryptedClient) getPrimaryKeyInfo(ctx context.Context, tableName stri`
`319`	`318`	`ec.lock.Lock()`
`320`	`319`	`defer ec.lock.Unlock()`
`321`	`320`
`322`		`- pkInfo, exists = ec.primaryKeyCache[tableName]`
	`321`	`+ pkInfo, exists = ec.PrimaryKeyCache[tableName]`
`323`	`322`	`if exists {`
`324`	`323`	`return pkInfo, nil`
`325`	`324`	`}`
`326`	`325`
`327`		`- pkInfo, err := TableInfo(ctx, ec.client, tableName)`
	`326`	`+ pkInfo, err := TableInfo(ctx, ec.Client, tableName)`
`328`	`327`	`if err != nil {`
`329`	`328`	`return nil, err`
`330`	`329`	`}`
`331`	`330`
`332`		`- ec.primaryKeyCache[tableName] = pkInfo`
	`331`	`+ ec.PrimaryKeyCache[tableName] = pkInfo`
`333`	`332`
`334`	`333`	`return pkInfo, nil`
`335`	`334`	`}`
`@@ -347,7 +346,7 @@ func (ec *EncryptedClient) encryptItem(ctx context.Context, tableName string, it`
`347`	`346`	`if err != nil {`
`348`	`347`	`return nil, fmt.Errorf("error constructing material name: %v", err)`
`349`	`348`	`}`
`350`		`- encryptionMaterials, err := ec.materialsProvider.EncryptionMaterials(ctx, materialName)`
	`349`	`+ encryptionMaterials, err := ec.MaterialsProvider.EncryptionMaterials(ctx, materialName)`
`351`	`350`	`if err != nil {`
`352`	`351`	`return nil, fmt.Errorf("failed to fetch encryption materials: %v", err)`
`353`	`352`	`}`
`@@ -365,7 +364,7 @@ func (ec *EncryptedClient) encryptItem(ctx context.Context, tableName string, it`
`365`	`364`	`return nil, fmt.Errorf("error converting attribute value to bytes: %v", err)`
`366`	`365`	`}`
`367`	`366`
`368`		`- action := ec.attributeActions.GetAttributeAction(key)`
	`367`	`+ action := ec.AttributeActions.GetAttributeAction(key)`
`369`	`368`	`switch action {`
`370`	`369`	`case AttributeActionEncrypt, AttributeActionEncryptDeterministically:`
`371`	`370`	`// TODO: Implement deterministic encryption`
`@@ -394,7 +393,7 @@ func (ec *EncryptedClient) decryptItem(ctx context.Context, tableName string, it`
`394`	`393`	`if err != nil {`
`395`	`394`	`return nil, fmt.Errorf("error constructing material name: %v", err)`
`396`	`395`	`}`
`397`		`- decryptionMaterials, err := ec.materialsProvider.DecryptionMaterials(ctx, materialName, 0)`
	`396`	`+ decryptionMaterials, err := ec.MaterialsProvider.DecryptionMaterials(ctx, materialName, 0)`
`398`	`397`	`if err != nil {`
`399`	`398`	`return nil, fmt.Errorf("failed to fetch decryption materials: %v", err)`
`400`	`399`	`}`
`@@ -414,7 +413,7 @@ func (ec *EncryptedClient) decryptItem(ctx context.Context, tableName string, it`
`414`	`413`	`continue`
`415`	`414`	`}`
`416`	`415`
`417`		`- action := ec.attributeActions.GetAttributeAction(key)`
	`416`	`+ action := ec.AttributeActions.GetAttributeAction(key)`
`418`	`417`	`switch action {`
`419`	`418`	`case AttributeActionEncrypt, AttributeActionEncryptDeterministically:`
`420`	`419`	`// TODO: Implement deterministic encryption`