removed the logic in the reEncryptInstructionFileRequest builder of checking whether a default instruction file suffix was specified for RSA keyring since RSA keyring rotation is supported (not just for creating third-party access to encrypted object in S3)

Anirav Kareddy · Anirav Kareddy · commit 9b41d813d876 · 2025-07-10T10:38:06.000-07:00
diff --git a/src/main/java/software/amazon/encryption/s3/internal/ReEncryptInstructionFileRequest.java b/src/main/java/software/amazon/encryption/s3/internal/ReEncryptInstructionFileRequest.java
@@ -162,10 +162,6 @@ public ReEncryptInstructionFileRequest build() {
         if (!instructionFileSuffix.equals(DEFAULT_INSTRUCTION_FILE_SUFFIX)) {
           throw new S3EncryptionClientException("Custom Instruction file suffix is not applicable for AES keyring!");
         }
-      } else if (newKeyring instanceof RsaKeyring) {
-        if (instructionFileSuffix.equals(DEFAULT_INSTRUCTION_FILE_SUFFIX)) {
-          throw new S3EncryptionClientException("Instruction file suffix must be different than the default one for RSA keyring!");
-        }
       }
       return new ReEncryptInstructionFileRequest(this);
     }

Original file line number	Diff line number	Diff line change
`@@ -162,10 +162,6 @@ public ReEncryptInstructionFileRequest build() {`
`162`	`162`	`if (!instructionFileSuffix.equals(DEFAULT_INSTRUCTION_FILE_SUFFIX)) {`
`163`	`163`	`throw new S3EncryptionClientException("Custom Instruction file suffix is not applicable for AES keyring!");`
`164`	`164`	`}`
`165`		`- } else if (newKeyring instanceof RsaKeyring) {`
`166`		`- if (instructionFileSuffix.equals(DEFAULT_INSTRUCTION_FILE_SUFFIX)) {`
`167`		`- throw new S3EncryptionClientException("Instruction file suffix must be different than the default one for RSA keyring!");`
`168`		`- }`
`169`	`165`	`}`
`170`	`166`	`return new ReEncryptInstructionFileRequest(this);`
`171`	`167`	`}`