Merge pull request #4 from smswz/legacy-modes

Add AESWrap legacy keyring and migration examples

Author: smswz

README.md

@@ -2,6 +2,141 @@
 
 This library provides an S3 client that supports client-side encryption.
 
+## Migration
+
+This version of the library supports reading encrypted objects from previous versions.
+It also supports writing objects with non-legacy algorithms.
+The list of legacy modes and operations will be provided below.
+
+### Examples
+#### V2 KMS Materials Provider to V3 KMS w/ Context Materials Manager and Keyring
+```java
+class Example {
+    public static void main(String[] args) {
+        // V2
+        EncryptionMaterialsProvider materialsProvider = new KMSEncryptionMaterialsProvider(KMS_WRAPPING_KEY_ID);
+        AmazonS3EncryptionV2 v2Client = AmazonS3EncryptionClientV2.encryptionBuilder()
+                .withEncryptionMaterialsProvider(materialsProvider)
+                .build();
+        
+        // V3
+        Keyring keyring = KmsContextKeyring.builder()
+                .wrappingKeyId(KMS_WRAPPING_KEY_ID)
+                .build();
+
+        MaterialsManager materialsManager = DefaultMaterialsManager.builder()
+                .keyring(keyring)
+                .build();
+        S3Client v3Client = S3EncryptionClient.builder()
+                .materialsManager(materialsManager)
+                .build();
+    }
+}
+```
+
+#### V2 AES Key Materials Provider to V3 AES/GCM Materials Manager and Keyring
+```java
+class Example {
+    public static void main(String[] args) {
+        KeyGenerator keyGen = KeyGenerator.getInstance("AES");
+        keyGen.init(256);
+        SecretKey aesKey = keyGen.generateKey();
+        
+        // V2
+        EncryptionMaterialsProvider materialsProvider = new StaticEncryptionMaterialsProvider(new EncryptionMaterials(aesKey));
+        AmazonS3EncryptionV2 v2Client = AmazonS3EncryptionClientV2.encryptionBuilder()
+                .withEncryptionMaterialsProvider(materialsProvider)
+                .build();
+
+        // V3
+        Keyring keyring = AesGcmKeyring.builder()
+                .wrappingKey(aesKey)
+                .build();
+
+        MaterialsManager materialsManager = DefaultMaterialsManager.builder()
+                .keyring(keyring)
+                .build();
+        S3Client v3Client = S3EncryptionClient.builder()
+                .materialsManager(materialsManager)
+                .build();
+    }
+}
+```
+
+#### V2 RSA Key Materials Provider to V3 RSA-OAEP Materials Manager and Keyring
+```java
+class Example {
+    public static void main(String[] args) {
+        KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("RSA");
+        keyPairGen.initialize(2048);
+        KeyPair rsaKey = keyPairGen.generateKeyPair();
+        
+        // V2
+        EncryptionMaterialsProvider materialsProvider = new StaticEncryptionMaterialsProvider(new EncryptionMaterials(rsaKey));
+        AmazonS3EncryptionV2 v2Client = AmazonS3EncryptionClientV2.encryptionBuilder()
+                .withEncryptionMaterialsProvider(materialsProvider)
+                .build();
+
+        // V3
+        Keyring keyring = RsaOaepKeyring.builder()
+                .wrappingKeyPair(rsaKey)
+                .build();
+
+        MaterialsManager materialsManager = DefaultMaterialsManager.builder()
+                .keyring(keyring)
+                .build();
+        S3Client v3Client = S3EncryptionClient.builder()
+                .materialsManager(materialsManager)
+                .build();
+    }
+}
+```
+
+#### V1 Key Materials Provider to V3 AES/GCM Materials Manager, Legacy AESWrap Keyring, and Keyring
+Since legacy algorithms are supported for decryption only, a non-legacy keyring is required for any writes.
+```java
+class Example {
+    public static void main(String[] args) {
+        KeyGenerator keyGen = KeyGenerator.getInstance("AES");
+        keyGen.init(256);
+        SecretKey aesKey = keyGen.generateKey();
+        
+        // V1
+        EncryptionMaterialsProvider materialsProvider = new StaticEncryptionMaterialsProvider(new EncryptionMaterials(aesKey));
+        AmazonS3Encryption v1Client = AmazonS3EncryptionClient.encryptionBuilder()
+                .withEncryptionMaterials(materialsProvider)
+                .build();
+
+        // V3
+        Keyring keyring = AesGcmKeyring.builder()
+                .wrappingKey(aesKey)
+                .build();
+        
+        Keyring legacyKeyring = AesWrapKeyring.builder()
+                .wrappingKey(aesKey)
+                .build();
+
+        MaterialsManager materialsManager = LegacyDecryptMaterialsManager.builder()
+                .keyring(keyring)
+                .legacyKeyring(legacyKeyring)
+                .build();
+        S3Client v3Client = S3EncryptionClient.builder()
+                .materialsManager(materialsManager)
+                .build();
+    }
+}
+```
+
+### Legacy Algorithms and Modes
+#### Content Encryption
+* AES/CBC
+#### Key Wrap Encryption
+* AESWrap
+* RSA-OAEP w/MGF-1 and SHA-256
+* KMS (without context)
+#### Encryption Metadata Storage
+* Instruction File
+
 ## Security
 
 See [CONTRIBUTING](CONTRIBUTING.md#security-issue-notifications) for more information.

src/main/java/software/amazon/encryption/s3/S3EncryptionClient.java

@@ -2,17 +2,14 @@
 
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
-import java.nio.charset.StandardCharsets;
 import java.security.InvalidAlgorithmParameterException;
 import java.security.InvalidKeyException;
 import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
 import java.util.Base64;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
-import java.util.Map.Entry;
 import javax.crypto.BadPaddingException;
 import javax.crypto.Cipher;
 import javax.crypto.IllegalBlockSizeException;
@@ -28,109 +25,55 @@
 import software.amazon.awssdk.http.AbortableInputStream;
 import software.amazon.awssdk.protocols.jsoncore.JsonNode;
 import software.amazon.awssdk.protocols.jsoncore.JsonNodeParser;
-import software.amazon.awssdk.protocols.jsoncore.JsonWriter;
-import software.amazon.awssdk.protocols.jsoncore.JsonWriter.JsonGenerationException;
 import software.amazon.awssdk.services.s3.S3Client;
 import software.amazon.awssdk.services.s3.model.GetObjectRequest;
 import software.amazon.awssdk.services.s3.model.GetObjectResponse;
-import software.amazon.awssdk.services.s3.model.InvalidObjectStateException;
-import software.amazon.awssdk.services.s3.model.NoSuchKeyException;
 import software.amazon.awssdk.services.s3.model.PutObjectRequest;
 import software.amazon.awssdk.services.s3.model.PutObjectResponse;
-import software.amazon.awssdk.services.s3.model.S3Exception;
 import software.amazon.awssdk.utils.IoUtils;
 import software.amazon.encryption.s3.algorithms.AlgorithmSuite;
-import software.amazon.encryption.s3.materials.DecryptionMaterials;
+import software.amazon.encryption.s3.internal.MetadataKey;
+import software.amazon.encryption.s3.internal.PutEncryptedObjectPipeline;
 import software.amazon.encryption.s3.materials.DecryptMaterialsRequest;
-import software.amazon.encryption.s3.materials.EncryptionMaterialsRequest;
+import software.amazon.encryption.s3.materials.DecryptionMaterials;
 import software.amazon.encryption.s3.materials.EncryptedDataKey;
-import software.amazon.encryption.s3.materials.EncryptionMaterials;
 import software.amazon.encryption.s3.materials.MaterialsManager;
 
 public class S3EncryptionClient implements S3Client {
 
     private final S3Client _wrappedClient;
     private final MaterialsManager _materialsManager;
 
-    public S3EncryptionClient(S3Client client, MaterialsManager materialsManager) {
-        _wrappedClient = client;
-        _materialsManager = materialsManager;
+    private S3EncryptionClient(Builder builder) {
+        _wrappedClient = builder._wrappedClient;
+        _materialsManager = builder._materialsManager;
+    }
+
+    public static Builder builder() {
+        return new Builder();
     }
 
     @Override
     public PutObjectResponse putObject(PutObjectRequest putObjectRequest, RequestBody requestBody)
-            throws AwsServiceException, SdkClientException, S3Exception {
-
-        // TODO: This is proof-of-concept code and needs to be refactored
+            throws AwsServiceException, SdkClientException {
 
-        // Get content encryption key
-        EncryptionMaterials materials = _materialsManager.getEncryptionMaterials(EncryptionMaterialsRequest.builder()
-                .build());
-        SecretKey contentKey = materials.dataKey();
-        // Encrypt content
-        byte[] iv = new byte[12]; // default GCM IV length
-        new SecureRandom().nextBytes(iv);
-
-        final String contentEncryptionAlgorithm = "AES/GCM/NoPadding";
-        final Cipher cipher;
-        try {
-            cipher = Cipher.getInstance(contentEncryptionAlgorithm);
-            cipher.init(Cipher.ENCRYPT_MODE, contentKey, new GCMParameterSpec(128, iv));
-        } catch (NoSuchAlgorithmException
-                 | NoSuchPaddingException
-                 | InvalidAlgorithmParameterException
-                 | InvalidKeyException e) {
-            throw new RuntimeException(e);
-        }
-
-        byte[] ciphertext;
-        try {
-            byte[] input = IoUtils.toByteArray(requestBody.contentStreamProvider().newStream());
-            ciphertext = cipher.doFinal(input);
-        } catch (IOException e) {
-            throw new RuntimeException(e);
-        } catch (IllegalBlockSizeException e) {
-            throw new RuntimeException(e);
-        } catch (BadPaddingException e) {
-            throw new RuntimeException(e);
-        }
-
-        // Save content metadata into request
-        Base64.Encoder encoder = Base64.getEncoder();
-        Map<String,String> metadata = new HashMap<>(putObjectRequest.metadata());
-        EncryptedDataKey edk = materials.encryptedDataKeys().get(0);
-        metadata.put("x-amz-key-v2", encoder.encodeToString(edk.ciphertext()));
-        metadata.put("x-amz-iv", encoder.encodeToString(iv));
-        metadata.put("x-amz-matdesc", /* TODO: JSON encoded */ "{}");
-        metadata.put("x-amz-cek-alg", contentEncryptionAlgorithm);
-        metadata.put("x-amz-tag-len", /* TODO: take from algo suite */ "128");
-        metadata.put("x-amz-wrap-alg", edk.keyProviderId());
-
-        try (JsonWriter jsonWriter = JsonWriter.create()) {
-            jsonWriter.writeStartObject();
-            for (Entry<String,String> entry : materials.encryptionContext().entrySet()) {
-                jsonWriter.writeFieldName(entry.getKey()).writeValue(entry.getValue());
-            }
-            jsonWriter.writeEndObject();
-
-            String jsonEncryptionContext = new String(jsonWriter.getBytes(), StandardCharsets.UTF_8);
-            metadata.put("x-amz-matdesc", jsonEncryptionContext);
-        } catch (JsonGenerationException e) {
-            throw new RuntimeException(e);
-        }
-
-        putObjectRequest = putObjectRequest.toBuilder().metadata(metadata).build();
+        PutEncryptedObjectPipeline pipeline = PutEncryptedObjectPipeline.builder()
+                .s3Client(_wrappedClient)
+                .materialsManager(_materialsManager)
+                .build();
 
-        return _wrappedClient.putObject(putObjectRequest, RequestBody.fromBytes(ciphertext));
+        return pipeline.putObject(putObjectRequest, requestBody);
     }
 
     @Override
-    public <T> T getObject(GetObjectRequest getObjectRequest, ResponseTransformer<GetObjectResponse, T> responseTransformer)
-            throws NoSuchKeyException, InvalidObjectStateException, AwsServiceException, SdkClientException, S3Exception {
+    public <T> T getObject(GetObjectRequest getObjectRequest,
+            ResponseTransformer<GetObjectResponse, T> responseTransformer)
+            throws AwsServiceException, SdkClientException {
 
         // TODO: This is proof-of-concept code and needs to be refactored
 
-        ResponseInputStream<GetObjectResponse> objectStream =  _wrappedClient.getObject(getObjectRequest);
+        ResponseInputStream<GetObjectResponse> objectStream = _wrappedClient.getObject(
+                getObjectRequest);
         byte[] output;
         try {
             output = IoUtils.toByteArray(objectStream);
@@ -143,8 +86,8 @@ public <T> T getObject(GetObjectRequest getObjectRequest, ResponseTransformer<Ge
 
         // Build encrypted data key
         Base64.Decoder decoder = Base64.getDecoder();
-        byte[] edkCiphertext = decoder.decode(metadata.get("x-amz-key-v2"));
-        String keyProviderId = metadata.get("x-amz-wrap-alg");
+        byte[] edkCiphertext = decoder.decode(metadata.get(MetadataKey.ENCRYPTED_DATA_KEY));
+        String keyProviderId = metadata.get(MetadataKey.ENCRYPTED_DATA_KEY_ALGORITHM);
         EncryptedDataKey edk = EncryptedDataKey.builder()
                 .ciphertext(edkCiphertext)
                 .keyProviderId(keyProviderId)
@@ -153,7 +96,7 @@ public <T> T getObject(GetObjectRequest getObjectRequest, ResponseTransformer<Ge
 
         // Get encryption context
         final Map<String, String> encryptionContext = new HashMap<>();
-        final String jsonEncryptionContext = metadata.get("x-amz-matdesc");
+        final String jsonEncryptionContext = metadata.get(MetadataKey.ENCRYPTED_DATA_KEY_CONTEXT);
         try {
             JsonNodeParser parser = JsonNodeParser.create();
             JsonNode objectNode = parser.parse(jsonEncryptionContext);
@@ -166,14 +109,15 @@ public <T> T getObject(GetObjectRequest getObjectRequest, ResponseTransformer<Ge
         }
 
         // Get decryption materials
-        final String contentEncryptionAlgorithm = metadata.get("x-amz-cek-alg");
+        final String contentEncryptionAlgorithm = metadata.get(MetadataKey.CONTENT_CIPHER);
         AlgorithmSuite algorithmSuite = null;
         if (contentEncryptionAlgorithm.equals("AES/GCM/NoPadding")) {
-            algorithmSuite = AlgorithmSuite.ALG_AES_256_GCM_IV12_TAG16_NO_KDF;;
+            algorithmSuite = AlgorithmSuite.ALG_AES_256_GCM_IV12_TAG16_NO_KDF;
         }
 
         if (algorithmSuite == null) {
-            throw new RuntimeException("Unknown content encryption algorithm: " + contentEncryptionAlgorithm);
+            throw new RuntimeException(
+                    "Unknown content encryption algorithm: " + contentEncryptionAlgorithm);
         }
 
         DecryptMaterialsRequest request = DecryptMaterialsRequest.builder()
@@ -185,8 +129,8 @@ public <T> T getObject(GetObjectRequest getObjectRequest, ResponseTransformer<Ge
 
         // Get content encryption information
         SecretKey contentKey = new SecretKeySpec(materials.plaintextDataKey(), "AES");
-        final int tagLength = Integer.parseInt(metadata.get("x-amz-tag-len"));
-        byte[] iv = decoder.decode(metadata.get("x-amz-iv"));
+        final int tagLength = Integer.parseInt(metadata.get(MetadataKey.CONTENT_CIPHER_TAG_LENGTH));
+        byte[] iv = decoder.decode(metadata.get(MetadataKey.CONTENT_NONCE));
         final Cipher cipher;
         byte[] plaintext;
         try {
@@ -221,4 +165,25 @@ public String serviceName() {
     public void close() {
         _wrappedClient.close();
     }
+
+    public static class Builder {
+        private S3Client _wrappedClient = S3Client.builder().build();
+        private MaterialsManager _materialsManager;
+
+        private Builder() {}
+
+        public Builder wrappedClient(S3Client wrappedClient) {
+            this._wrappedClient = wrappedClient;
+            return this;
+        }
+
+        public Builder materialsManager(MaterialsManager materialsManager) {
+            this._materialsManager = materialsManager;
+            return this;
+        }
+
+        public S3EncryptionClient build() {
+            return new S3EncryptionClient(this);
+        }
+    }
 }

…/encryption/s3/algorithms/Constants.java …on/s3/algorithms/AlgorithmConstants.javasrc/main/java/software/amazon/encryption/s3/algorithms/Constants.java renamed to src/main/java/software/amazon/encryption/s3/algorithms/AlgorithmConstants.java src/main/java/software/amazon/encryption/s3/algorithms/Constants.java renamed to src/main/java/software/amazon/encryption/s3/algorithms/AlgorithmConstants.java

@@ -1,6 +1,6 @@
 package software.amazon.encryption.s3.algorithms;
 
-class Constants {
+class AlgorithmConstants {
     // Maximum length of the content that can be encrypted in GCM mode.
     static final long GCM_MAX_CONTENT_LENGTH_BITS = (1L<<39) - 256;
 }

src/main/java/software/amazon/encryption/s3/algorithms/AlgorithmSuite.java

@@ -9,7 +9,7 @@ public enum AlgorithmSuite {
             128,
             96,
             128,
-            Constants.GCM_MAX_CONTENT_LENGTH_BITS);
+            AlgorithmConstants.GCM_MAX_CONTENT_LENGTH_BITS);
 
     private int _id;
     private String _dataKeyAlgorithm;
@@ -51,6 +51,10 @@ public String cipherName() {
         return _cipherName;
     }
 
+    public int cipherTagLengthBits() {
+        return _cipherTagLengthBits;
+    }
+
     public int nonceLengthBytes() {
         return _cipherNonceLengthBits / 8;
     }