testing whether v2 does or doesn't translate additional parameters for MPU + instructionFile

Anirav Kareddy · Anirav Kareddy · commit 9c1c50d72189 · 2025-05-28T09:09:31.000-07:00
diff --git a/src/test/java/software/amazon/encryption/s3/S3EncryptionClientCompatibilityTest.java b/src/test/java/software/amazon/encryption/s3/S3EncryptionClientCompatibilityTest.java
@@ -15,9 +15,15 @@
 import com.amazonaws.services.s3.model.EncryptedPutObjectRequest;
 import com.amazonaws.services.s3.model.EncryptionMaterials;
 import com.amazonaws.services.s3.model.EncryptionMaterialsProvider;
+import com.amazonaws.services.s3.model.GetObjectMetadataRequest;
+import com.amazonaws.services.s3.model.InitiateMultipartUploadRequest;
+import com.amazonaws.services.s3.model.InitiateMultipartUploadResult;
 import com.amazonaws.services.s3.model.KMSEncryptionMaterials;
 import com.amazonaws.services.s3.model.KMSEncryptionMaterialsProvider;
+import com.amazonaws.services.s3.model.ObjectMetadata;
 import com.amazonaws.services.s3.model.StaticEncryptionMaterialsProvider;
+import com.amazonaws.services.s3.model.StorageClass;
+import com.amazonaws.services.s3.model.UploadObjectRequest;
 import org.junit.jupiter.api.BeforeAll;
 import org.junit.jupiter.api.Test;
 import software.amazon.awssdk.core.ResponseBytes;
@@ -28,20 +34,25 @@
 import software.amazon.awssdk.services.s3.model.MetadataDirective;
 import software.amazon.awssdk.services.s3.model.PutObjectRequest;
 import software.amazon.encryption.s3.internal.InstructionFileConfig;
+import software.amazon.encryption.s3.utils.BoundedInputStream;
 
 import javax.crypto.KeyGenerator;
 import javax.crypto.SecretKey;
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
+import java.io.InputStream;
 import java.nio.charset.StandardCharsets;
 import java.security.KeyPair;
 import java.security.KeyPairGenerator;
 import java.security.NoSuchAlgorithmException;
 import java.util.HashMap;
 import java.util.Map;
+import java.util.concurrent.ExecutionException;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotEquals;
 import static org.junit.jupiter.api.Assertions.assertThrows;
+import static software.amazon.encryption.s3.S3EncryptionClient.builder;
 import static software.amazon.encryption.s3.S3EncryptionClient.withAdditionalConfiguration;
 import static software.amazon.encryption.s3.utils.S3EncryptionClientTestResources.BUCKET;
 import static software.amazon.encryption.s3.utils.S3EncryptionClientTestResources.KMS_KEY_ID;
@@ -127,6 +138,7 @@ public void AesWrapV1toV3() {
 
         // Asserts
         final String input = "AesGcmV1toV3";
+        System.out.println(System.getenv("AWS_S3EC_TEST_BUCKET"));
         v1Client.putObject(BUCKET, objectKey, input);
 
         ResponseBytes<GetObjectResponse> objectResponse = v3Client.getObjectAsBytes(builder -> builder
@@ -210,6 +222,39 @@ public void AesGcmV2toV3WithInstructionFile() {
         deleteObject(BUCKET, objectKey, v3Client);
         v3Client.close();
     }
+    @Test
+    public void multipartPutObjectWithOptionsAndInstructionFileV2() throws IOException, InterruptedException, ExecutionException {
+        final String objectKey = appendTestSuffix("multipart-put-object-with-options-and-instruction-file-v2");
+        final long fileSizeLimit = 1024 * 1024 * 10; //sets file size limit to 10 MB
+        final InputStream inputStream = new BoundedInputStream(fileSizeLimit);
+
+        //Now, we will create encryption client (v2) with instruction file config enabled and multipart upload enabled
+        EncryptionMaterialsProvider materialsProvider =
+                new StaticEncryptionMaterialsProvider(new EncryptionMaterials(AES_KEY));
+        CryptoConfigurationV2 cryptoConfig =
+                new CryptoConfigurationV2(CryptoMode.StrictAuthenticatedEncryption)
+                        .withStorageMode(CryptoStorageMode.InstructionFile);
+        AmazonS3EncryptionV2 v2Client = AmazonS3EncryptionClientV2.encryptionBuilder()
+                .withCryptoConfiguration(cryptoConfig)
+                .withEncryptionMaterialsProvider(materialsProvider)
+                .build();
+        UploadObjectRequest uploadObjectRequest = new UploadObjectRequest("s3ec-github-test-bucket-597133212884", objectKey, inputStream, new ObjectMetadata())
+                .withPartSize(1024 * 1024 * 5)
+                .withStorageClass(StorageClass.Glacier);
+        v2Client.uploadObject(uploadObjectRequest);
+
+        //Assert that the storage class on main object matches "GLACIER"
+        GetObjectMetadataRequest mainObjectRequest = new GetObjectMetadataRequest("s3ec-github-test-bucket-597133212884", objectKey);
+        ObjectMetadata  mainObjectMetadata = v2Client.getObjectMetadata(mainObjectRequest);
+        assertEquals("GLACIER", mainObjectMetadata.getStorageClass());
+
+        //Assert that the instruction file does not contain storage class (V2)
+        GetObjectMetadataRequest  instructionObjectRequest = new GetObjectMetadataRequest("s3ec-github-test-bucket-597133212884", objectKey + ".instruction");
+        ObjectMetadata instructionFileMetadata = v2Client.getObjectMetadata(instructionObjectRequest);
+
+        assertNotEquals("GLACIER", instructionFileMetadata.getStorageClass());
+
+    }
 
     @Test
     public void AesGcmV3toV1() {
