added fixes based on PR

Author: Anirav Kareddy

src/main/java/software/amazon/encryption/s3/S3EncryptionClient.java

@@ -222,6 +222,10 @@ public ReEncryptInstructionFileResponse reEncryptInstructionFile(ReEncryptInstru
           .key(reEncryptInstructionFileRequest.key())
           .build();
 
+        if (!_instructionFileConfig.isInstructionFilePutEnabled()) {
+            throw new S3EncryptionClientException("Instruction file put operations must be enabled to re-encrypt instruction files");
+        }
+
         ResponseInputStream<GetObjectResponse> response = this.getObject(request);
         ContentMetadataDecodingStrategy decodingStrategy = new ContentMetadataDecodingStrategy(_instructionFileConfig);
         ContentMetadata contentMetadata = decodingStrategy.decode(request, response.response());

src/main/java/software/amazon/encryption/s3/internal/InstructionFileConfig.java

@@ -45,7 +45,7 @@ public enum InstructionFileClientType {
         ASYNC
     }
 
-    boolean isInstructionFilePutEnabled() {
+    public boolean isInstructionFilePutEnabled() {
         return _enableInstructionFilePut;
     }
 

src/main/java/software/amazon/encryption/s3/internal/ReEncryptInstructionFileRequest.java

@@ -7,6 +7,7 @@
 import software.amazon.encryption.s3.S3EncryptionClientException;
 import software.amazon.encryption.s3.materials.AesKeyring;
 import software.amazon.encryption.s3.materials.RawKeyring;
+import software.amazon.encryption.s3.materials.RsaKeyring;
 
 /**
  * Request object for re-encrypting instruction files in S3.
@@ -162,10 +163,10 @@ public ReEncryptInstructionFileRequest build() {
       if (newKeyring == null) {
         throw new S3EncryptionClientException("New keyring must be provided!");
       }
-      if (newKeyring instanceof AesKeyring) {
+      if (!(newKeyring instanceof RsaKeyring)) {
         if (!instructionFileSuffix.equals(DEFAULT_INSTRUCTION_FILE_SUFFIX)) {
           throw new S3EncryptionClientException(
-            "Custom Instruction file suffix is not applicable for AES keyring!"
+            "Custom Instruction file suffix is only applicable for RSA keyring!"
           );
         }
       }

src/test/java/software/amazon/encryption/s3/S3EncryptionClientReEncryptInstructionFileTest.java

@@ -283,6 +283,81 @@ public void testAesReEncryptInstructionFileRejectsCustomInstructionFileSuffix()
     deleteObject(BUCKET, objectKey, client);
   }
 
+  @Test
+  public void testReEncryptInstructionFileFailsWhenInstructionFilePutNotEnabled() {
+    PublicKey originalPublicKey = RSA_KEY_PAIR.getPublic();
+    PrivateKey originalPrivateKey = RSA_KEY_PAIR.getPrivate();
+
+    PartialRsaKeyPair originalPartialRsaKeyPair = PartialRsaKeyPair
+      .builder()
+      .publicKey(originalPublicKey)
+      .privateKey(originalPrivateKey)
+      .build();
+
+    RsaKeyring oldKeyring = RsaKeyring
+      .builder()
+      .wrappingKeyPair(originalPartialRsaKeyPair)
+      .materialsDescription(
+        MaterialsDescription.builder().put("rotated", "no").build()
+      )
+      .build();
+
+    S3Client wrappedClient = S3Client.create();
+    S3EncryptionClient client = S3EncryptionClient
+      .builder()
+      .keyring(oldKeyring)
+      .instructionFileConfig(
+        InstructionFileConfig
+          .builder()
+          .instructionFileClient(wrappedClient)
+          .build()
+      )
+      .build();
+
+    final String objectKey = appendTestSuffix(
+      "rsa-re-encrypt-instruction-file"
+    );
+
+    PublicKey newPublicKey = RSA_KEY_PAIR_TWO.getPublic();
+    PrivateKey newPrivateKey = RSA_KEY_PAIR_TWO.getPrivate();
+
+    PartialRsaKeyPair newPartialRsaKeyPair = PartialRsaKeyPair
+      .builder()
+      .publicKey(newPublicKey)
+      .privateKey(newPrivateKey)
+      .build();
+
+    RsaKeyring newKeyring = RsaKeyring
+      .builder()
+      .wrappingKeyPair(newPartialRsaKeyPair)
+      .materialsDescription(
+        MaterialsDescription.builder().put("rotated", "yes").build()
+      )
+      .build();
+
+    ReEncryptInstructionFileRequest reEncryptInstructionFileRequest =
+      ReEncryptInstructionFileRequest
+        .builder()
+        .bucket(BUCKET)
+        .key(objectKey)
+        .newKeyring(newKeyring)
+        .build();
+
+    try {
+      ReEncryptInstructionFileResponse response =
+        client.reEncryptInstructionFile(reEncryptInstructionFileRequest);
+    } catch (S3EncryptionClientException e) {
+      System.out.println(e.getMessage());
+      assertTrue(
+        e
+          .getMessage()
+          .contains(
+            "Instruction file put operations must be enabled to re-encrypt instruction files"
+          )
+      );
+    }
+  }
+
   @Test
   public void testAesKeyringReEncryptInstructionFile() {
     AesKeyring oldKeyring = AesKeyring