Seebees/instruction files#103
Conversation
Update Go for instruction file failures
Update PHP v3 to support failure on bad instruction files
seebees
force-pushed
the
seebees/instruction-files
branch
from
8564447 to
c7f19ec
Compare
lucasmcdonald3
left a comment
lucasmcdonald3
left a comment
There was a problem hiding this comment.
The high-level test coverage of ranged gets and re-encrypt LGTM
| @@ -1,23 +1,89 @@ | |||
| /* | |||
There was a problem hiding this comment.
maybe. I left it on purpose because adding concurrency to cpp was such a PITA
| ); | ||
| } | ||
|
|
||
| @ParameterizedTest(name = "{0}: Fail to decrypt RSA duplicate commitment with FORBID_ENCRYPT_ALLOW_DECRYPT policy") |
There was a problem hiding this comment.
Why should explicit FORBID_ENCRYPT_ALLOW_DECRYPT be a separate test from the tests above that don't configure commitment policy? Is this redundant or is it incomplete (i.e. should we remove this, or should we add 2 more explicit tests for the other commitment policies?)
There was a problem hiding this comment.
When I first went over the tests, I added it from paranoia. So I would lean towards adding the other copies. But I would prefer to do all this work as we review a complete test plan. As opposed to dealing with individual items here in this already large heap of tests :)
| .filter(target -> RAW_RSA_SUPPORTED.contains(((LanguageServerTarget) target.get()[0]).getLanguageName())); | ||
| return Stream.concat(improved, transition); | ||
| } | ||
|
|
There was a problem hiding this comment.
nit/unrelated to this specific PR: a bunch of the parameterization methods below don't seem to be used e.g.
encryptImprovedDecryptTransition
encryptTransitionDecryptImproved
encryptImprovedDecryptCurrent
We should clean those up / consolidate client providers if possible.
There was a problem hiding this comment.
I agree. I would leave this for the full test plan review. I want to work out a good way to organize things so that our projects with large numbers of tests can be understood.
|
|
||
| @ParameterizedTest(name = "{0}: Improved configured with RequireEncryptRequireDecrypt should encrypt KC-GCM (instruction file)") | ||
| @MethodSource("software.amazon.encryption.s3.TestUtils#improvedClientsForTest") | ||
| void improved_configured_with_require_encrypt_require_decrypt_should_encrypt_kc_gcm_ins_file( |
There was a problem hiding this comment.
| void improved_configured_with_require_encrypt_require_decrypt_should_encrypt_kc_gcm_ins_file( | |
| void improved_configured_with_require_encrypt_require_decrypt_should_encrypt_kc_gcm_ins_file_rsa( |
|
|
||
| @ParameterizedTest(name = "{0}: Improved configured with RequireEncryptAllowDecrypt should encrypt KC-GCM") | ||
| @MethodSource("software.amazon.encryption.s3.TestUtils#improvedClientsForTest") | ||
| void improved_configured_with_require_encrypt_allow_decrypt_should_encrypt_kc_gcm( |
There was a problem hiding this comment.
| void improved_configured_with_require_encrypt_allow_decrypt_should_encrypt_kc_gcm( | |
| void improved_configured_with_require_encrypt_allow_decrypt_should_encrypt_kc_gcm_kms( |
|
|
||
| @ParameterizedTest(name = "{0}: Improved configured with RequireEncryptRequireDecrypt should encrypt KC-GCM") | ||
| @MethodSource("software.amazon.encryption.s3.TestUtils#improvedClientsForTest") | ||
| void improved_configured_with_require_encrypt_require_decrypt_should_encrypt_kc_gcm( |
There was a problem hiding this comment.
| void improved_configured_with_require_encrypt_require_decrypt_should_encrypt_kc_gcm( | |
| void improved_configured_with_require_encrypt_require_decrypt_should_encrypt_kc_gcm_kms( |
| CreateClientOutput clientOutput = client.createClient(CreateClientInput.builder() | ||
| .config(S3ECConfig.builder() | ||
| .keyMaterial(kmsKeyArn) | ||
| // .commitmentPolicy(CommitmentPolicy.FORBID_ENCRYPT_ALLOW_DECRYPT) |
There was a problem hiding this comment.
| // .commitmentPolicy(CommitmentPolicy.FORBID_ENCRYPT_ALLOW_DECRYPT) |
There was a problem hiding this comment.
I like this -- makes it clear what default should be
|
|
||
| @ParameterizedTest(name = "{0}: Transition configured with the default should decrypt KC-GCM") | ||
| @MethodSource("software.amazon.encryption.s3.TestUtils#transitionClientsForTest") | ||
| void transition_configured_with_the_default_should_decrypt_kc_gcm( |
There was a problem hiding this comment.
| void transition_configured_with_the_default_should_decrypt_kc_gcm( | |
| void transition_configured_with_the_default_should_decrypt_kc_gcm_kms( |
|
|
||
| @ParameterizedTest(name = "{0}: Transition configured with default should decrypt KC-GCM (instruction file)") | ||
| @MethodSource("software.amazon.encryption.s3.TestUtils#transitionClientsForTest") | ||
| void transition_configured_with_require_encrypt_require_decrypt_should_decrypt_kc_gcm_ins_file( |
There was a problem hiding this comment.
| void transition_configured_with_require_encrypt_require_decrypt_should_decrypt_kc_gcm_ins_file( | |
| void transition_configured_with_require_encrypt_require_decrypt_should_decrypt_kc_gcm_ins_file_rsa( |
| String instructionFileSuffix | ||
| ) { | ||
| if (crossLanguageObjects.isEmpty()) { | ||
| throw new AssertionError("There is nothing to decrypt"); |
There was a problem hiding this comment.
nit:
| throw new AssertionError("There is nothing to decrypt"); | |
| fail("There is nothing to decrypt"); |
| Set.of(PYTHON_V3); | ||
|
|
||
| // Languages that support custom instruction file suffix on GetObject | ||
| // Only Java, Ruby, and PHP servers have been updated with this feature |
There was a problem hiding this comment.
I believe Go is the only other S3EC implementation that supports custom suffix on Get,
C++ and .NET client don't support it.
We might want to comment that here to make it clear what is a current gap vs. not expected to be implemented.
There was a problem hiding this comment.
added "a current gap". I don't know how Go works off the top of my head. I'd like to come back and add Go if it is supported and I missed it.
There was a problem hiding this comment.
Go does not support custom instruction file suffixes on get
| materialsDescription = builder.build(); | ||
| } | ||
|
|
||
| // Check for AES key |
There was a problem hiding this comment.
a lot of this code is duplicated between here are CreateClientOperation
(and across servers...though that would be a longer term effort)
There was a problem hiding this comment.
Yup. I agree. It could be cleaner.
| S3Client s3Client = clientCache_.get(input.getClientID()); | ||
|
|
||
| // Ensure we have an S3EncryptionClient, not just a plain S3Client | ||
| if (!(s3Client instanceof S3EncryptionClient)) { |
There was a problem hiding this comment.
muse: I don't think we need to do this now but probably we should have a S3EncryptionClient specific cache and a S3Client cache that validates against S3EC instances being added. In any case I don't think we ever put non-encrypted clients in the cache so this seems somewhat superfluous (but fine I guess)
| S3EncryptionClient s3EncryptionClient = (S3EncryptionClient) s3Client; | ||
|
|
||
| // Get the keyring from cache and cast to RawKeyring | ||
| software.amazon.encryption.s3.materials.Keyring cachedKeyring = keyringCache_.get(input.getClientID()); |
There was a problem hiding this comment.
Erm, why does only java-v3-transition use the keyring cache,
(which is the same keyring the client was created with, which doesn't make sense?)
while the other Java servers construct the keyring from the material in the ReEncrypt request?
There was a problem hiding this comment.
this is troublesome. I'm going to look more into this. Grrrrrrr.
5 participants
Adding failing instruction file tests
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.