From b20947c18de2f3d32ccf9e83a8148b93a52d200d Mon Sep 17 00:00:00 2001 From: Lucas McDonald Date: Fri, 26 Sep 2025 11:27:39 -0700 Subject: [PATCH 1/5] m --- .../amazon/encryption/s3/TestUtils.java | 119 +++++++++++++++--- 1 file changed, 101 insertions(+), 18 deletions(-) diff --git a/test-server/java-tests/src/it/java/software/amazon/encryption/s3/TestUtils.java b/test-server/java-tests/src/it/java/software/amazon/encryption/s3/TestUtils.java index 2e78d9e5..134e631d 100644 --- a/test-server/java-tests/src/it/java/software/amazon/encryption/s3/TestUtils.java +++ b/test-server/java-tests/src/it/java/software/amazon/encryption/s3/TestUtils.java @@ -30,18 +30,40 @@ import software.amazon.smithy.java.http.api.HttpResponse; public class TestUtils { - // Language constants - public static final String JAVA_V3 = "Java-V3"; + + // Version name constants + // Each language can have up to 3 versions: + // vN-Current: Currently released version. Does not support setting commitment policy. + // vN-Transition: Proposed feature release version. Supports reading messages encrypted with key commitment. + // vN+1: Proposed breaking release version. Supports reading/writing messages encrypted with key commitment. + + public static final String JAVA_V3_CURRENT = "Java-V3-Current"; + public static final String JAVA_V3_TRANSITION = "Java-V3-Transition"; + public static final String JAVA_V4 = "Java-V4"; + + // No Python S3EC versions are released. Only test V3 as the "vN+1" version. public static final String PYTHON_V3 = "Python-V3"; - public static final String GO_V3 = "Go-V3"; - public static final String CPP_V2 = "CPP-V2"; - public static final String NET_V2 = "NET-V2"; + + public static final String GO_V3_CURRENT = "Go-V3-Current"; + public static final String GO_V3_TRANSITION = "Go-V3-Transition"; + public static final String GO_V4 = "Go-V4"; + + public static final String NET_V2_CURRENT = "NET-V2-Current"; + public static final String NET_V2_TRANSITION = "NET-V2-Transition"; public static final String NET_V3 = "NET-V3"; - public static final String PHP_V2 = "PHP-V2"; - public static final String PHP_V3 = "PHP-V3"; - public static final String RUBY_V2 = "Ruby-V2"; + + public static final String CPP_V2_CURRENT = "CPP-V2-Current"; + public static final String CPP_V2_TRANSITION = "CPP-V2-Transition"; + public static final String CPP_V3 = "CPP-V3"; + + public static final String RUBY_V2_CURRENT = "Ruby-V2-Current"; + public static final String RUBY_V2_TRANSITION = "Ruby-V2-Transition"; public static final String RUBY_V3 = "Ruby-V3"; - + + public static final String PHP_V2_CURRENT = "PHP-V2-Current"; + public static final String PHP_V2_TRANSITION = "PHP-V2-Transition"; + public static final String PHP_V3 = "PHP-V3"; + // Test configuration constants public static final String KMS_KEY_ARN = System.getenv("TEST_SERVER_KMS_KEY_ARN") != null ? System.getenv("TEST_SERVER_KMS_KEY_ARN") : "arn:aws:kms:us-west-2:370957321024:alias/S3EC-Test-Server-Github-KMS-Key"; @@ -51,25 +73,62 @@ public class TestUtils { // Sets of unsupported features by language public static final Set ENCRYPTION_CONTEXT_ON_DECRYPT_UNSUPPORTED = - Set.of(GO_V3, PHP_V2, PHP_V3, NET_V2, NET_V3); + Set.of(GO_V3_CURRENT, PHP_V2_CURRENT, PHP_V3, NET_V2_CURRENT, NET_V3); public static final Set ENCRYPTION_CONTEXT_ON_ENCRYPT_UNSUPPORTED = - Set.of(NET_V2, NET_V3); + Set.of(NET_V2_CURRENT, NET_V3); + + public static final Set CURRENT_VERSIONS = + Set.of( + JAVA_V3_CURRENT, + GO_V3_CURRENT, + NET_V2_CURRENT, + CPP_V2_CURRENT, + RUBY_V2_CURRENT, + PHP_V2_CURRENT + ); + + public static final Set TRANSITION_VERSIONS = + Set.of( + JAVA_V3_TRANSITION, + GO_V3_TRANSITION, + NET_V2_TRANSITION, + CPP_V2_TRANSITION, + RUBY_V2_TRANSITION, + PHP_V2_TRANSITION + ); + + public static final Set IMPROVED_VERSIONS = + Set.of( + JAVA_V4, + PYTHON_V3, + GO_V4, + NET_V3, + CPP_V3, + RUBY_V3, + PHP_V3 + ); private static final Map serverMap; static { final Map servers = new LinkedHashMap<>(); - servers.put(JAVA_V3, new LanguageServerTarget(JAVA_V3, "8080")); + servers.put(JAVA_V3_CURRENT, new LanguageServerTarget(JAVA_V3_CURRENT, "8080")); servers.put(PYTHON_V3, new LanguageServerTarget(PYTHON_V3, "8081")); - servers.put(GO_V3, new LanguageServerTarget(GO_V3, "8082")); - servers.put(NET_V2, new LanguageServerTarget(NET_V2, "8083")); + servers.put(GO_V3_CURRENT, new LanguageServerTarget(GO_V3_CURRENT, "8082")); + servers.put(NET_V2_CURRENT, new LanguageServerTarget(NET_V2_CURRENT, "8083")); servers.put(NET_V3, new LanguageServerTarget(NET_V3, "8084")); - servers.put(CPP_V2, new LanguageServerTarget(CPP_V2, "8085")); - servers.put(PHP_V2, new LanguageServerTarget(PHP_V2, "8087")); - servers.put(PHP_V3, new LanguageServerTarget(PHP_V3, "8093")); - servers.put(RUBY_V2, new LanguageServerTarget(RUBY_V2, "8086")); + servers.put(CPP_V2_CURRENT, new LanguageServerTarget(CPP_V2_CURRENT, "8085")); + servers.put(RUBY_V2_CURRENT, new LanguageServerTarget(RUBY_V2_CURRENT, "8086")); + servers.put(PHP_V2_CURRENT, new LanguageServerTarget(PHP_V2_CURRENT, "8087")); servers.put(RUBY_V3, new LanguageServerTarget(RUBY_V3, "8092")); + servers.put(PHP_V3, new LanguageServerTarget(PHP_V3, "8093")); + servers.put(JAVA_V3_TRANSITION, new LanguageServerTarget(JAVA_V3_TRANSITION, "8094")); + servers.put(GO_V3_TRANSITION, new LanguageServerTarget(GO_V3_TRANSITION, "8095")); + servers.put(NET_V2_TRANSITION, new LanguageServerTarget(NET_V2_TRANSITION, "8096")); + servers.put(CPP_V2_TRANSITION, new LanguageServerTarget(CPP_V2_TRANSITION, "8097")); + servers.put(RUBY_V2_TRANSITION, new LanguageServerTarget(RUBY_V2_TRANSITION, "8098")); + servers.put(PHP_V2_TRANSITION, new LanguageServerTarget(PHP_V2_TRANSITION, "8099")); serverMap = filterServers(servers); } @@ -221,6 +280,30 @@ public static Stream clientsForTest() { .map(Arguments::of); } + /** + * Get stream of arguments for current version clients for testing. + */ + public static Stream currentClientsForTest() { + return clientsForTest() + .filter(arg -> CURRENT_VERSIONS.contains(arg.get()[0])); + } + + /** + * Get stream of arguments for transition version clients for testing. + */ + public static Stream transitionClientsForTest() { + return clientsForTest() + .filter(arg -> TRANSITION_VERSIONS.contains(arg.get()[0])); + } + + /** + * Get stream of arguments for improved version clients for testing. + */ + public static Stream improvedClientsForTest() { + return clientsForTest() + .filter(arg -> IMPROVED_VERSIONS.contains(arg.get()[0])); + } + /** * Provides a stream of arguments for parameterized tests that test cross-language compatibility * @return Stream of Arguments containing pairs of LanguageServerTarget for encryption and decryption From d4fe693aeaf3fe59f04261c8907d0206d8af2fc8 Mon Sep 17 00:00:00 2001 From: Lucas McDonald Date: Fri, 26 Sep 2025 13:07:20 -0700 Subject: [PATCH 2/5] m --- .../software/amazon/encryption/s3/RoundTripTests.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/test-server/java-tests/src/it/java/software/amazon/encryption/s3/RoundTripTests.java b/test-server/java-tests/src/it/java/software/amazon/encryption/s3/RoundTripTests.java index 3b6b664d..1c8f839e 100644 --- a/test-server/java-tests/src/it/java/software/amazon/encryption/s3/RoundTripTests.java +++ b/test-server/java-tests/src/it/java/software/amazon/encryption/s3/RoundTripTests.java @@ -178,7 +178,7 @@ public void crossLanguageTestKmsWithSubsetEncCtxFails(LanguageServerTarget encLa .build()); fail("Expected exception!"); } catch (S3EncryptionClientError e) { - if (decLang.getLanguageName().equals(RUBY_V3) || decLang.getLanguageName().equals(RUBY_V2)) { + if (decLang.getLanguageName().equals(RUBY_V3) || decLang.getLanguageName().equals(RUBY_V2_CURRENT)) { assertTrue(e.getMessage().contains("Value of encryption context from envelope does not match the provided encryption context")); } else { assertTrue(e.getMessage().contains("Provided encryption context does not match information retrieved from S3")); @@ -234,7 +234,7 @@ public void crossLanguageTestKmsWithIncorrectEncCtxFails(LanguageServerTarget en .build()); fail("Expected exception!"); } catch (S3EncryptionClientError e) { - if (decLang.getLanguageName().equals(RUBY_V3) || decLang.getLanguageName().equals(RUBY_V2)) { + if (decLang.getLanguageName().equals(RUBY_V3) || decLang.getLanguageName().equals(RUBY_V2_CURRENT)) { assertTrue(e.getMessage().contains("Value of encryption context from envelope does not match the provided encryption context")); } else { assertTrue(e.getMessage().contains("Provided encryption context does not match information retrieved from S3")); @@ -374,11 +374,11 @@ public void kmsV1LegacyFailsWhenLegacyDisabled(String language) { .build()); fail("Expected Exception"); } catch (S3EncryptionClientError e) { - if (language.equals(NET_V3) || language.equals(NET_V2) || language.equals(CPP_V2)) { + if (language.equals(NET_V3) || language.equals(NET_V2_CURRENT) || language.equals(CPP_V2_CURRENT)) { assertTrue(e.getMessage().contains( "The requested object is encrypted with V1 encryption schemas that have been disabled by client configuration" )); - } else if (language.equals(RUBY_V3) || language.equals(RUBY_V2)) { + } else if (language.equals(RUBY_V3) || language.equals(RUBY_V2_CURRENT)) { assertTrue(e.getMessage().contains("The requested object is encrypted with V1 encryption schemas that have been disabled by client configuration security_profile = :v2. Retry with :v2_and_legacy or re-encrypt the object.")); } else { assertTrue(e.getMessage().contains("Enable legacy wrapping algorithms to use legacy key wrapping algorithm: kms")); From 2c23d4d4c3bd4c49618358e4c790059672e80337 Mon Sep 17 00:00:00 2001 From: Lucas McDonald Date: Fri, 26 Sep 2025 15:32:28 -0700 Subject: [PATCH 3/5] m --- .github/workflows/test.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 49b125ef..d2c1db4d 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -105,3 +105,9 @@ jobs: TEST_SERVER_S3_BUCKET: ${{ vars.TEST_SERVER_S3_BUCKET }} TEST_SERVER_KMS_KEY_ARN: ${{ vars.TEST_SERVER_KMS_KEY_ARN }} GRADLE_OPTS: "-Dorg.gradle.daemon=true -Dorg.gradle.parallel=true -Dorg.gradle.caching=true" + + - name: Upload results + uses: actions/upload-artifact@v4 + with: + name: results + path: test-server/java-tests/build/reports/tests/integ From 43dbcd8ea071522fcf1656f40b3d90007625861d Mon Sep 17 00:00:00 2001 From: Lucas McDonald Date: Fri, 26 Sep 2025 15:35:45 -0700 Subject: [PATCH 4/5] m --- .github/workflows/test.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index d2c1db4d..6994c286 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -107,6 +107,7 @@ jobs: GRADLE_OPTS: "-Dorg.gradle.daemon=true -Dorg.gradle.parallel=true -Dorg.gradle.caching=true" - name: Upload results + if: always() uses: actions/upload-artifact@v4 with: name: results From 2661f226ea1c1a394594c2954a2c55e22026752d Mon Sep 17 00:00:00 2001 From: Lucas McDonald Date: Mon, 29 Sep 2025 09:24:44 -0700 Subject: [PATCH 5/5] m --- .../software/amazon/encryption/s3/TestUtils.java | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/test-server/java-tests/src/it/java/software/amazon/encryption/s3/TestUtils.java b/test-server/java-tests/src/it/java/software/amazon/encryption/s3/TestUtils.java index 134e631d..395d11c7 100644 --- a/test-server/java-tests/src/it/java/software/amazon/encryption/s3/TestUtils.java +++ b/test-server/java-tests/src/it/java/software/amazon/encryption/s3/TestUtils.java @@ -123,12 +123,13 @@ public class TestUtils { servers.put(PHP_V2_CURRENT, new LanguageServerTarget(PHP_V2_CURRENT, "8087")); servers.put(RUBY_V3, new LanguageServerTarget(RUBY_V3, "8092")); servers.put(PHP_V3, new LanguageServerTarget(PHP_V3, "8093")); - servers.put(JAVA_V3_TRANSITION, new LanguageServerTarget(JAVA_V3_TRANSITION, "8094")); - servers.put(GO_V3_TRANSITION, new LanguageServerTarget(GO_V3_TRANSITION, "8095")); - servers.put(NET_V2_TRANSITION, new LanguageServerTarget(NET_V2_TRANSITION, "8096")); - servers.put(CPP_V2_TRANSITION, new LanguageServerTarget(CPP_V2_TRANSITION, "8097")); - servers.put(RUBY_V2_TRANSITION, new LanguageServerTarget(RUBY_V2_TRANSITION, "8098")); - servers.put(PHP_V2_TRANSITION, new LanguageServerTarget(PHP_V2_TRANSITION, "8099")); + // TODO: Create and add transition servers + // servers.put(JAVA_V3_TRANSITION, new LanguageServerTarget(JAVA_V3_TRANSITION, "8094")); + // servers.put(GO_V3_TRANSITION, new LanguageServerTarget(GO_V3_TRANSITION, "8095")); + // servers.put(NET_V2_TRANSITION, new LanguageServerTarget(NET_V2_TRANSITION, "8096")); + // servers.put(CPP_V2_TRANSITION, new LanguageServerTarget(CPP_V2_TRANSITION, "8097")); + // servers.put(RUBY_V2_TRANSITION, new LanguageServerTarget(RUBY_V2_TRANSITION, "8098")); + // servers.put(PHP_V2_TRANSITION, new LanguageServerTarget(PHP_V2_TRANSITION, "8099")); serverMap = filterServers(servers); }