Revert "fix: Merge mainline into keyrings, revert the keyring reverts (aws#209)"

This reverts commit 4442958.

Author: Alex Cioc

CHANGELOG.md

@@ -29,17 +29,7 @@ calls to `AwsCrypto.encrypt(EncryptRequest)` and `AwsCrypto.decrypt(DecryptReque
    [#165](https://github.com/aws/aws-encryption-sdk-java/pull/165),
    [#168](https://github.com/aws/aws-encryption-sdk-java/pull/168),
    and [#170](https://github.com/aws/aws-encryption-sdk-java/pull/170).
-
-## 1.6.2 -- 2020-05-26
-
-### Patches
-* Validate final frame length does not exceed the frame size in the message header [PR #166](https://github.com/aws/aws-encryption-sdk-java/pull/166)
-* Validate entire ciphertext has been processed before returning [PR #191](https://github.com/aws/aws-encryption-sdk-java/pull/191)
-
-### Maintenance
-* Update AWS Java SDK version from 1.11.561 to 1.11.704. [PR #186](https://github.com/aws/aws-encryption-sdk-java/pull/186)
-* Upgrade Bouncy Castle from 1.61 to 1.65 [PR #179](https://github.com/aws/aws-encryption-sdk-java/pull/179)
-
+  
 ## 1.6.1 -- 2019-10-29
 
 ### Deprecation Warnings

README.md

@@ -56,7 +56,7 @@ You can get the latest release from Maven:
 <dependency>
   <groupId>com.amazonaws</groupId>
   <artifactId>aws-encryption-sdk-java</artifactId>
-  <version>1.6.2</version>
+  <version>1.6.1</version>
 </dependency>
 ```
 

pom.xml

@@ -4,7 +4,7 @@
 
     <groupId>com.amazonaws</groupId>
     <artifactId>aws-encryption-sdk-java</artifactId>
-    <version>1.6.2</version>
+    <version>1.6.1</version>
     <packaging>jar</packaging>
 
     <name>aws-encryption-sdk-java</name>

src/main/java/com/amazonaws/encryptionsdk/internal/BlockDecryptionHandler.java

@@ -13,15 +13,16 @@
 
 package com.amazonaws.encryptionsdk.internal;
 
+import java.util.Arrays;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+
 import com.amazonaws.encryptionsdk.CryptoAlgorithm;
 import com.amazonaws.encryptionsdk.exception.AwsCryptoException;
 import com.amazonaws.encryptionsdk.exception.BadCiphertextException;
 import com.amazonaws.encryptionsdk.model.CipherBlockHeaders;
 
-import javax.crypto.Cipher;
-import javax.crypto.SecretKey;
-import java.util.Arrays;
-
 /**
  * The block decryption handler is an implementation of CryptoHandler that
  * provides methods to decrypt content encrypted and stored in a single block.
@@ -96,11 +97,6 @@ public BlockDecryptionHandler(final SecretKey decryptionKey, final short nonceLe
     synchronized public ProcessingSummary processBytes(final byte[] in, final int off, final int len,
             final byte[] out,
             final int outOff) throws AwsCryptoException {
-
-        if (complete_) {
-            throw new AwsCryptoException("Ciphertext has already been processed.");
-        }
-
         final byte[] bytesToParse = new byte[unparsedBytes_.length + len];
         // If there were previously unparsed bytes, add them as the first
         // set of bytes to be parsed in this call.
@@ -170,9 +166,6 @@ synchronized public ProcessingSummary processBytes(final byte[] in, final int of
      */
     @Override
     synchronized public int doFinal(final byte[] out, final int outOff) throws BadCiphertextException {
-        if (!complete_) {
-            throw new BadCiphertextException("Unable to process entire ciphertext.");
-        }
         return 0;
     }
 

src/main/java/com/amazonaws/encryptionsdk/internal/DecryptionHandler.java

@@ -335,10 +335,6 @@ public int doFinal(final byte[] out, final int outOff) throws BadCiphertextExcep
         } else {
             int result = contentCryptoHandler_.doFinal(out, outOff);
 
-            if (!ciphertextHeaders_.isComplete() || !contentCryptoHandler_.isComplete()) {
-                throw new BadCiphertextException("Unable to process entire ciphertext.");
-            }
-
             return result;
         }
     }

src/main/java/com/amazonaws/encryptionsdk/internal/FrameDecryptionHandler.java

@@ -78,16 +78,16 @@ public FrameDecryptionHandler(final SecretKey decryptionKey, final short nonceLe
      * 
      * @param in
      *            the input byte array.
-     * @param off
+     * @param inOff
      *            the offset into the in array where the data to be decrypted starts.
-     * @param len
+     * @param inLen
      *            the number of bytes to be decrypted.
      * @param out
      *            the output buffer the decrypted plaintext bytes go into.
      * @param outOff
      *            the offset into the output byte array the decrypted data starts at.
      * @return the number of bytes written to out and processed
-     * @throws BadCiphertextException
+     * @throws InvalidCiphertextException
      *             if frame number is invalid/out-of-order or if the bytes do not decrypt correctly.
      * @throws AwsCryptoException
      *             if the content type found in the headers is not of frame type.
@@ -96,11 +96,6 @@ public FrameDecryptionHandler(final SecretKey decryptionKey, final short nonceLe
     public ProcessingSummary processBytes(final byte[] in, final int off, final int len, final byte[] out,
             final int outOff)
             throws BadCiphertextException, AwsCryptoException {
-
-        if (complete_) {
-            throw new AwsCryptoException("Ciphertext has already been processed.");
-        }
-
         final long totalBytesToParse = unparsedBytes_.length + (long) len;
         if (totalBytesToParse > Integer.MAX_VALUE) {
             throw new AwsCryptoException(
@@ -205,10 +200,6 @@ public ProcessingSummary processBytes(final byte[] in, final int off, final int
      */
     @Override
     public int doFinal(final byte[] out, final int outOff) {
-        if (!complete_) {
-            throw new BadCiphertextException("Unable to process entire ciphertext.");
-        }
-
         return 0;
     }
 

src/test/java/com/amazonaws/encryptionsdk/AwsCryptoTest.java

@@ -33,7 +33,6 @@
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.nio.charset.StandardCharsets;
-import java.util.Arrays;
 import java.util.EnumSet;
 import java.util.HashMap;
 import java.util.Map;
@@ -151,26 +150,6 @@ private void doTamperedEncryptDecryptWithKeyring(final CryptoAlgorithm cryptoAlg
                 .ciphertext(cipherText).build()));
     }
 
-    private void doTruncatedEncryptDecrypt(final CryptoAlgorithm cryptoAlg, final int byteSize, final int frameSize) {
-        final byte[] plaintextBytes = new byte[byteSize];
-
-        final Map<String, String> encryptionContext = new HashMap<>(1);
-        encryptionContext.put("ENC1", "Encrypt-decrypt test with %d" + byteSize);
-
-        encryptionClient_.setEncryptionAlgorithm(cryptoAlg);
-        encryptionClient_.setEncryptionFrameSize(frameSize);
-
-        final byte[] cipherText = encryptionClient_.encryptData(
-                masterKeyProvider,
-                plaintextBytes,
-                encryptionContext).getResult();
-        final byte[] truncatedCipherText = Arrays.copyOf(cipherText, cipherText.length - 1);
-
-        assertThrows(BadCiphertextException.class, () -> encryptionClient_.decryptData(
-                masterKeyProvider,
-                truncatedCipherText));
-    }
-
     private void doEncryptDecryptWithParsedCiphertext(final int byteSize, final int frameSize) {
         final byte[] plaintextBytes = new byte[byteSize];
 
@@ -256,31 +235,6 @@ public void encryptDecryptWithBadSignature() {
         }
     }
 
-    @Test
-    public void encryptDecryptWithTruncatedCiphertext() {
-        for (final CryptoAlgorithm cryptoAlg : EnumSet.allOf(CryptoAlgorithm.class)) {
-            final int[] frameSizeToTest = TestUtils.getFrameSizesToTest(cryptoAlg);
-
-            for (int i = 0; i < frameSizeToTest.length; i++) {
-                final int frameSize = frameSizeToTest[i];
-                int[] bytesToTest = { 0, 1, frameSize - 1, frameSize, frameSize + 1, (int) (frameSize * 1.5),
-                        frameSize * 2, 1000000 };
-
-                for (int j = 0; j < bytesToTest.length; j++) {
-                    final int byteSize = bytesToTest[j];
-
-                    if (byteSize > 500_000) {
-                        continue;
-                    }
-
-                    if (byteSize >= 0) {
-                        doTruncatedEncryptDecrypt(cryptoAlg, byteSize, frameSize);
-                    }
-                }
-            }
-        }
-    }
-
     @Test
     public void encryptDecryptWithParsedCiphertext() {
         for (final CryptoAlgorithm cryptoAlg : EnumSet.allOf(CryptoAlgorithm.class)) {

src/test/java/com/amazonaws/encryptionsdk/internal/BlockDecryptionHandlerTest.java

@@ -13,6 +13,7 @@
 
 package com.amazonaws.encryptionsdk.internal;
 
+import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertTrue;
 
 import java.nio.ByteBuffer;
@@ -21,7 +22,6 @@
 import javax.crypto.SecretKey;
 import javax.crypto.spec.SecretKeySpec;
 
-import com.amazonaws.encryptionsdk.exception.BadCiphertextException;
 import org.junit.Before;
 import org.junit.Test;
 
@@ -58,9 +58,11 @@ public void estimateOutputSize() {
         assertTrue(outSize >= inLen);
     }
 
-    @Test(expected= BadCiphertextException.class)
-    public void doFinalCalledWhileNotComplete() {
-        blockDecryptionHandler_.doFinal(new byte[1], 0);
+    @Test
+    public void decryptWithoutHeaders() {
+        final byte[] out = new byte[1];
+        final int returnedLen = blockDecryptionHandler_.doFinal(out, 0);
+        assertEquals(0, returnedLen);
     }
 
     @Test(expected = AwsCryptoException.class)
@@ -88,23 +90,4 @@ public void decryptMaxContentLength() {
         final byte[] decryptedOut = new byte[decryptedOutLen];
         blockDecryptionHandler_.processBytes(outBuff.array(), 0, outBuff.array().length, decryptedOut, 0);
     }
-
-    @Test(expected = AwsCryptoException.class)
-    public void processBytesCalledWhileComplete() {
-        final BlockEncryptionHandler blockEncryptionHandler = new BlockEncryptionHandler(
-                dataKey_,
-                nonceLen_,
-                cryptoAlgorithm_,
-                messageId_);
-        final byte[] in = new byte[0];
-        final int outLen = blockEncryptionHandler.estimateOutputSize(in.length);
-        final byte[] out = new byte[outLen];
-
-        blockEncryptionHandler.processBytes(in, 0, in.length, out, 0);
-        blockEncryptionHandler.doFinal(out, 0);
-
-        final byte[] decryptedOut = new byte[outLen];
-        blockDecryptionHandler_.processBytes(out, 0, outLen, decryptedOut, 0);
-        blockDecryptionHandler_.processBytes(out, 0, outLen, decryptedOut, 0);
-    }
-}
+}

src/test/java/com/amazonaws/encryptionsdk/internal/DecryptionHandlerTest.java

@@ -16,7 +16,6 @@
 import java.util.Collections;
 import java.util.Map;
 
-import com.amazonaws.encryptionsdk.model.CiphertextHeaders;
 import com.amazonaws.encryptionsdk.keyrings.Keyring;
 import org.junit.Before;
 import org.junit.Test;
@@ -147,20 +146,6 @@ public void invalidOffsetProcessBytes() {
         decryptionHandler.processBytes(in, -1, in.length, out, 0);
     }
 
-    @Test(expected = BadCiphertextException.class)
-    public void incompleteCiphertext() {
-        byte[] ciphertext = getTestHeaders();
-
-        CiphertextHeaders h = new CiphertextHeaders();
-        h.deserialize(ciphertext, 0);
-
-        final DecryptionHandler<StaticMasterKey> decryptionHandler = DecryptionHandler.create(masterKeyProvider_);
-        final byte[] out = new byte[1];
-
-        decryptionHandler.processBytes(ciphertext, 0, ciphertext.length - 1, out, 0);
-        decryptionHandler.doFinal(out, 0);
-    }
-
     @Test
     public void testNullMasterKey() {
         final DecryptionHandler decryptionHandler = DecryptionHandler.create(new DefaultCryptoMaterialsManager(keyring));

src/test/java/com/amazonaws/encryptionsdk/internal/FrameDecryptionHandlerTest.java

@@ -89,30 +89,4 @@ public void finalFrameLengthTooLarge() {
 
         frameDecryptionHandler_.processBytes(in, 0, in.length, out, 0);
     }
-
-    @Test(expected = BadCiphertextException.class)
-    public void doFinalCalledWhileNotComplete() {
-        frameDecryptionHandler_.doFinal(new byte[1], 0);
-    }
-
-    @Test(expected = AwsCryptoException.class)
-    public void processBytesCalledWhileComplete() {
-        final FrameEncryptionHandler frameEncryptionHandler = new FrameEncryptionHandler(
-                dataKey_,
-                nonceLen_,
-                cryptoAlgorithm_,
-                messageId_,
-                frameSize_);
-        final byte[] in = new byte[0];
-        final int outLen = frameEncryptionHandler.estimateOutputSize(in.length);
-        final byte[] out = new byte[outLen];
-
-        frameEncryptionHandler.processBytes(in, 0, in.length, out, 0);
-        frameEncryptionHandler.doFinal(out, 0);
-
-        final byte[] decryptedOut = new byte[outLen];
-
-        frameDecryptionHandler_.processBytes(out, 0, out.length, decryptedOut, 0);
-        frameDecryptionHandler_.processBytes(out, 0, out.length, decryptedOut, 0);
-    }
 }