fix(keystore): Fix kms config (#627)

* change kms config

remove flag methods

remove assertValidNotAliasArn function

* less arn parsing util exports needed

Author: nvobilis

modules/branch-keystore-node/src/kms_config.ts

@@ -1,30 +1,15 @@
 // Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
 // SPDX-License-Identifier: Apache-2.0
 
-import { getRegionFromIdentifier } from '@aws-crypto/kms-keyring'
-import { assertValidNotAliasArn } from './kms_config_helpers'
+import {
+  getRegionFromIdentifier,
+  parseAwsKmsKeyArn,
+} from '@aws-crypto/kms-keyring'
+import { needs } from '@aws-crypto/material-management'
 
 // a general interface that outlines common operations any of the 4 AWS KMS
 // configurations should perform
 export interface KmsConfig {
-  /**
-   * this method tells the user if the config is SRK/MRK compatibility
-   * @returns a flag answering the method's purpose
-   */
-  isKmsKeyArn(): boolean
-
-  /**
-   * this method tells the user if the config is MrDiscovery
-   * @returns a flag answering the method's purpose
-   */
-  isMrDiscovery(): boolean
-
-  /**
-   * this method tells the user if the config is Discovery
-   * @returns a flag answering the method's purpose
-   */
-  isDiscovery(): boolean
-
   /**
    * this method tells the user if the config is compatible with an arn
    * @param otherArn
@@ -56,26 +41,19 @@ export abstract class KmsKeyArnConfig implements RegionalKmsConfig {
     //# This ARN MUST NOT be an Alias.
     //# This ARN MUST be a valid
     //# [AWS KMS Key ARN](./aws-kms/aws-kms-key-arn.md#a-valid-aws-kms-arn).
-    assertValidNotAliasArn(arn)
+    const parsedArn = parseAwsKmsKeyArn(arn)
+    needs(
+      parsedArn && parsedArn.ResourceType === 'key',
+      `${arn} must be a well-formed AWS KMS non-alias resource arn`
+    )
+
     this._arn = arn
   }
 
   getRegion(): string {
     return getRegionFromIdentifier(this._arn)
   }
 
-  isKmsKeyArn(): boolean {
-    return true
-  }
-
-  isMrDiscovery(): boolean {
-    return false
-  }
-
-  isDiscovery(): boolean {
-    return false
-  }
-
   getArn(): string {
     return this._arn
   }

modules/branch-keystore-node/src/kms_config_helpers.ts

@@ -40,18 +40,6 @@ describe('Test kms config', () => {
         expect((config as RegionalKmsConfig).getRegion()).equals('us-west-2')
       })
 
-      it('Test isKmsKeyArn', () => {
-        expect(config.isKmsKeyArn()).equals(true)
-      })
-
-      it('Test isMrDiscovery', () => {
-        expect(config.isMrDiscovery()).equals(false)
-      })
-
-      it('Test isDiscovery', () => {
-        expect(config.isDiscovery()).equals(false)
-      })
-
       it('Test getArn', () => {
         expect((config as KmsKeyArnConfig).getArn()).equals(WELL_FORMED_SRK_ARN)
       })
@@ -82,18 +70,6 @@ describe('Test kms config', () => {
         expect((config as RegionalKmsConfig).getRegion()).equals('us-west-2')
       })
 
-      it('Test isKmsKeyArn', () => {
-        expect(config.isKmsKeyArn()).equals(true)
-      })
-
-      it('Test isMrDiscovery', () => {
-        expect(config.isMrDiscovery()).equals(false)
-      })
-
-      it('Test isDiscovery', () => {
-        expect(config.isDiscovery()).equals(false)
-      })
-
       it('Test getArn', () => {
         expect((config as KmsKeyArnConfig).getArn()).equals(WELL_FORMED_MRK_ARN)
       })

modules/branch-keystore-node/test/kms_config.test.ts

@@ -2,12 +2,7 @@
 // SPDX-License-Identifier: Apache-2.0
 
 export * from './kms_client_supplier'
-export {
-  getRegionFromIdentifier,
-  parseAwsKmsKeyArn,
-  ParsedAwsKmsKeyArn,
-  isMultiRegionAwsKmsArn,
-} from './arn_parsing'
+export { getRegionFromIdentifier, parseAwsKmsKeyArn } from './arn_parsing'
 export * from './kms_keyring'
 export * from './kms_mrk_keyring'
 export * from './kms_mrk_discovery_keyring'