feat: AWS KMS multi-Region Key support (#631)

Added new two new keyrings AwsKmsMrkAwareSymmetricKeyringNode
and AwsKmsMrkAwareSymmetricDiscoveryKeyringNode
that support AWS KMS multi-Region Keys.
Added the helpers buildAwsKmsMrkAwareStrictMultiKeyringNode
and buildAwsKmsMrkAwareDiscoveryMultiKeyringNode
that compose the above keyring together
to handle multiple CMKs.

See https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
for more details about AWS KMS multi-Region Keys.
See https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/configure.html#config-mrks
for more details about how the AWS Encryption SDK interoperates
with AWS KMS multi-Region keys.

Co-authored-by: Valerie Lambert <[email protected]>

Author: robin-aws

.gitignore

@@ -40,6 +40,7 @@ package.json.decrypt
 
 # local npx cache
 /verdaccio/.npx
+/specification_compliance_report.html
 
 # These version files are build by genversion
 # they track the package.json version

.gitmodules

@@ -1,4 +1,6 @@
 [submodule "aws-encryption-sdk-test-vectors"]
 	path = aws-encryption-sdk-test-vectors
 	url = https://github.com/awslabs/private-aws-encryption-sdk-test-vectors-staging.git
-	branch = known-invalid-test-vectors
+[submodule "aws-encryption-sdk-specification"]
+	path = aws-encryption-sdk-specification
+	url = https://github.com/awslabs/private-aws-encryption-sdk-specification-staging.git

aws-encryption-sdk-specification

@@ -3,7 +3,25 @@ version: 0.2
 batch:
   fast-fail: false
   build-list:
-    - identifier: nodejs10
+    - identifier: testNodejs10
       buildspec: codebuild/nodejs10.yml
-    - identifier: nodejs12
+    - identifier: testNodejs12
       buildspec: codebuild/nodejs12.yml
+    - identifier: testNodejs14
+      buildspec: codebuild/nodejs14.yml
+      env:
+        image: aws/codebuild/standard:5.0
+    - identifier: testBrowser
+      buildspec: codebuild/browser.yml
+    - identifier: compliance
+      buildspec: codebuild/compliance.yml
+    - identifier: testVectorsNodejs10
+      buildspec: codebuild/test_vectors/nodejs10.yml
+    - identifier: testVectorsNodejs12
+      buildspec: codebuild/test_vectors/nodejs12.yml
+    - identifier: testVectorsNodejs14
+      buildspec: codebuild/test_vectors/nodejs14.yml
+      env:
+        image: aws/codebuild/standard:5.0
+    - identifier: testVectorsBrowser
+      buildspec: codebuild/test_vectors/browser.yml

aws-encryption-sdk-test-vectors

@@ -0,0 +1,16 @@
+version: 0.2
+
+env:
+  variables:
+    NODE_OPTIONS: "--max-old-space-size=4096"
+
+phases:
+  install:
+    runtime-versions:
+      nodejs: latest
+    commands:
+      - npm ci --unsafe-perm
+      - npm run build
+  build:
+    commands:
+      - npm run coverage-browser

buildspec.yml

@@ -0,0 +1,16 @@
+version: 0.2
+
+env:
+  variables:
+    NODE_OPTIONS: "--max-old-space-size=4096"
+
+phases:
+  install:
+    runtime-versions:
+      nodejs: latest
+    commands:
+      - npm ci --unsafe-perm
+  build:
+    commands:
+      - npm run lint
+      - npm run test_conditions

codebuild/browser.yml

@@ -1,18 +1,16 @@
 version: 0.2
 
 env:
-    variables:
-        NODE_OPTIONS: "--max-old-space-size=4096"
+  variables:
+    NODE_OPTIONS: "--max-old-space-size=4096"
 
 phases:
-    install:
-        runtime-versions:
-            nodejs: 10
-        commands:
-            - npm ci --unsafe-perm
-            - npm run build
-    build:
-        commands:
-            - npm test
-            - npm run test_conditions
-            - npm run verdaccio
+  install:
+    runtime-versions:
+      nodejs: 10
+    commands:
+      - npm ci --unsafe-perm
+      - npm run build
+  build:
+    commands:
+      - npm run coverage-node

codebuild/compliance.yml

@@ -1,18 +1,16 @@
 version: 0.2
 
 env:
-    variables:
-        NODE_OPTIONS: "--max-old-space-size=4096"
+  variables:
+    NODE_OPTIONS: "--max-old-space-size=4096"
 
 phases:
-    install:
-        runtime-versions:
-            nodejs: 12
-        commands:
-            - npm ci --unsafe-perm
-            - npm run build
-    build:
-        commands:
-            - npm test
-            - npm run test_conditions
-            - npm run verdaccio
+  install:
+    runtime-versions:
+      nodejs: 12
+    commands:
+      - npm ci --unsafe-perm
+      - npm run build
+  build:
+    commands:
+      - npm run coverage-node

codebuild/nodejs10.yml

@@ -0,0 +1,16 @@
+version: 0.2
+
+env:
+  variables:
+    NODE_OPTIONS: "--max-old-space-size=4096"
+
+phases:
+  install:
+    runtime-versions:
+      nodejs: 14
+    commands:
+      - npm ci --unsafe-perm
+      - npm run build
+  build:
+    commands:
+      - npm run coverage-node

codebuild/nodejs12.yml

@@ -0,0 +1,18 @@
+version: 0.2
+
+env:
+  variables:
+    NODE_OPTIONS: "--max-old-space-size=4096"
+
+phases:
+  install:
+    runtime-versions:
+      nodejs: latest
+    commands:
+      - npm ci --unsafe-perm
+      - npm run build
+  build:
+    commands:
+      - npm run verdaccio-publish
+      - npm run verdaccio-publish-browser-decrypt
+      - npm run verdaccio-publish-browser-encrypt

codebuild/nodejs14.yml

@@ -0,0 +1,18 @@
+version: 0.2
+
+env:
+  variables:
+    NODE_OPTIONS: "--max-old-space-size=4096"
+
+phases:
+  install:
+    runtime-versions:
+      nodejs: 10
+    commands:
+      - npm ci --unsafe-perm
+      - npm run build
+  build:
+    commands:
+      - npm run verdaccio-publish
+      - npm run verdaccio-publish-node-decrypt
+      - npm run verdaccio-publish-node-encrypt

codebuild/test_vectors/browser.yml

@@ -0,0 +1,18 @@
+version: 0.2
+
+env:
+  variables:
+    NODE_OPTIONS: "--max-old-space-size=4096"
+
+phases:
+  install:
+    runtime-versions:
+      nodejs: 12
+    commands:
+      - npm ci --unsafe-perm
+      - npm run build
+  build:
+    commands:
+      - npm run verdaccio-publish
+      - npm run verdaccio-publish-node-decrypt
+      - npm run verdaccio-publish-node-encrypt

codebuild/test_vectors/nodejs10.yml

@@ -0,0 +1,18 @@
+version: 0.2
+
+env:
+  variables:
+    NODE_OPTIONS: "--max-old-space-size=4096"
+
+phases:
+  install:
+    runtime-versions:
+      nodejs: 14
+    commands:
+      - npm ci --unsafe-perm
+      - npm run build
+  build:
+    commands:
+      - npm run verdaccio-publish
+      - npm run verdaccio-publish-node-decrypt
+      - npm run verdaccio-publish-node-encrypt