crypto: add support for KMS key versions

This commit adds support for KMS master key versions.
Now, MinIO stores any key version information returned by the
KMS as part of the object metadata. The key version identifies
a particular master key within a master key ring. When encrypting/
generating a DEK, MinIO has to remember the key version - similar to
the key name. When decrypting a DEK, MinIO sends the key version to
the KMS such that the KMS can identify the exact key version that
should be used to decrypt the object.

Existing objects don't have a key version. Hence, this field will
be empty.

Signed-off-by: Andreas Auernhammer <github@aead.dev>

internal/kms/conn.go

@@ -19,11 +19,8 @@ package kms
 
 import (
 	"context"
-	"encoding"
-	"encoding/json"
 	"strconv"
 
-	jsoniter "github.com/json-iterator/go"
 	"github.com/minio/madmin-go/v3"
 )
 
@@ -121,47 +118,7 @@ type Status struct {
 // storage.
 type DEK struct {
 	KeyID      string // Name of the master key
-	Version    int    // Version of the master key (MinKMS only)
+	Version    string // Version of the master key
 	Plaintext  []byte // Paintext of the data encryption key
 	Ciphertext []byte // Ciphertext of the data encryption key
 }
-
-var (
-	_ encoding.TextMarshaler   = (*DEK)(nil)
-	_ encoding.TextUnmarshaler = (*DEK)(nil)
-)
-
-// MarshalText encodes the DEK's key ID and ciphertext
-// as JSON.
-func (d DEK) MarshalText() ([]byte, error) {
-	type JSON struct {
-		KeyID      string `json:"keyid"`
-		Version    uint32 `json:"version,omitempty"`
-		Ciphertext []byte `json:"ciphertext"`
-	}
-	return json.Marshal(JSON{
-		KeyID:      d.KeyID,
-		Version:    uint32(d.Version),
-		Ciphertext: d.Ciphertext,
-	})
-}
-
-// UnmarshalText tries to decode text as JSON representation
-// of a DEK and sets DEK's key ID and ciphertext to the
-// decoded values.
-//
-// It sets DEK's plaintext to nil.
-func (d *DEK) UnmarshalText(text []byte) error {
-	type JSON struct {
-		KeyID      string `json:"keyid"`
-		Version    uint32 `json:"version"`
-		Ciphertext []byte `json:"ciphertext"`
-	}
-	var v JSON
-	json := jsoniter.ConfigCompatibleWithStandardLibrary
-	if err := json.Unmarshal(text, &v); err != nil {
-		return err
-	}
-	d.KeyID, d.Version, d.Plaintext, d.Ciphertext = v.KeyID, int(v.Version), nil, v.Ciphertext
-	return nil
-}

internal/kms/dek_test.go

@@ -1,79 +0,0 @@
-// Copyright (c) 2015-2021 MinIO, Inc.
-//
-// This file is part of MinIO Object Storage stack
-//
-// This program is free software: you can redistribute it and/or modify
-// it under the terms of the GNU Affero General Public License as published by
-// the Free Software Foundation, either version 3 of the License, or
-// (at your option) any later version.
-//
-// This program is distributed in the hope that it will be useful
-// but WITHOUT ANY WARRANTY; without even the implied warranty of
-// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-// GNU Affero General Public License for more details.
-//
-// You should have received a copy of the GNU Affero General Public License
-// along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-package kms
-
-import (
-	"bytes"
-	"encoding/base64"
-	"testing"
-)
-
-var dekEncodeDecodeTests = []struct {
-	Key DEK
-}{
-	{
-		Key: DEK{},
-	},
-	{
-		Key: DEK{
-			Plaintext:  nil,
-			Ciphertext: mustDecodeB64("eyJhZWFkIjoiQUVTLTI1Ni1HQ00tSE1BQy1TSEEtMjU2IiwiaXYiOiJ3NmhLUFVNZXVtejZ5UlVZL29pTFVBPT0iLCJub25jZSI6IktMSEU3UE1jRGo2N2UweHkiLCJieXRlcyI6Ik1wUkhjQWJaTzZ1Sm5lUGJGcnpKTkxZOG9pdkxwTmlUcTNLZ0hWdWNGYkR2Y0RlbEh1c1lYT29zblJWVTZoSXIifQ=="),
-		},
-	},
-	{
-		Key: DEK{
-			Plaintext:  mustDecodeB64("GM2UvLXp/X8lzqq0mibFC0LayDCGlmTHQhYLj7qAy7Q="),
-			Ciphertext: mustDecodeB64("eyJhZWFkIjoiQUVTLTI1Ni1HQ00tSE1BQy1TSEEtMjU2IiwiaXYiOiJ3NmhLUFVNZXVtejZ5UlVZL29pTFVBPT0iLCJub25jZSI6IktMSEU3UE1jRGo2N2UweHkiLCJieXRlcyI6Ik1wUkhjQWJaTzZ1Sm5lUGJGcnpKTkxZOG9pdkxwTmlUcTNLZ0hWdWNGYkR2Y0RlbEh1c1lYT29zblJWVTZoSXIifQ=="),
-		},
-	},
-	{
-		Key: DEK{
-			Version:    3,
-			Plaintext:  mustDecodeB64("GM2UvLXp/X8lzqq0mibFC0LayDCGlmTHQhYLj7qAy7Q="),
-			Ciphertext: mustDecodeB64("eyJhZWFkIjoiQUVTLTI1Ni1HQ00tSE1BQy1TSEEtMjU2IiwiaXYiOiJ3NmhLUFVNZXVtejZ5UlVZL29pTFVBPT0iLCJub25jZSI6IktMSEU3UE1jRGo2N2UweHkiLCJieXRlcyI6Ik1wUkhjQWJaTzZ1Sm5lUGJGcnpKTkxZOG9pdkxwTmlUcTNLZ0hWdWNGYkR2Y0RlbEh1c1lYT29zblJWVTZoSXIifQ=="),
-		},
-	},
-}
-
-func TestEncodeDecodeDEK(t *testing.T) {
-	for i, test := range dekEncodeDecodeTests {
-		text, err := test.Key.MarshalText()
-		if err != nil {
-			t.Fatalf("Test %d: failed to marshal DEK: %v", i, err)
-		}
-
-		var key DEK
-		if err = key.UnmarshalText(text); err != nil {
-			t.Fatalf("Test %d: failed to unmarshal DEK: %v", i, err)
-		}
-		if key.Plaintext != nil {
-			t.Fatalf("Test %d: unmarshaled DEK contains non-nil plaintext", i)
-		}
-		if !bytes.Equal(key.Ciphertext, test.Key.Ciphertext) {
-			t.Fatalf("Test %d: ciphertext mismatch: got %x - want %x", i, key.Ciphertext, test.Key.Ciphertext)
-		}
-	}
-}
-
-func mustDecodeB64(s string) []byte {
-	b, err := base64.StdEncoding.DecodeString(s)
-	if err != nil {
-		panic(err)
-	}
-	return b
-}

internal/kms/kes.go

@@ -206,6 +206,7 @@ func (c *kesConn) GenerateKey(ctx context.Context, req *GenerateKeyRequest) (DEK
 		KeyID:      name,
 		Plaintext:  dek.Plaintext,
 		Ciphertext: dek.Ciphertext,
+		Version:    dek.Version,
 	}, nil
 }
 
@@ -235,7 +236,7 @@ func (c *kesConn) Decrypt(ctx context.Context, req *DecryptRequest) ([]byte, err
 		return nil, err
 	}
 
-	plaintext, err := c.client.Decrypt(context.Background(), req.Name, req.Ciphertext, aad)
+	plaintext, err := c.client.Decrypt(ctx, req.Name, req.Version, req.Ciphertext, aad)
 	if err != nil {
 		if errors.Is(err, kes.ErrKeyNotFound) {
 			return nil, ErrKeyNotFound

internal/kms/kms.go

@@ -22,6 +22,7 @@ import (
 	"errors"
 	"net/http"
 	"slices"
+	"strconv"
 	"sync/atomic"
 	"time"
 
@@ -90,7 +91,7 @@ type DecryptRequest struct {
 	// Version is the version of the master used for
 	// decryption. If empty, the latest key version
 	// is used.
-	Version int
+	Version string
 
 	// Ciphertext is the encrypted data that gets
 	// decrypted.
@@ -383,7 +384,7 @@ func (c *kmsConn) GenerateKey(ctx context.Context, req *GenerateKeyRequest) (DEK
 
 	return DEK{
 		KeyID:      name,
-		Version:    resp[0].Version,
+		Version:    strconv.Itoa(resp[0].Version),
 		Plaintext:  resp[0].Plaintext,
 		Ciphertext: resp[0].Ciphertext,
 	}, nil
@@ -395,9 +396,17 @@ func (c *kmsConn) Decrypt(ctx context.Context, req *DecryptRequest) ([]byte, err
 		return nil, err
 	}
 
+	version := 1
+	if req.Version != "" {
+		if version, err = strconv.Atoi(req.Version); err != nil {
+			return nil, err
+		}
+	}
+
 	ciphertext, _ := parseCiphertext(req.Ciphertext)
 	resp, err := c.client.Decrypt(ctx, c.enclave, &kms.DecryptRequest{
 		Name:           req.Name,
+		Version:        version,
 		Ciphertext:     ciphertext,
 		AssociatedData: aad,
 	})

internal/kms/secret-key.go

@@ -154,7 +154,6 @@ func (s secretKey) GenerateKey(_ context.Context, req *GenerateKeyRequest) (DEK,
 	ciphertext = append(ciphertext, random...)
 	return DEK{
 		KeyID:      req.Name,
-		Version:    0,
 		Plaintext:  plaintext,
 		Ciphertext: ciphertext,
 	}, nil

internal/kms/stub.go

@@ -103,7 +103,7 @@ func (s StubKMS) GenerateKey(_ context.Context, req *GenerateKeyRequest) (DEK, e
 	}
 	return DEK{
 		KeyID:      req.Name,
-		Version:    0,
+		Version:    "0",
 		Plaintext:  []byte("stubplaincharswhichare32bytelong"),
 		Ciphertext: []byte("stubplaincharswhichare32bytelong"),
 	}, nil