From 5b050b1d4f63f782a91e2bca58c939776427b9d2 Mon Sep 17 00:00:00 2001 From: Morgan Kleene Date: Tue, 14 Jan 2025 17:25:53 -0500 Subject: [PATCH 1/5] see if this works --- .../opentdf/platform/sdk/Autoconfigure.java | 7 ++-- .../java/io/opentdf/platform/sdk/TDF.java | 33 ++++++++----------- 2 files changed, 15 insertions(+), 25 deletions(-) diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/Autoconfigure.java b/sdk/src/main/java/io/opentdf/platform/sdk/Autoconfigure.java index 6113a681..ea4ce33c 100644 --- a/sdk/src/main/java/io/opentdf/platform/sdk/Autoconfigure.java +++ b/sdk/src/main/java/io/opentdf/platform/sdk/Autoconfigure.java @@ -77,14 +77,11 @@ public boolean equals(Object obj) { if (this == obj) { return true; } - if (obj == null || !(obj instanceof KeySplitStep)) { + if (!(obj instanceof KeySplitStep)) { return false; } KeySplitStep ss = (KeySplitStep) obj; - if ((this.kas.equals(ss.kas)) && (this.splitID.equals(ss.splitID))) { - return true; - } - return false; + return (this.kas.equals(ss.kas)) && (this.splitID.equals(ss.splitID)); } @Override diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/TDF.java b/sdk/src/main/java/io/opentdf/platform/sdk/TDF.java index d6e72aae..49ce0827 100644 --- a/sdk/src/main/java/io/opentdf/platform/sdk/TDF.java +++ b/sdk/src/main/java/io/opentdf/platform/sdk/TDF.java @@ -39,6 +39,7 @@ */ public class TDF { + private static final String EMPTY_SPLIT_ID = "[empty]"; private final long maximumSize; /** @@ -598,29 +599,22 @@ public Reader loadTDF(SeekableByteChannel tdf, SDK.KAS kas, Set foundSplits = new HashSet<>(); Map skippedSplits = new HashMap<>(); - boolean mixedSplits = manifest.encryptionInformation.keyAccessObj.size() > 1 && - (manifest.encryptionInformation.keyAccessObj.get(0).sid != null) && - !manifest.encryptionInformation.keyAccessObj.get(0).sid.isEmpty(); - MessageDigest digest = MessageDigest.getInstance("SHA-256"); if (manifest.payload.isEncrypted) { for (Manifest.KeyAccess keyAccess : manifest.encryptionInformation.keyAccessObj) { - Autoconfigure.KeySplitStep ss = new Autoconfigure.KeySplitStep(keyAccess.url, keyAccess.sid); + String splitId = keyAccess.sid == null || keyAccess.sid.isEmpty() ? EMPTY_SPLIT_ID : keyAccess.sid; + Autoconfigure.KeySplitStep ss = new Autoconfigure.KeySplitStep(keyAccess.url, splitId); byte[] unwrappedKey; - if (!mixedSplits) { + if (foundSplits.contains(ss.splitID)) { + continue; + } + knownSplits.add(ss.splitID); + try { unwrappedKey = kas.unwrap(keyAccess, manifest.encryptionInformation.policy); - } else { - if (foundSplits.contains(ss.splitID)) { - continue; - } - knownSplits.add(ss.splitID); - try { - unwrappedKey = kas.unwrap(keyAccess, manifest.encryptionInformation.policy); - } catch (Exception e) { - skippedSplits.put(ss, e); - continue; - } + } catch (Exception e) { + skippedSplits.put(ss, e); + continue; } for (int index = 0; index < unwrappedKey.length; index++) { @@ -631,8 +625,7 @@ public Reader loadTDF(SeekableByteChannel tdf, SDK.KAS kas, if (keyAccess.encryptedMetadata != null && !keyAccess.encryptedMetadata.isEmpty()) { AesGcm aesGcm = new AesGcm(unwrappedKey); - String decodedMetadata = new String(Base64.getDecoder().decode(keyAccess.encryptedMetadata), - "UTF-8"); + String decodedMetadata = new String(Base64.getDecoder().decode(keyAccess.encryptedMetadata), StandardCharsets.UTF_8); EncryptedMetadata encryptedMetadata = gson.fromJson(decodedMetadata, EncryptedMetadata.class); var encryptedData = new AesGcm.Encrypted( @@ -647,7 +640,7 @@ public Reader loadTDF(SeekableByteChannel tdf, SDK.KAS kas, } } - if (mixedSplits && knownSplits.size() > foundSplits.size()) { + if (knownSplits.size() > foundSplits.size()) { List exceptionList = new ArrayList<>(skippedSplits.size() + 1); exceptionList.add(new Exception("splitKey.unable to reconstruct split key: " + skippedSplits)); From 4029a7b3e20b5880fc37099f8cde389076f682c6 Mon Sep 17 00:00:00 2001 From: Morgan Kleene Date: Wed, 15 Jan 2025 09:45:16 -0500 Subject: [PATCH 2/5] try using `null` --- sdk/src/main/java/io/opentdf/platform/sdk/TDF.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/TDF.java b/sdk/src/main/java/io/opentdf/platform/sdk/TDF.java index 49ce0827..c3146267 100644 --- a/sdk/src/main/java/io/opentdf/platform/sdk/TDF.java +++ b/sdk/src/main/java/io/opentdf/platform/sdk/TDF.java @@ -39,7 +39,7 @@ */ public class TDF { - private static final String EMPTY_SPLIT_ID = "[empty]"; + private static final String EMPTY_SPLIT_ID = null; private final long maximumSize; /** From 19fabffa87b80fba62b6f08ecd899cc014927fa8 Mon Sep 17 00:00:00 2001 From: Morgan Kleene Date: Fri, 17 Jan 2025 11:20:58 -0500 Subject: [PATCH 3/5] Update TDF.java --- sdk/src/main/java/io/opentdf/platform/sdk/TDF.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/TDF.java b/sdk/src/main/java/io/opentdf/platform/sdk/TDF.java index c3146267..06794ce3 100644 --- a/sdk/src/main/java/io/opentdf/platform/sdk/TDF.java +++ b/sdk/src/main/java/io/opentdf/platform/sdk/TDF.java @@ -39,7 +39,7 @@ */ public class TDF { - private static final String EMPTY_SPLIT_ID = null; + private static final String EMPTY_SPLIT_ID = ""; private final long maximumSize; /** From c7ed4aecc3e6b0ac34e01e307f394356d56953fb Mon Sep 17 00:00:00 2001 From: Morgan Kleene Date: Fri, 17 Jan 2025 11:48:55 -0500 Subject: [PATCH 4/5] don't include this --- .../main/java/io/opentdf/platform/sdk/Autoconfigure.java | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/Autoconfigure.java b/sdk/src/main/java/io/opentdf/platform/sdk/Autoconfigure.java index ea4ce33c..6113a681 100644 --- a/sdk/src/main/java/io/opentdf/platform/sdk/Autoconfigure.java +++ b/sdk/src/main/java/io/opentdf/platform/sdk/Autoconfigure.java @@ -77,11 +77,14 @@ public boolean equals(Object obj) { if (this == obj) { return true; } - if (!(obj instanceof KeySplitStep)) { + if (obj == null || !(obj instanceof KeySplitStep)) { return false; } KeySplitStep ss = (KeySplitStep) obj; - return (this.kas.equals(ss.kas)) && (this.splitID.equals(ss.splitID)); + if ((this.kas.equals(ss.kas)) && (this.splitID.equals(ss.splitID))) { + return true; + } + return false; } @Override From f9533038d1a8be382b1a09713f41326e109e718f Mon Sep 17 00:00:00 2001 From: Morgan Kleene Date: Fri, 17 Jan 2025 12:06:59 -0500 Subject: [PATCH 5/5] Update TDF.java --- sdk/src/main/java/io/opentdf/platform/sdk/TDF.java | 1 - 1 file changed, 1 deletion(-) diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/TDF.java b/sdk/src/main/java/io/opentdf/platform/sdk/TDF.java index aa39d37d..784bbcd0 100644 --- a/sdk/src/main/java/io/opentdf/platform/sdk/TDF.java +++ b/sdk/src/main/java/io/opentdf/platform/sdk/TDF.java @@ -634,7 +634,6 @@ public Reader loadTDF(SeekableByteChannel tdf, SDK.KAS kas, if (keyAccess.encryptedMetadata != null && !keyAccess.encryptedMetadata.isEmpty()) { AesGcm aesGcm = new AesGcm(unwrappedKey); - String decodedMetadata = new String(Base64.getDecoder().decode(keyAccess.encryptedMetadata), StandardCharsets.UTF_8); EncryptedMetadata encryptedMetadata = gson.fromJson(decodedMetadata, EncryptedMetadata.class);