From f59b56ae4b8fafc67ec1828f03ce3178afaf037d Mon Sep 17 00:00:00 2001
From: Tor Brede Vekterli <vekterli@yahooinc.com>
Date: Tue, 1 Nov 2022 13:44:42 +0100
Subject: Let token key IDs be UTF-8 byte strings instead of just an integer

This makes key IDs vastly more expressive. Max size is 255 bytes,
and UTF-8 form is enforced by checking that the byte sequence can be
identity-transformed to and from a string with UTF-8 encoding.

In addition, we now protect the integrity of the key ID by supplying
it as the AAD parameter to the key sealing and opening operations.

Reduce v1 token max length of `enc` part to 255, since this is always
an X25519 public key, which is never bigger than 32 bytes (but may
be _less_ if the random `BigInteger` is small enough, so we still have
to encode the length).
---
 .../yahoo/vespa/security/tool/crypto/DecryptTool.java    | 16 +++++++++++-----
 .../yahoo/vespa/security/tool/crypto/EncryptTool.java    |  4 +++-
 2 files changed, 14 insertions(+), 6 deletions(-)

(limited to 'vespaclient-java/src/main/java/com/yahoo')

diff --git a/vespaclient-java/src/main/java/com/yahoo/vespa/security/tool/crypto/DecryptTool.java b/vespaclient-java/src/main/java/com/yahoo/vespa/security/tool/crypto/DecryptTool.java
index 23543486e1b..af59784bfe0 100644
--- a/vespaclient-java/src/main/java/com/yahoo/vespa/security/tool/crypto/DecryptTool.java
+++ b/vespaclient-java/src/main/java/com/yahoo/vespa/security/tool/crypto/DecryptTool.java
@@ -13,9 +13,12 @@ import org.apache.commons.cli.Option;
 import java.io.IOException;
 import java.nio.file.Files;
 import java.nio.file.Paths;
+import java.util.Arrays;
 import java.util.List;
 import java.util.Optional;
 
+import static com.yahoo.security.ArrayUtils.toUtf8Bytes;
+
 /**
  * Tooling for decrypting a file using a private key that corresponds to the public key used
  * to originally encrypt the file.
@@ -85,16 +88,19 @@ public class DecryptTool implements Tool {
             }
             var inputArg   = leftoverArgs[0];
             var maybeKeyId = Optional.ofNullable(arguments.hasOption(KEY_ID_OPTION)
-                                                 ? Integer.parseInt(arguments.getOptionValue(KEY_ID_OPTION))
+                                                 ? arguments.getOptionValue(KEY_ID_OPTION)
                                                  : null);
             var outputArg   = CliUtils.optionOrThrow(arguments, OUTPUT_FILE_OPTION);
             var privKeyPath = Paths.get(CliUtils.optionOrThrow(arguments, RECIPIENT_PRIVATE_KEY_FILE_OPTION));
             var tokenString = CliUtils.optionOrThrow(arguments, TOKEN_OPTION);
             var sealedSharedKey = SealedSharedKey.fromTokenString(tokenString.strip());
-            if (maybeKeyId.isPresent() && (maybeKeyId.get() != sealedSharedKey.keyId())) {
-                throw new IllegalArgumentException(("Key ID specified with --key-id (%d) does not match key ID " +
-                                                    "used when generating the supplied token (%d)")
-                                                    .formatted(maybeKeyId.get(), sealedSharedKey.keyId()));
+            if (maybeKeyId.isPresent()) {
+                byte[] myKeyIdBytes = toUtf8Bytes(maybeKeyId.get());
+                if (!Arrays.equals(myKeyIdBytes, sealedSharedKey.keyId())) {
+                    // Don't include raw key bytes array verbatim in message (may contain control chars etc).
+                    throw new IllegalArgumentException("Key ID specified with --key-id does not match key ID " +
+                                                       "used when generating the supplied token");
+                }
             }
             var privateKey   = KeyUtils.fromBase64EncodedX25519PrivateKey(Files.readString(privKeyPath).strip());
             var secretShared = SharedKeyGenerator.fromSealedKey(sealedSharedKey, privateKey);
diff --git a/vespaclient-java/src/main/java/com/yahoo/vespa/security/tool/crypto/EncryptTool.java b/vespaclient-java/src/main/java/com/yahoo/vespa/security/tool/crypto/EncryptTool.java
index 5437e8cf9fe..cb16151c9b6 100644
--- a/vespaclient-java/src/main/java/com/yahoo/vespa/security/tool/crypto/EncryptTool.java
+++ b/vespaclient-java/src/main/java/com/yahoo/vespa/security/tool/crypto/EncryptTool.java
@@ -14,6 +14,8 @@ import java.nio.file.Files;
 import java.nio.file.Paths;
 import java.util.List;
 
+import static com.yahoo.security.ArrayUtils.toUtf8Bytes;
+
 /**
  * Tooling to encrypt a file using a public key, emitting a non-secret token that can be
  * passed on to a recipient holding the corresponding private key.
@@ -77,7 +79,7 @@ public class EncryptTool implements Tool {
             var outputPath = Paths.get(CliUtils.optionOrThrow(arguments, OUTPUT_FILE_OPTION));
 
             var recipientPubKey = KeyUtils.fromBase64EncodedX25519PublicKey(CliUtils.optionOrThrow(arguments, RECIPIENT_PUBLIC_KEY_OPTION).strip());
-            int keyId  = Integer.parseInt(CliUtils.optionOrThrow(arguments, KEY_ID_OPTION));
+            var keyId  = toUtf8Bytes(CliUtils.optionOrThrow(arguments, KEY_ID_OPTION));
             var shared = SharedKeyGenerator.generateForReceiverPublicKey(recipientPubKey, keyId);
             var cipher = SharedKeyGenerator.makeAesGcmEncryptionCipher(shared);
 
-- 
cgit v1.2.3