fix: address some edge cases to fix async CBC ranged gets (#70)

* fix: address some edge cases to fix async CBC ranged gets

Author: kessplas

src/main/java/software/amazon/encryption/s3/internal/CipherPublisher.java

@@ -33,7 +33,7 @@ public CipherPublisher(final Cipher cipher, final SdkPublisher<ByteBuffer> wrapp
     public void subscribe(Subscriber<? super ByteBuffer> subscriber) {
         // Wrap the (customer) subscriber in a CipherSubscriber, then subscribe it
         // to the wrapped (ciphertext) publisher
-        Subscriber wrappedSubscriber = RangedGetUtils.adjustToDesiredRange(subscriber, range, contentRange, cipherTagLengthBits);
+        Subscriber<? super ByteBuffer> wrappedSubscriber = RangedGetUtils.adjustToDesiredRange(subscriber, range, contentRange, cipherTagLengthBits);
         wrappedPublisher.subscribe(new CipherSubscriber(wrappedSubscriber, cipher, contentLength));
     }
 }

src/main/java/software/amazon/encryption/s3/internal/GetEncryptedObjectPipeline.java

@@ -199,11 +199,8 @@ public void onStream(SdkPublisher<ByteBuffer> ciphertextPublisher) {
                     case ALG_AES_256_GCM_IV12_TAG16_NO_KDF:
                         cipher.init(Cipher.DECRYPT_MODE, contentKey, new GCMParameterSpec(tagLength, iv));
                         break;
-                    case ALG_AES_256_CBC_IV16_NO_KDF:
-                        if (materials.s3Request().range() != null) {
-                            throw new UnsupportedOperationException();
-                        }
                     case ALG_AES_256_CTR_IV16_TAG16_NO_KDF:
+                    case ALG_AES_256_CBC_IV16_NO_KDF:
                         cipher.init(Cipher.DECRYPT_MODE, contentKey, new IvParameterSpec(iv));
                         break;
                     default:

src/main/java/software/amazon/encryption/s3/legacy/internal/AdjustedRangeSubscriber.java

@@ -26,7 +26,6 @@ private void initializeForRead(long rangeBeginning, long rangeEnd) {
         // To get to the left-most byte desired by a user, we must skip over the 16 bytes of the
         // preliminary cipher block, and then possibly skip a few more bytes into the next block
         // to where the left-most byte is located.
-
         if (rangeBeginning < SYMMETRIC_CIPHER_BLOCK_SIZE_BYTES) {
             numBytesToSkip = (int) rangeBeginning;
         } else {
@@ -46,12 +45,19 @@ public void onSubscribe(Subscription s) {
 
     @Override
     public void onNext(ByteBuffer byteBuffer) {
+        // In edge cases where the beginning index exceeds the offset,
+        // there is never valid data to read, so signal completion immediately.
+        if (virtualAvailable <= 0) {
+            wrappedSubscriber.onComplete();
+        }
+
         if (numBytesToSkip != 0) {
             byte[] buf = byteBuffer.array();
             if (numBytesToSkip > buf.length) {
+                // If we need to skip past the available data,
+                // we are returning nothing, so signal completion
                 numBytesToSkip -= buf.length;
-                // TODO: This Handles CBC mode Edge Condition but not working
-                wrappedSubscriber.onNext(ByteBuffer.wrap(new byte[0]));
+                wrappedSubscriber.onComplete();
             } else {
                 outputBuffer = Arrays.copyOfRange(buf, numBytesToSkip, buf.length);
                 numBytesToSkip = 0;
@@ -65,6 +71,13 @@ public void onNext(ByteBuffer byteBuffer) {
             virtualAvailable -= bytesToRead;
             wrappedSubscriber.onNext(ByteBuffer.wrap(outputBuffer, 0, Math.toIntExact(bytesToRead)));
         }
+
+        // Since we are skipping some bytes, we may need to signal onComplete
+        // from within onNext to prevent the subscriber from waiting for more
+        // data indefinitely
+        if (virtualAvailable <= 0) {
+            wrappedSubscriber.onComplete();
+        }
     }
 
     @Override

src/main/java/software/amazon/encryption/s3/legacy/internal/RangedGetUtils.java

@@ -7,6 +7,7 @@
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.InputStream;
+import java.nio.ByteBuffer;
 
 /**
  * Utilities for processing Ranged Get functions.
@@ -58,66 +59,72 @@ private static long getCipherBlockUpperBound(final long rightmostBytePosition) {
         return upperBound < 0 ? Long.MAX_VALUE : upperBound;
     }
 
-    public static Subscriber adjustToDesiredRange(Subscriber subscriber, long[] range, String contentRange, int cipherTagLengthBits) {
-        if (range == null || contentRange == null) {
-            return subscriber;
-        }
+    private static long calculateMaxOffset(String contentRange, int cipherTagLengthBits) {
         final long instanceLength;
         int pos = contentRange.lastIndexOf("/");
         instanceLength = Long.parseLong(contentRange.substring(pos + 1));
 
-        final long maxOffset = instanceLength - (cipherTagLengthBits / 8) - 1;
-        if (range[1] > maxOffset) {
-            range[1] = maxOffset;
-            if (range[0] > range[1]) {
-                // TODO: Find a way to handle subscriber similar to Empty InputStream (this resolves one edge case error in CBC)
+        return instanceLength - (cipherTagLengthBits / 8) - 1;
+    }
+
+    public static Subscriber<? super ByteBuffer> adjustToDesiredRange(Subscriber<? super ByteBuffer> subscriber, long[] cryptoRange, String contentRange, int cipherTagLengthBits) {
+        if (cryptoRange == null || contentRange == null) {
+            return subscriber;
+        }
+
+        final long maxOffset = calculateMaxOffset(contentRange, cipherTagLengthBits);
+        if (cryptoRange[1] > maxOffset) {
+            cryptoRange[1] = maxOffset;
+            if (cryptoRange[0] > cryptoRange[1]) {
+                // When the beginning of the crypto range is after the max offset,
+                // there is no data to read. The current implementation of
+                // AdjustedRangeSubscriber handles this case itself,
+                // but this might as well be a Null/Noop Subscriber
                 try {
-                    return new AdjustedRangeSubscriber(subscriber, range[0], range[1]);
+                    return new AdjustedRangeSubscriber(subscriber, cryptoRange[0], cryptoRange[1]);
                 } catch (IOException e) {
                     throw new S3EncryptionClientException(e.getMessage());
                 }
             }
         }
-        if (range[0] > range[1]) {
+        if (cryptoRange[0] > cryptoRange[1]) {
             // Make no modifications if range is invalid.
             return subscriber;
         }
         try {
-            return new AdjustedRangeSubscriber(subscriber, range[0], range[1]);
+            return new AdjustedRangeSubscriber(subscriber, cryptoRange[0], cryptoRange[1]);
         } catch (IOException e) {
             throw new S3EncryptionClientException("Error adjusting output to desired byte range: " + e.getMessage());
         }
     }
 
-    public static InputStream adjustToDesiredRange(InputStream plaintext, long[] range, String contentRange, int cipherTagLengthBits) {
-        if (range == null || contentRange == null) {
+    public static InputStream adjustToDesiredRange(InputStream plaintext, long[] cryptoRange, String contentRange, int cipherTagLengthBits) {
+        if (cryptoRange == null || contentRange == null) {
             return plaintext;
         }
-        final long instanceLength;
-        int pos = contentRange.lastIndexOf("/");
-        instanceLength = Long.parseLong(contentRange.substring(pos + 1));
 
-        final long maxOffset = instanceLength - (cipherTagLengthBits / 8) - 1;
-        if (range[1] > maxOffset) {
-            range[1] = maxOffset;
-            if (range[0] > range[1]) {
+        final long maxOffset = calculateMaxOffset(contentRange, cipherTagLengthBits);
+        if (cryptoRange[1] > maxOffset) {
+            cryptoRange[1] = maxOffset;
+            if (cryptoRange[0] > cryptoRange[1]) {
                 // Close existing input stream to avoid resource leakage,
                 // return empty input stream
                 try {
-                    if (plaintext != null)
+                    if (plaintext != null) {
                         plaintext.close();
+                    }
                 } catch (IOException e) {
-                    throw new RuntimeException("Error while closing the Input Stream" + e.getMessage());
+                    throw new S3EncryptionClientException("Error while closing the InputStream: " + e.getMessage());
                 }
                 return new ByteArrayInputStream(new byte[0]);
             }
         }
-        if (range[0] > range[1]) {
+        if (cryptoRange[0] > cryptoRange[1]) {
             // Make no modifications if range is invalid.
             return plaintext;
         }
         try {
-            return new AdjustedRangeInputStream(plaintext, range[0], range[1]);
+            return new AdjustedRangeInputStream(plaintext, cryptoRange[0], cryptoRange[1]);
         } catch (IOException e) {
             throw new S3EncryptionClientException("Error adjusting output to desired byte range: " + e.getMessage());
         }

src/test/java/software/amazon/encryption/s3/S3EncryptionClientRangedGetCompatibilityTest.java

@@ -22,7 +22,6 @@
 import javax.crypto.SecretKey;
 import java.security.NoSuchAlgorithmException;
 import java.util.concurrent.CompletionException;
-import java.util.regex.Pattern;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertThrows;
@@ -143,6 +142,83 @@ public void AsyncFailsOnRangeWhenLegacyModeDisabled() {
         asyncClient.close();
     }
 
+    @Test
+    public void AsyncAesCbcV1toV3RangedGet() {
+        final String objectKey = appendTestSuffix("aes-cbc-v1-to-v3-ranged-get-async");
+
+        // V1 Client
+        EncryptionMaterialsProvider materialsProvider =
+                new StaticEncryptionMaterialsProvider(new EncryptionMaterials(AES_KEY));
+        CryptoConfiguration v1CryptoConfig =
+                new CryptoConfiguration();
+        AmazonS3Encryption v1Client = AmazonS3EncryptionClient.encryptionBuilder()
+                .withCryptoConfiguration(v1CryptoConfig)
+                .withEncryptionMaterials(materialsProvider)
+                .build();
+
+        final String input = "0bcdefghijklmnopqrst0BCDEFGHIJKLMNOPQRST" +
+                "1bcdefghijklmnopqrst1BCDEFGHIJKLMNOPQRST" +
+                "2bcdefghijklmnopqrst2BCDEFGHIJKLMNOPQRST" +
+                "3bcdefghijklmnopqrst3BCDEFGHIJKLMNOPQRST" +
+                "4bcdefghijklmnopqrst4BCDEFGHIJKLMNOPQRST";
+
+        v1Client.putObject(BUCKET, objectKey, input);
+
+        // V3 Client
+        S3AsyncClient v3Client = S3AsyncEncryptionClient.builder()
+                .aesKey(AES_KEY)
+                .enableLegacyUnauthenticatedModes(true)
+                .build();
+
+        // Valid Range
+        ResponseBytes<GetObjectResponse> objectResponse;
+
+        objectResponse = v3Client.getObject(builder -> builder
+                .bucket(BUCKET)
+                .range("bytes=10-20")
+                .key(objectKey), AsyncResponseTransformer.toBytes()).join();
+        String output;
+        output = objectResponse.asUtf8String();
+        assertEquals("klmnopqrst0", output);
+
+        // Valid start index within input and end index out of range, returns object from start index to End of Stream
+        objectResponse = v3Client.getObject(builder -> builder
+                .bucket(BUCKET)
+                .range("bytes=190-300")
+                .key(objectKey), AsyncResponseTransformer.toBytes()).join();
+        output = objectResponse.asUtf8String();
+        assertEquals("KLMNOPQRST", output);
+
+        // Invalid range start index range greater than ending index, returns entire object
+        objectResponse = v3Client.getObject(builder -> builder
+                .bucket(BUCKET)
+                .range("bytes=100-50")
+                .key(objectKey), AsyncResponseTransformer.toBytes()).join();
+        output = objectResponse.asUtf8String();
+        assertEquals(input, output);
+
+        // Invalid range format, returns entire object
+        objectResponse = v3Client.getObject(builder -> builder
+                .bucket(BUCKET)
+                .range("10-20")
+                .key(objectKey), AsyncResponseTransformer.toBytes()).join();
+        output = objectResponse.asUtf8String();
+        assertEquals(input, output);
+
+        // Invalid range starting index and ending index greater than object length but within Cipher Block size, returns empty object
+        objectResponse = v3Client.getObject(builder -> builder
+                .bucket(BUCKET)
+                .range("bytes=216-217")
+                .key(objectKey), AsyncResponseTransformer.toBytes()).join();
+        output = objectResponse.asUtf8String();
+        assertEquals("", output);
+
+        // Cleanup
+        deleteObject(BUCKET, objectKey, v3Client);
+        v3Client.close();
+    }
+
+
     @Test
     public void failsOnRangeWhenLegacyModeDisabled() {
         final String objectKey = appendTestSuffix("fails-when-on-range-when-legacy-disabled");
@@ -314,6 +390,8 @@ public void AesCbcV1toV3RangedGet() {
                 .withEncryptionMaterials(materialsProvider)
                 .build();
 
+        // This string is 200 characters/bytes long
+        // Due to padding, its ciphertext will be 208 bytes
         final String input = "0bcdefghijklmnopqrst0BCDEFGHIJKLMNOPQRST" +
                 "1bcdefghijklmnopqrst1BCDEFGHIJKLMNOPQRST" +
                 "2bcdefghijklmnopqrst2BCDEFGHIJKLMNOPQRST" +
@@ -360,14 +438,25 @@ public void AesCbcV1toV3RangedGet() {
         output = objectResponse.asUtf8String();
         assertEquals(input, output);
 
-        // Invalid range starting index and ending index greater than object length but within Cipher Block size, returns empty object
+        // Invalid range starting index and ending index greater than object length
+        // but within Cipher Block size, returns empty object
         objectResponse = v3Client.getObjectAsBytes(builder -> builder
                 .bucket(BUCKET)
                 .range("bytes=216-217")
                 .key(objectKey));
         output = objectResponse.asUtf8String();
         assertEquals("", output);
 
+        // Invalid range starting index and ending index greater than object length
+        // but within Cipher Block size, returns empty object
+        objectResponse = v3Client.getObjectAsBytes(builder -> builder
+                .bucket(BUCKET)
+                .range("bytes=216-218")
+                .key(objectKey));
+        output = objectResponse.asUtf8String();
+        assertEquals("", output);
+
+
         // Cleanup
         deleteObject(BUCKET, objectKey, v3Client);
         v3Client.close();
@@ -411,4 +500,5 @@ public void AesCbcV1toV3FailsRangeExceededObjectLength() {
         deleteObject(BUCKET, objectKey, v3Client);
         v3Client.close();
     }
+
 }