Update marcellanz/transit_pkcs1v15 RSA encryption support

builtin/logical/transit/backend_test.go

@@ -148,83 +148,96 @@ func testTransit_RSA(t *testing.T, keyType string) {
 
 	plaintext := "dGhlIHF1aWNrIGJyb3duIGZveA==" // "the quick brown fox"
 
-	encryptReq := &logical.Request{
-		Path:      "encrypt/rsa",
-		Operation: logical.UpdateOperation,
-		Storage:   storage,
-		Data: map[string]interface{}{
-			"plaintext": plaintext,
-		},
-	}
+	for _, padding := range []keysutil.PaddingScheme{keysutil.PaddingScheme_OAEP, keysutil.PaddingScheme_PKCS1v15, ""} {
+		encryptReq := &logical.Request{
+			Path:      "encrypt/rsa",
+			Operation: logical.UpdateOperation,
+			Storage:   storage,
+			Data: map[string]interface{}{
+				"plaintext": plaintext,
+			},
+		}
 
-	resp, err = b.HandleRequest(context.Background(), encryptReq)
-	if err != nil || (resp != nil && resp.IsError()) {
-		t.Fatalf("bad: err: %v\nresp: %#v", err, resp)
-	}
+		if padding != "" {
+			encryptReq.Data["padding_scheme"] = padding
+		}
 
-	ciphertext1 := resp.Data["ciphertext"].(string)
+		resp, err = b.HandleRequest(context.Background(), encryptReq)
+		if err != nil || (resp != nil && resp.IsError()) {
+			t.Fatalf("bad: err: %v\nresp: %#v", err, resp)
+		}
 
-	decryptReq := &logical.Request{
-		Path:      "decrypt/rsa",
-		Operation: logical.UpdateOperation,
-		Storage:   storage,
-		Data: map[string]interface{}{
-			"ciphertext": ciphertext1,
-		},
-	}
+		ciphertext1 := resp.Data["ciphertext"].(string)
 
-	resp, err = b.HandleRequest(context.Background(), decryptReq)
-	if err != nil || (resp != nil && resp.IsError()) {
-		t.Fatalf("bad: err: %v\nresp: %#v", err, resp)
-	}
+		decryptReq := &logical.Request{
+			Path:      "decrypt/rsa",
+			Operation: logical.UpdateOperation,
+			Storage:   storage,
+			Data: map[string]interface{}{
+				"ciphertext": ciphertext1,
+			},
+		}
+		if padding != "" {
+			decryptReq.Data["padding_scheme"] = padding
+		}
 
-	decryptedPlaintext := resp.Data["plaintext"]
+		resp, err = b.HandleRequest(context.Background(), decryptReq)
+		if err != nil || (resp != nil && resp.IsError()) {
+			t.Fatalf("bad: err: %v\nresp: %#v", err, resp)
+		}
 
-	if plaintext != decryptedPlaintext {
-		t.Fatalf("bad: plaintext; expected: %q\nactual: %q", plaintext, decryptedPlaintext)
-	}
+		decryptedPlaintext := resp.Data["plaintext"]
 
-	// Rotate the key
-	rotateReq := &logical.Request{
-		Path:      "keys/rsa/rotate",
-		Operation: logical.UpdateOperation,
-		Storage:   storage,
-	}
-	resp, err = b.HandleRequest(context.Background(), rotateReq)
-	if err != nil || (resp != nil && resp.IsError()) {
-		t.Fatalf("bad: err: %v\nresp: %#v", err, resp)
-	}
+		if plaintext != decryptedPlaintext {
+			t.Fatalf("bad: plaintext; expected: %q\nactual: %q", plaintext, decryptedPlaintext)
+		}
 
-	// Encrypt again
-	resp, err = b.HandleRequest(context.Background(), encryptReq)
-	if err != nil || (resp != nil && resp.IsError()) {
-		t.Fatalf("bad: err: %v\nresp: %#v", err, resp)
-	}
-	ciphertext2 := resp.Data["ciphertext"].(string)
+		// Rotate the key
+		rotateReq := &logical.Request{
+			Path:      "keys/rsa/rotate",
+			Operation: logical.UpdateOperation,
+			Storage:   storage,
+		}
+		resp, err = b.HandleRequest(context.Background(), rotateReq)
+		if err != nil || (resp != nil && resp.IsError()) {
+			t.Fatalf("bad: err: %v\nresp: %#v", err, resp)
+		}
 
-	if ciphertext1 == ciphertext2 {
-		t.Fatalf("expected different ciphertexts")
-	}
+		// Encrypt again
+		resp, err = b.HandleRequest(context.Background(), encryptReq)
+		if err != nil || (resp != nil && resp.IsError()) {
+			t.Fatalf("bad: err: %v\nresp: %#v", err, resp)
+		}
+		ciphertext2 := resp.Data["ciphertext"].(string)
 
-	// See if the older ciphertext can still be decrypted
-	resp, err = b.HandleRequest(context.Background(), decryptReq)
-	if err != nil || (resp != nil && resp.IsError()) {
-		t.Fatalf("bad: err: %v\nresp: %#v", err, resp)
-	}
-	if resp.Data["plaintext"].(string) != plaintext {
-		t.Fatal("failed to decrypt old ciphertext after rotating the key")
-	}
+		if ciphertext1 == ciphertext2 {
+			t.Fatalf("expected different ciphertexts")
+		}
 
-	// Decrypt the new ciphertext
-	decryptReq.Data = map[string]interface{}{
-		"ciphertext": ciphertext2,
-	}
-	resp, err = b.HandleRequest(context.Background(), decryptReq)
-	if err != nil || (resp != nil && resp.IsError()) {
-		t.Fatalf("bad: err: %v\nresp: %#v", err, resp)
-	}
-	if resp.Data["plaintext"].(string) != plaintext {
-		t.Fatal("failed to decrypt ciphertext after rotating the key")
+		// See if the older ciphertext can still be decrypted
+		resp, err = b.HandleRequest(context.Background(), decryptReq)
+		if err != nil || (resp != nil && resp.IsError()) {
+			t.Fatalf("bad: err: %v\nresp: %#v", err, resp)
+		}
+		if resp.Data["plaintext"].(string) != plaintext {
+			t.Fatal("failed to decrypt old ciphertext after rotating the key")
+		}
+
+		// Decrypt the new ciphertext
+		decryptReq.Data = map[string]interface{}{
+			"ciphertext": ciphertext2,
+		}
+		if padding != "" {
+			decryptReq.Data["padding_scheme"] = padding
+		}
+
+		resp, err = b.HandleRequest(context.Background(), decryptReq)
+		if err != nil || (resp != nil && resp.IsError()) {
+			t.Fatalf("bad: err: %v\nresp: %#v", err, resp)
+		}
+		if resp.Data["plaintext"].(string) != plaintext {
+			t.Fatal("failed to decrypt ciphertext after rotating the key")
+		}
 	}
 
 	signReq := &logical.Request{

builtin/logical/transit/path_datakey.go

@@ -39,6 +39,12 @@ func (b *backend) pathDatakey() *framework.Path {
 ciphertext; "wrapped" will return the ciphertext only.`,
 			},
 
+			"padding_scheme": {
+				Type: framework.TypeString,
+				Description: `The padding scheme to use for decrypt. Currently only applies to RSA key types.
+Options are 'oaep' or 'pkcs1v15'. Defaults to 'oaep'`,
+			},
+
 			"context": {
 				Type:        framework.TypeString,
 				Description: "Context for key derivation. Required for derived keys.",
@@ -142,23 +148,26 @@ func (b *backend) pathDatakeyWrite(ctx context.Context, req *logical.Request, d
 		return nil, err
 	}
 
-	var managedKeyFactory ManagedKeyFactory
+	factories := make([]any, 0)
+	if ps, ok := d.GetOk("decrypt_padding_scheme"); ok {
+		factories = append(factories, keysutil.PaddingScheme(ps.(string)))
+	}
 	if p.Type == keysutil.KeyType_MANAGED_KEY {
 		managedKeySystemView, ok := b.System().(logical.ManagedKeySystemView)
 		if !ok {
 			return nil, errors.New("unsupported system view")
 		}
 
-		managedKeyFactory = ManagedKeyFactory{
+		factories = append(factories, ManagedKeyFactory{
 			managedKeyParams: keysutil.ManagedKeyParameters{
 				ManagedKeySystemView: managedKeySystemView,
 				BackendUUID:          b.backendUUID,
 				Context:              ctx,
 			},
-		}
+		})
 	}
 
-	ciphertext, err := p.EncryptWithFactory(ver, context, nonce, base64.StdEncoding.EncodeToString(newKey), nil, managedKeyFactory)
+	ciphertext, err := p.EncryptWithFactory(ver, context, nonce, base64.StdEncoding.EncodeToString(newKey), factories...)
 	if err != nil {
 		switch err.(type) {
 		case errutil.UserError:

builtin/logical/transit/path_decrypt.go

@@ -50,6 +50,12 @@ func (b *backend) pathDecrypt() *framework.Path {
 The ciphertext to decrypt, provided as returned by encrypt.`,
 			},
 
+			"padding_scheme": {
+				Type: framework.TypeString,
+				Description: `The padding scheme to use for decrypt. Currently only applies to RSA key types.
+Options are 'oaep' or 'pkcs1v15'. Defaults to 'oaep'`,
+			},
+
 			"context": {
 				Type: framework.TypeString,
 				Description: `
@@ -130,6 +136,9 @@ func (b *backend) pathDecryptWrite(ctx context.Context, req *logical.Request, d
 			Nonce:          d.Get("nonce").(string),
 			AssociatedData: d.Get("associated_data").(string),
 		}
+		if ps, ok := d.GetOk("padding_scheme"); ok {
+			batchInputItems[0].PaddingScheme = ps.(string)
+		}
 	}
 
 	batchResponseItems := make([]DecryptBatchResponseItem, len(batchInputItems))
@@ -192,33 +201,35 @@ func (b *backend) pathDecryptWrite(ctx context.Context, req *logical.Request, d
 			continue
 		}
 
-		var factory interface{}
+		var factories []any
+		if item.PaddingScheme != "" {
+			factories = append(factories, keysutil.PaddingScheme(item.PaddingScheme))
+		}
 		if item.AssociatedData != "" {
 			if !p.Type.AssociatedDataSupported() {
 				batchResponseItems[i].Error = fmt.Sprintf("'[%d].associated_data' provided for non-AEAD cipher suite %v", i, p.Type.String())
 				continue
 			}
 
-			factory = AssocDataFactory{item.AssociatedData}
+			factories = append(factories, AssocDataFactory{item.AssociatedData})
 		}
 
-		var managedKeyFactory ManagedKeyFactory
 		if p.Type == keysutil.KeyType_MANAGED_KEY {
 			managedKeySystemView, ok := b.System().(logical.ManagedKeySystemView)
 			if !ok {
 				batchResponseItems[i].Error = errors.New("unsupported system view").Error()
 			}
 
-			managedKeyFactory = ManagedKeyFactory{
+			factories = append(factories, ManagedKeyFactory{
 				managedKeyParams: keysutil.ManagedKeyParameters{
 					ManagedKeySystemView: managedKeySystemView,
 					BackendUUID:          b.backendUUID,
 					Context:              ctx,
 				},
-			}
+			})
 		}
 
-		plaintext, err := p.DecryptWithFactory(item.DecodedContext, item.DecodedNonce, item.Ciphertext, factory, managedKeyFactory)
+		plaintext, err := p.DecryptWithFactory(item.DecodedContext, item.DecodedNonce, item.Ciphertext, factories...)
 		if err != nil {
 			switch err.(type) {
 			case errutil.InternalError:

builtin/logical/transit/path_encrypt.go

@@ -34,6 +34,9 @@ type BatchRequestItem struct {
 	// Ciphertext for decryption
 	Ciphertext string `json:"ciphertext" structs:"ciphertext" mapstructure:"ciphertext"`
 
+	// PaddingScheme for encryption/decryption
+	PaddingScheme string `json:"padding_scheme" structs:"padding_scheme" mapstructure:"padding_scheme"`
+
 	// Nonce to be used when v1 convergent encryption is used
 	Nonce string `json:"nonce" structs:"nonce" mapstructure:"nonce"`
 
@@ -105,6 +108,12 @@ func (b *backend) pathEncrypt() *framework.Path {
 				Description: "Base64 encoded plaintext value to be encrypted",
 			},
 
+			"padding_scheme": {
+				Type: framework.TypeString,
+				Description: `The padding scheme to use for decrypt. Currently only applies to RSA key types.
+Options are 'oaep' or 'pkcs1v15'. Defaults to 'oaep'`,
+			},
+
 			"context": {
 				Type:        framework.TypeString,
 				Description: "Base64 encoded context for key derivation. Required if key derivation is enabled",
@@ -259,6 +268,13 @@ func decodeBatchRequestItems(src interface{}, requirePlaintext bool, requireCiph
 		} else if requirePlaintext {
 			errs.Errors = append(errs.Errors, fmt.Sprintf("'[%d].plaintext' missing plaintext to encrypt", i))
 		}
+		if v, has := item["padding_scheme"]; has {
+			if casted, ok := v.(string); ok {
+				(*dst)[i].PaddingScheme = casted
+			} else {
+				errs.Errors = append(errs.Errors, fmt.Sprintf("'[%d].padding_scheme' expected type 'string', got unconvertible type '%T'", i, item["padding_scheme"]))
+			}
+		}
 
 		if v, has := item["nonce"]; has {
 			if !reflect.ValueOf(v).IsValid() {
@@ -358,6 +374,9 @@ func (b *backend) pathEncryptWrite(ctx context.Context, req *logical.Request, d
 			KeyVersion:     d.Get("key_version").(int),
 			AssociatedData: d.Get("associated_data").(string),
 		}
+		if ps, ok := d.GetOk("padding_scheme"); ok {
+			batchInputItems[0].PaddingScheme = ps.(string)
+		}
 	}
 
 	batchResponseItems := make([]EncryptBatchResponseItem, len(batchInputItems))
@@ -435,6 +454,12 @@ func (b *backend) pathEncryptWrite(ctx context.Context, req *logical.Request, d
 			polReq.KeyType = keysutil.KeyType_AES256_GCM96
 		case "chacha20-poly1305":
 			polReq.KeyType = keysutil.KeyType_ChaCha20_Poly1305
+		case "rsa-2048":
+			polReq.KeyType = keysutil.KeyType_RSA2048
+		case "rsa-3072":
+			polReq.KeyType = keysutil.KeyType_RSA3072
+		case "rsa-4096":
+			polReq.KeyType = keysutil.KeyType_RSA4096
 		case "ecdsa-p256", "ecdsa-p384", "ecdsa-p521":
 			return logical.ErrorResponse(fmt.Sprintf("key type %v not supported for this operation", keyType)), logical.ErrInvalidRequest
 		case "managed_key":
@@ -482,33 +507,35 @@ func (b *backend) pathEncryptWrite(ctx context.Context, req *logical.Request, d
 			warnAboutNonceUsage = true
 		}
 
-		var factory interface{}
+		var factories []any
+		if item.PaddingScheme != "" {
+			factories = append(factories, keysutil.PaddingScheme(item.PaddingScheme))
+		}
 		if item.AssociatedData != "" {
 			if !p.Type.AssociatedDataSupported() {
 				batchResponseItems[i].Error = fmt.Sprintf("'[%d].associated_data' provided for non-AEAD cipher suite %v", i, p.Type.String())
 				continue
 			}
 
-			factory = AssocDataFactory{item.AssociatedData}
+			factories = append(factories, AssocDataFactory{item.AssociatedData})
 		}
 
-		var managedKeyFactory ManagedKeyFactory
 		if p.Type == keysutil.KeyType_MANAGED_KEY {
 			managedKeySystemView, ok := b.System().(logical.ManagedKeySystemView)
 			if !ok {
 				batchResponseItems[i].Error = errors.New("unsupported system view").Error()
 			}
 
-			managedKeyFactory = ManagedKeyFactory{
+			factories = append(factories, ManagedKeyFactory{
 				managedKeyParams: keysutil.ManagedKeyParameters{
 					ManagedKeySystemView: managedKeySystemView,
 					BackendUUID:          b.backendUUID,
 					Context:              ctx,
 				},
-			}
+			})
 		}
 
-		ciphertext, err := p.EncryptWithFactory(item.KeyVersion, item.DecodedContext, item.DecodedNonce, item.Plaintext, factory, managedKeyFactory)
+		ciphertext, err := p.EncryptWithFactory(item.KeyVersion, item.DecodedContext, item.DecodedNonce, item.Plaintext, factories...)
 		if err != nil {
 			switch err.(type) {
 			case errutil.InternalError: