# -*- coding: utf-8 -*- # # Copyright 2023 Google LLC. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. """Encrypt a plaintext file using a raw key.""" from __future__ import absolute_import from __future__ import division from __future__ import unicode_literals import uuid from apitools.base.py import exceptions as apitools_exceptions from googlecloudsdk.api_lib.cloudkms import base as cloudkms_base from googlecloudsdk.calliope import base from googlecloudsdk.calliope import exceptions from googlecloudsdk.command_lib.kms import crc32c from googlecloudsdk.command_lib.kms import e2e_integrity from googlecloudsdk.command_lib.kms import flags from googlecloudsdk.core import log from googlecloudsdk.core.console import console_io from googlecloudsdk.core.util import files CBC_CTR_IV_SIZE = 16 class RawEncrypt(base.Command): r"""Encrypt a plaintext file using a raw key. Encrypts the given plaintext file using the given CryptoKey containing a raw key and writes the result to the named ciphertext file. The plaintext file must not be larger than 64KiB. For the AES-CBC algorithms, no server-side padding is being done, so the plaintext must be a multiple of the block size. The supported algorithms are: `AES-128-GCM`, `AES-256-GCM`, `AES-128-CBC`, `AES-256-CBC`, `AES-128-CTR`, `and AES-256-CTR`. `AES-GCM` provides authentication which means that it accepts additional authenticated data (AAD). So, the flag `--additional-authenticated-data-file` is only valid with `AES-128-GCM` and `AES-256-GCM` algorithms. The initialization vector (flag `--initialization-vector-file`) is only supported for `AES-CBC` and `AES-CTR` algorithms, and must be 16B in length. Therefore, both additional authenticated data and initialization vector can't be provided during encryption. If an additional authenticated data file is provided, its contents must also be provided during decryption. The file must not be larger than 64KiB. The flag `--version` indicates the version of the key to use for encryption. If `--plaintext-file` or `--additional-authenticated-data-file` or `--initialization-vector-file` is set to '-', that file is read from stdin. Similarly, if `--ciphertext-file` is set to '-', the ciphertext is written to stdout. By default, the command performs integrity verification on data sent to and received from Cloud KMS. Use `--skip-integrity-verification` to disable integrity verification. ## EXAMPLES The following command reads and encrypts the file `path/to/input/plaintext`. The file will be encrypted using the `AES-GCM` CryptoKey `KEYNAME` from the KeyRing `KEYRING` in the `global` location using the additional authenticated data file `path/to/input/aad`. The resulting ciphertext will be written to `path/to/output/ciphertext`. $ {command} \ --key=KEYNAME \ --keyring=KEYRING \ --location=global \ --plaintext-file=path/to/input/plaintext \ --additional-authenticated-data-file=path/to/input/aad \ --ciphertext-file=path/to/output/ciphertext The following command reads and encrypts the file `path/to/input/plaintext`. The file will be encrypted using the `AES-CBC` CryptoKey `KEYNAME` from the KeyRing `KEYRING` in the `global` location using the initialization vector stored at `path/to/input/aad`. The resulting ciphertext will be written to `path/to/output/ciphertext`. $ {command} \ --key=KEYNAME \ --keyring=KEYRING \ --location=global \ --plaintext-file=path/to/input/plaintext \ --initialization-vector-file=path/to/input/iv \ --ciphertext-file=path/to/output/ciphertext """ @staticmethod def Args(parser): flags.AddKeyResourceFlags(parser, 'The key to use for encryption.') flags.AddCryptoKeyVersionFlag(parser, 'to use for encryption', True) flags.AddPlaintextFileFlag(parser, 'to encrypt') flags.AddCiphertextFileFlag(parser, 'to output') flags.AddIvFileFlag(parser, 'for encryption') flags.AddAadFileFlag(parser) flags.AddSkipIntegrityVerification(parser) def _ReadFileOrStdin(self, path, max_bytes): data = console_io.ReadFromFileOrStdin(path, binary=True) if len(data) > max_bytes: raise exceptions.BadFileException( 'The file [{0}] is larger than the maximum size of {1} bytes.'.format( path, max_bytes ) ) return data def _PerformIntegrityVerification(self, args): return not args.skip_integrity_verification def _CreateRawEncryptRequest(self, args): if ( args.initialization_vector_file and args.additional_authenticated_data_file ): raise exceptions.InvalidArgumentException( '--initialization-vector-file and' ' --additional-authenticated-data-file', 'both parameters cannot be provided simultaneously.', ) if args.plaintext_file == '-' and ( args.initialization_vector_file == '-' or args.additional_authenticated_data_file == '-' ): raise exceptions.InvalidArgumentException( '--plaintext-file', 'multiple parameters cannot be read from stdin.' ) try: # The RawEncrypt API limits the plaintext to 64KiB. plaintext = self._ReadFileOrStdin(args.plaintext_file, max_bytes=65536) except files.Error as e: raise exceptions.BadFileException( 'Failed to read plaintext file [{0}]: {1}'.format( args.plaintext_file, e ) ) aad = b'' if args.additional_authenticated_data_file: try: # The RawEncrypt API limits the AAD to 64KiB. aad = self._ReadFileOrStdin( args.additional_authenticated_data_file, max_bytes=65536 ) except files.Error as e: raise exceptions.BadFileException( 'Failed to read additional authenticated data file [{0}]: {1}' .format(args.additional_authenticated_data_file, e) ) iv = b'' if args.initialization_vector_file: try: # The RawEncrypt API limits the IV to CBC_CTR_IV_SIZE bytes. iv = self._ReadFileOrStdin( args.initialization_vector_file, max_bytes=CBC_CTR_IV_SIZE ) except files.Error as e: raise exceptions.BadFileException( 'Failed to read initialization vector file [{0}]: {1}'.format( args.initialization_vector_file, e ) ) if len(iv) != CBC_CTR_IV_SIZE: raise exceptions.BadFileException( '--initialization-vector-file', 'the IV size must be {0} bytes.'.format(CBC_CTR_IV_SIZE), ) crypto_key_ref = flags.ParseCryptoKeyVersionName(args) messages = cloudkms_base.GetMessagesModule() req = messages.CloudkmsProjectsLocationsKeyRingsCryptoKeysCryptoKeyVersionsRawEncryptRequest( # pylint: disable=line-too-long name=crypto_key_ref.RelativeName() ) # Populate request integrity fields. if self._PerformIntegrityVerification(args): plaintext_crc32c = crc32c.Crc32c(plaintext) iv_crc32c = crc32c.Crc32c(iv) aad_crc32c = crc32c.Crc32c(aad) req.rawEncryptRequest = messages.RawEncryptRequest( plaintext=plaintext, initializationVector=iv, additionalAuthenticatedData=aad, plaintextCrc32c=plaintext_crc32c, initializationVectorCrc32c=iv_crc32c, additionalAuthenticatedDataCrc32c=aad_crc32c, ) else: req.rawEncryptRequest = messages.RawEncryptRequest( plaintext=plaintext, initializationVector=iv, additionalAuthenticatedData=aad, ) return req def _VerifyResponseIntegrityFields(self, req, resp): """Verifies integrity fields in RawEncryptResponse. Note: This methods assumes that self._PerformIntegrityVerification() is True and that all request CRC32C fields were pupolated. Args: req: messages.CloudkmsProjectsLocationsKeyRingsCryptoKeysCryptoKeyVersionsRawEncryptRequest() object resp: messages.RawEncryptResponse() object. Returns: Void. Raises: e2e_integrity.ServerSideIntegrityVerificationError if the server reports request integrity verification error. e2e_integrity.ClientSideIntegrityVerificationError if response integrity verification fails. """ # Verify resource name. if req.name != resp.name: raise e2e_integrity.ResourceNameVerificationError( e2e_integrity.GetResourceNameMismatchErrorMessage(req.name, resp.name) ) # plaintext_crc32c was verified server-side. if not resp.verifiedPlaintextCrc32c: raise e2e_integrity.ClientSideIntegrityVerificationError( e2e_integrity.GetRequestToServerCorruptedErrorMessage() ) # additional_authenticated_data_crc32c was verified server-side. if not resp.verifiedAdditionalAuthenticatedDataCrc32c: raise e2e_integrity.ClientSideIntegrityVerificationError( e2e_integrity.GetRequestToServerCorruptedErrorMessage() ) # initialization_vector_crc32c was verified server-side. if not resp.verifiedInitializationVectorCrc32c: raise e2e_integrity.ClientSideIntegrityVerificationError( e2e_integrity.GetRequestToServerCorruptedErrorMessage() ) # Verify ciphertext checksum. if not crc32c.Crc32cMatches(resp.ciphertext, resp.ciphertextCrc32c): raise e2e_integrity.ClientSideIntegrityVerificationError( e2e_integrity.GetResponseFromServerCorruptedErrorMessage() ) def Run(self, args): client = cloudkms_base.GetClientInstance() req = self._CreateRawEncryptRequest(args) resp = None try: resp = client.projects_locations_keyRings_cryptoKeys_cryptoKeyVersions.RawEncrypt( req ) # Intercept INVALID_ARGUMENT errors related to checksum verification, to # present a user-friendly message. All other errors are surfaced as-is. except apitools_exceptions.HttpBadRequestError as error: e2e_integrity.ProcessHttpBadRequestError(error) if self._PerformIntegrityVerification(args): self._VerifyResponseIntegrityFields(req, resp) try: log.WriteToFileOrStdout( args.ciphertext_file, resp.ciphertext, binary=True, overwrite=True ) # If an initialization vector file is not provided, # store the one created during the encrypt in a randomly named file. if not args.initialization_vector_file and resp.initializationVector: iv_file_name = './inialization_vector_' + str(uuid.uuid4())[:8] files.WriteBinaryFileContents( iv_file_name, resp.initializationVector, overwrite=True, ) except files.Error as e: raise exceptions.BadFileException(e)