govuk-one-login
diff --git a/‎.secrets.baseline‎
Lines changed: 3 additions & 0 deletions b/‎.secrets.baseline‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎RELEASE_NOTES.md‎
Lines changed: 5 additions & 0 deletions b/‎RELEASE_NOTES.md‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎build.gradle‎
Lines changed: 2 additions & 1 deletion b/‎build.gradle‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎src/main/java/uk/gov/di/ipv/cri/common/library/service/JWTDecrypter.java‎
Lines changed: 21 additions & 0 deletions b/‎src/main/java/uk/gov/di/ipv/cri/common/library/service/JWTDecrypter.java‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎src/main/java/uk/gov/di/ipv/cri/common/library/service/KMSRSADecrypter.java‎
Lines changed: 168 additions & 0 deletions b/‎src/main/java/uk/gov/di/ipv/cri/common/library/service/KMSRSADecrypter.java‎
Lines changed: 168 additions & 0 deletions
diff --git a/‎src/main/java/uk/gov/di/ipv/cri/common/library/util/EventProbe.java‎
Lines changed: 13 additions & 5 deletions b/‎src/main/java/uk/gov/di/ipv/cri/common/library/util/EventProbe.java‎
Lines changed: 13 additions & 5 deletions
diff --git a/‎src/test/java/uk/gov/di/ipv/cri/common/library/service/JWTDecrypterTest.java‎
Lines changed: 68 additions & 0 deletions b/‎src/test/java/uk/gov/di/ipv/cri/common/library/service/JWTDecrypterTest.java‎
Lines changed: 68 additions & 0 deletions
@@ -113,6 +113,9 @@
     {
       "path": "detect_secrets.filters.regex.should_exclude_secret",
       "pattern": [
+        "jfDZSCq6Z7Hu22uWaNEtDfFfv-RZot58oxhTAwNoGT3aMvWUiZBIzqm0b9f2xkxMBEky3oix9xC5_KRL2Xv-OO9DdTw7sfLMUs7BidEXWRIAq7PgiD1rdkQ5ElZHM1TPYoREXhJyqtXMgup8lD_B85m-xBOgaZQvuG_cxc0lNerLBgu1f23jcy0S8G3P8L-Cl056Kv6QV-WGFOQW0Vurwd_f432Ho1W1STYrSat22YNkX2_A0SJZGVcxF_wKKfNAUw4n7sVdYZOfl62x7Cz2Rt2HX36U6vLhI8ZLNGROCsNKI-LYJA2ET1_li150DMgMNlfYfwHrO3jFi_j1XcK_oA",
+        "cT7gnhBT0VT7jY5gEAsafuZi-o6BP8DI-aaH97mJ4e6q0E1pAgWkWAHc-qvmRWYHLUfbMlTOpH5AlQNhQ-ZWsfm40eM0sIV3OZCk4KcAbSoz4v-9aqleBTVhr_YhZqk_lZ9I9566SzLnOuPkWQr6J5F6F19Ol7Ob0j7-a2zHgXlxQizp1hjXiWAhJ0aFFRfP4hxcohn7h5EKeMw8ZT8jv1kqc0PwRoZOt83SgBcdlLcIz9LDPIUWuXXtw9Xi5FrfAc2SXFv4sv7BEo70-ICT9sC1jTpkMsqJlofqu5R3L2Kf51HFOJe2C1SRy_MQGID9FnQGgrDburfSpcmH_DPxdLS8SJ9X7LyyrPWzrdTwgUDdUCWmsoYbvgZQC1KhRiu7GjKLDU2uQgo0NSiaNIcyS6qllDXPqJUTkz0snmMUjcIN7ZTzA29ngxJh5OhI444qChQrB-2hU769giX00UEyqb--MpTWybGReoC0nF-BzaZrrQkWMB2vFWiDg5dUUD6778b4YvmryINCP5H4NteK8JHnIsqMMbY6wxtZFqVhsvVAR6thM9JBKJrN5nSMkKlwSAEpf2vbUyec2x_AZQ6d66lrneZe3VHWmHAo42d6if2P-yaL2vLrr9g73vr7CfU9WiTYTYtFOJ0aWodFwnSeZq-Bek1RXTNsEl4G8K3ved97W1YlEW4359V6OWpSCfFouDJv-yLxaedRvzXjcBH0Ssx6D8Njs4cOduQ-PE22mUcpHd5URsUsU19F59jgXpk",
+        ".*okVaj3BYY8FfaPef4nzV9dr\\+ziueibf2hofYDQ=",
         "eyJraWQiOiJpcHYtY29yZS1zdHViIiwiYWxnIjoiUlMyNTYifQ\\.eyJzdWIiOiJpcHYtY29yZS1zdHViIiwiYXVkIjoiaHR0cHM6XC9cL2Rldi5hZGRyZXNzLmNyaS5hY2NvdW50Lmdvdi51ayIsIm5iZiI6MTY1MDU0MTg0MCwic2hhcmVkX2NsY.*",
         "eyJraWQiOiJpcHYtY29yZS1zdHViIiwiYWxnIjoiUlMyNTYifQ\\.eyJzdWIiOiJpcHYtY29yZS1zdHViIiwiYXVkIjoiaHR0cHM6XC9cL2Rldi5hZGRyZXNzLmNyaS5hY2NvdW50Lmdvdi51ayIsIm5iZiI6MTY1MDU0MDkyNSwic2hhcmVkX2NsY.*",
         "MIIDJDCCAgwCCQD3oEU83RePojANBgkqhkiG9w0BAQsFADBUMQswCQYDVQQGEwJHQjEXMBUGA1UECgwOQ2FiaW5ldCBPZmZpY2UxDDAKBgNVBAsMA0dEUzEeMBwGA1UEAwwVSVBWIENvcmUgU3R1YiBTaWduaW5nMB4XDTIyMDIwNDE3NDg1NFoXDT.*",
 
@@ -1,5 +1,10 @@
 # Credential Issuer common libraries Release Notes
 
+# 6.2.0
+    - Added steps to decrypt and verify session request in WellKnownJwksSteps
+      that have been encrypted by the stub for the CRI to decrypt using the corresponding kms key alias
+      if `./well-known` is used the ENV_VAR_FEATURE_FLAG_KEY_ROTATION needs to be set to true
+      when the flag is not enabled then encryption is done using the former approach through a shared public base64 key
 # 6.1.0
     - Retrieves JWKS endpoint for JWT verification from SSM params instead of an ENV variable
     - Caches JWKS per endpoint instead of a single cache to allow for different clients
 
@@ -11,7 +11,7 @@ plugins {
 }
 
 // please update RELEASE_NOTES.md when you update this version
-def buildVersion = "6.1.0"
+def buildVersion = "6.2.0"
 
 defaultTasks 'clean', 'spotlessApply', 'build'
 
@@ -154,6 +154,7 @@ dependencies {
 
 	testRuntimeOnly configurations.test_runtime
 
+	testFixturesApi configurations.kms
 	testFixturesApi configurations.aws
 	testFixturesApi configurations.sqs
 	testFixturesApi configurations.aws_crt_client
 
@@ -0,0 +1,21 @@
+package uk.gov.di.ipv.cri.common.library.service;
+
+import com.nimbusds.jose.JOSEException;
+import com.nimbusds.jose.JWEObject;
+import com.nimbusds.jwt.SignedJWT;
+
+import java.text.ParseException;
+
+public class JWTDecrypter {
+    private final KMSRSADecrypter decrypter;
+
+    public JWTDecrypter(KMSRSADecrypter decrypter) {
+        this.decrypter = decrypter;
+    }
+
+    public SignedJWT decrypt(String serialisedJweObj) throws ParseException, JOSEException {
+        JWEObject requestJweObj = JWEObject.parse(serialisedJweObj);
+        requestJweObj.decrypt(this.decrypter);
+        return requestJweObj.getPayload().toSignedJWT();
+    }
+}
@@ -0,0 +1,168 @@
+package uk.gov.di.ipv.cri.common.library.service;
+
+import com.nimbusds.jose.EncryptionMethod;
+import com.nimbusds.jose.JOSEException;
+import com.nimbusds.jose.JWEAlgorithm;
+import com.nimbusds.jose.JWEDecrypter;
+import com.nimbusds.jose.JWEHeader;
+import com.nimbusds.jose.crypto.impl.AlgorithmSupportMessage;
+import com.nimbusds.jose.crypto.impl.ContentCryptoProvider;
+import com.nimbusds.jose.jca.JWEJCAContext;
+import com.nimbusds.jose.util.Base64URL;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+import software.amazon.awssdk.core.SdkBytes;
+import software.amazon.awssdk.services.kms.KmsClient;
+import software.amazon.awssdk.services.kms.model.DecryptRequest;
+import software.amazon.awssdk.services.kms.model.DecryptResponse;
+import software.amazon.awssdk.services.kms.model.EncryptionAlgorithmSpec;
+import uk.gov.di.ipv.cri.common.library.util.EventProbe;
+
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+
+import java.util.Objects;
+import java.util.Set;
+
+import static software.amazon.awssdk.services.kms.model.EncryptionAlgorithmSpec.RSAES_OAEP_SHA_256;
+
+public class KMSRSADecrypter implements JWEDecrypter {
+    private static final Set<JWEAlgorithm> SUPPORTED_ALGORITHMS = Set.of(JWEAlgorithm.RSA_OAEP_256);
+    private static final Set<EncryptionMethod> SUPPORTED_ENCRYPTION_METHODS =
+            Set.of(EncryptionMethod.A256GCM);
+    private static final Logger LOGGER = LogManager.getLogger();
+    private static final String SESSION_DECRYPTION_KEY_PRIMARY_ALIAS =
+            "session_decryption_key_active_alias";
+    private static final String SESSION_DECRYPTION_KEY_SECONDARY_ALIAS =
+            "session_decryption_key_inactive_alias";
+    private static final String SESSION_DECRYPTION_KEY_PREVIOUS_ALIAS =
+            "session_decryption_key_previous_alias";
+    private static final String ALL_ALIASES_UNAVAILABLE = "all_aliases_unavailable_for_decryption";
+    private boolean keyRotationEnabled = false;
+    private final JWEJCAContext jcaContext;
+    private final KmsClient kmsClient;
+    private final EventProbe eventProbe;
+    private final String keyId;
+
+    public KMSRSADecrypter(String keyId, KmsClient kmsClient, EventProbe eventProbe) {
+        this(
+                kmsClient,
+                eventProbe,
+                keyId,
+                Boolean.parseBoolean(System.getenv("ENV_VAR_FEATURE_FLAG_KEY_ROTATION")));
+    }
+
+    public KMSRSADecrypter(
+            KmsClient kmsClient, EventProbe eventProbe, String keyId, Boolean keyRotationEnabled) {
+        this.jcaContext = new JWEJCAContext();
+        this.kmsClient = kmsClient;
+        this.eventProbe = eventProbe;
+        this.keyId = keyId;
+        this.keyRotationEnabled = keyRotationEnabled;
+    }
+
+    @Override
+    public byte[] decrypt(
+            JWEHeader header,
+            Base64URL encryptedKey,
+            Base64URL iv,
+            Base64URL cipherText,
+            Base64URL authTag,
+            byte[] aad)
+            throws JOSEException {
+        // Validate required JWE parts
+        if (Objects.isNull(encryptedKey)) {
+            throw new JOSEException("Missing JWE encrypted key");
+        }
+
+        if (Objects.isNull(iv)) {
+            throw new JOSEException("Missing JWE initialization vector (IV)");
+        }
+
+        if (Objects.isNull(authTag)) {
+            throw new JOSEException("Missing JWE authentication tag");
+        }
+
+        JWEAlgorithm alg = header.getAlgorithm();
+
+        if (!SUPPORTED_ALGORITHMS.contains(alg)) {
+            throw new JOSEException(
+                    AlgorithmSupportMessage.unsupportedJWEAlgorithm(alg, supportedJWEAlgorithms()));
+        }
+        DecryptResponse decryptResponse;
+        if (isKeyRotationEnabled()) {
+            LOGGER.info("Key rotation enabled. Attempting to decrypt with key aliases.");
+            // During a key rotation we might receive JWTs encrypted with either the old or new key.
+            decryptResponse = decryptWithKeyAliases(encryptedKey);
+
+            if (decryptResponse == null) {
+                String message = "Failed to decrypt with all available key aliases.";
+                LOGGER.error(message);
+                throw new JOSEException(message);
+            }
+        } else {
+            DecryptRequest decryptRequest =
+                    DecryptRequest.builder()
+                            .encryptionAlgorithm(EncryptionAlgorithmSpec.RSAES_OAEP_SHA_256)
+                            .ciphertextBlob(SdkBytes.fromByteArray(encryptedKey.decode()))
+                            .keyId(this.keyId)
+                            .build();
+            decryptResponse = this.kmsClient.decrypt(decryptRequest);
+        }
+
+        SecretKey cek = new SecretKeySpec(decryptResponse.plaintext().asByteArray(), "AES");
+        return ContentCryptoProvider.decrypt(
+                header, null, encryptedKey, iv, cipherText, authTag, cek, getJCAContext());
+    }
+
+    private DecryptResponse decryptWithKeyAliases(Base64URL encryptedKey) {
+        String[] keyAliases = {
+            SESSION_DECRYPTION_KEY_PRIMARY_ALIAS,
+            SESSION_DECRYPTION_KEY_SECONDARY_ALIAS,
+            SESSION_DECRYPTION_KEY_PREVIOUS_ALIAS
+        };
+
+        DecryptResponse decryptResponse = null;
+        for (String alias : keyAliases) {
+            try {
+                decryptResponse = kmsClient.decrypt(buildDecryptRequest(alias, encryptedKey));
+                LOGGER.info("Decryption successful with key alias: {}", alias);
+                return decryptResponse;
+            } catch (Exception e) {
+                LOGGER.warn(
+                        "Failed to decrypt with key alias: {}. Error: {}", alias, e.getMessage());
+            }
+        }
+
+        eventProbe.counterMetric(ALL_ALIASES_UNAVAILABLE);
+
+        return decryptResponse;
+    }
+
+    public boolean isKeyRotationEnabled() {
+        return keyRotationEnabled;
+    }
+
+    private DecryptRequest buildDecryptRequest(String keyAlias, Base64URL encryptedKey) {
+        return DecryptRequest.builder()
+                .ciphertextBlob(SdkBytes.fromByteArray(encryptedKey.decode()))
+                .encryptionAlgorithm(RSAES_OAEP_SHA_256)
+                .keyId("alias/" + keyAlias)
+                .build();
+    }
+
+    @Override
+    public Set<JWEAlgorithm> supportedJWEAlgorithms() {
+        return SUPPORTED_ALGORITHMS;
+    }
+
+    @Override
+    public Set<EncryptionMethod> supportedEncryptionMethods() {
+        return SUPPORTED_ENCRYPTION_METHODS;
+    }
+
+    @Override
+    public JWEJCAContext getJCAContext() {
+        return jcaContext;
+    }
+}
@@ -16,7 +16,15 @@
 public class EventProbe {
     private static final String GOVUK_SIGNIN_JOURNEY_ID = "govuk_signin_journey_id";
     private static final Logger LOGGER = LogManager.getLogger();
-    private static final MetricsLogger METRICS_LOGGER = MetricsUtils.metricsLogger();
+    private final MetricsLogger metricsLogger;
+
+    public EventProbe() {
+        this(MetricsUtils.metricsLogger());
+    }
+
+    public EventProbe(MetricsLogger metricsLogger) {
+        this.metricsLogger = metricsLogger;
+    }
 
     public EventProbe log(Level level, Throwable throwable) {
         LOGGER.log(level, throwable.getMessage(), throwable);
@@ -42,17 +50,17 @@ private void logErrorCause(Throwable throwable) {
     }
 
     public EventProbe counterMetric(String key) {
-        METRICS_LOGGER.putMetric(key, 1d);
+        metricsLogger.putMetric(key, 1d);
         return this;
     }
 
     public EventProbe counterMetric(String key, double value) {
-        METRICS_LOGGER.putMetric(key, value);
+        metricsLogger.putMetric(key, value);
         return this;
     }
 
     public EventProbe counterMetric(String key, double value, Unit unit) {
-        METRICS_LOGGER.putMetric(key, value, unit);
+        metricsLogger.putMetric(key, value, unit);
         return this;
     }
 
@@ -77,7 +85,7 @@ public void addDimensions(Map<String, String> dimensions) {
         if (dimensions != null) {
             DimensionSet dimensionSet = new DimensionSet();
             dimensions.forEach(dimensionSet::addDimension);
-            METRICS_LOGGER.putDimensions(dimensionSet);
+            metricsLogger.putDimensions(dimensionSet);
         }
     }
 }
@@ -0,0 +1,68 @@
+package uk.gov.di.ipv.cri.common.library.service;
+
+import com.nimbusds.jose.EncryptionMethod;
+import com.nimbusds.jose.JOSEException;
+import com.nimbusds.jose.JWEAlgorithm;
+import com.nimbusds.jose.JWEHeader;
+import com.nimbusds.jose.util.Base64URL;
+import com.nimbusds.jwt.SignedJWT;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.ArgumentCaptor;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoExtension;
+
+import java.nio.charset.StandardCharsets;
+import java.text.ParseException;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+@ExtendWith(MockitoExtension.class)
+class JWTDecrypterTest {
+    @Mock private KMSRSADecrypter mockDecrypter;
+    private JWTDecrypter jwtDecrypter;
+
+    @BeforeEach
+    void setup() {
+        this.jwtDecrypter = new JWTDecrypter(mockDecrypter);
+    }
+
+    @Test
+    void shouldDecrypt() throws ParseException, JOSEException {
+        String encryptedJWT =
+                "eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiUlNBLU9BRVAtMjU2In0.jfDZSCq6Z7Hu22uWaNEtDfFfv-RZot58oxhTAwNoGT3aMvWUiZBIzqm0b9f2xkxMBEky3oix9xC5_KRL2Xv-OO9DdTw7sfLMUs7BidEXWRIAq7PgiD1rdkQ5ElZHM1TPYoREXhJyqtXMgup8lD_B85m-xBOgaZQvuG_cxc0lNerLBgu1f23jcy0S8G3P8L-Cl056Kv6QV-WGFOQW0Vurwd_f432Ho1W1STYrSat22YNkX2_A0SJZGVcxF_wKKfNAUw4n7sVdYZOfl62x7Cz2Rt2HX36U6vLhI8ZLNGROCsNKI-LYJA2ET1_li150DMgMNlfYfwHrO3jFi_j1XcK_oA.esSJbN3jlduupMFy.cT7gnhBT0VT7jY5gEAsafuZi-o6BP8DI-aaH97mJ4e6q0E1pAgWkWAHc-qvmRWYHLUfbMlTOpH5AlQNhQ-ZWsfm40eM0sIV3OZCk4KcAbSoz4v-9aqleBTVhr_YhZqk_lZ9I9566SzLnOuPkWQr6J5F6F19Ol7Ob0j7-a2zHgXlxQizp1hjXiWAhJ0aFFRfP4hxcohn7h5EKeMw8ZT8jv1kqc0PwRoZOt83SgBcdlLcIz9LDPIUWuXXtw9Xi5FrfAc2SXFv4sv7BEo70-ICT9sC1jTpkMsqJlofqu5R3L2Kf51HFOJe2C1SRy_MQGID9FnQGgrDburfSpcmH_DPxdLS8SJ9X7LyyrPWzrdTwgUDdUCWmsoYbvgZQC1KhRiu7GjKLDU2uQgo0NSiaNIcyS6qllDXPqJUTkz0snmMUjcIN7ZTzA29ngxJh5OhI444qChQrB-2hU769giX00UEyqb--MpTWybGReoC0nF-BzaZrrQkWMB2vFWiDg5dUUD6778b4YvmryINCP5H4NteK8JHnIsqMMbY6wxtZFqVhsvVAR6thM9JBKJrN5nSMkKlwSAEpf2vbUyec2x_AZQ6d66lrneZe3VHWmHAo42d6if2P-yaL2vLrr9g73vr7CfU9WiTYTYtFOJ0aWodFwnSeZq-Bek1RXTNsEl4G8K3ved97W1YlEW4359V6OWpSCfFouDJv-yLxaedRvzXjcBH0Ssx6D8Njs4cOduQ-PE22mUcpHd5URsUsU19F59jgXpk.I48OP5ZO-bl9nqunO4VX6w";
+        byte[] decryptedJWT =
+                new SignedJWTBuilder().build().serialize().getBytes(StandardCharsets.UTF_8);
+        when(mockDecrypter.decrypt(
+                        any(JWEHeader.class),
+                        any(Base64URL.class),
+                        any(Base64URL.class),
+                        any(Base64URL.class),
+                        any(Base64URL.class),
+                        any(byte[].class)))
+                .thenReturn(decryptedJWT);
+
+        SignedJWT decryptedSignedJWT = this.jwtDecrypter.decrypt(encryptedJWT);
+
+        ArgumentCaptor<JWEHeader> headerArgumentCaptor = ArgumentCaptor.forClass(JWEHeader.class);
+        verify(mockDecrypter)
+                .decrypt(
+                        headerArgumentCaptor.capture(),
+                        any(Base64URL.class),
+                        any(Base64URL.class),
+                        any(Base64URL.class),
+                        any(Base64URL.class),
+                        any(byte[].class));
+        JWEHeader actualHeader = headerArgumentCaptor.getValue();
+        assertEquals(JWEAlgorithm.RSA_OAEP_256.getName(), actualHeader.getAlgorithm().getName());
+        assertEquals(
+                EncryptionMethod.A256GCM.getName(), actualHeader.getEncryptionMethod().getName());
+        assertEquals("JWT", actualHeader.getContentType());
+        assertNotNull(decryptedSignedJWT);
+    }
+}