feat: AWS KMS multi-Region Key support (#254)

Added new the master key AwsKmsMrkAwareMasterKey
and the new master key provider AwsKmsMrkAwareMasterKeyProvider
that support AWS KMS multi-Region Keys.

See https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
for more details about AWS KMS multi-Region Keys.
See https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/configure.html#config-mrks
for more details about how the AWS Encryption SDK interoperates
with AWS KMS multi-Region keys.

Co-authored-by: seebees <[email protected]>

Author: robin-aws

.gitignore

@@ -5,4 +5,7 @@ target/
 .classpath
 /bin/
 .idea/
-*.iml
+*.iml
+/.history
+/.DS_Store
+/specification_compliance_report.html

.gitmodules

@@ -1,3 +1,6 @@
 [submodule "src/test/resources/aws-encryption-sdk-test-vectors"]
 	path = src/test/resources/aws-encryption-sdk-test-vectors
 	url = https://github.com/awslabs/private-aws-encryption-sdk-test-vectors-staging.git
+[submodule "aws-encryption-sdk-specification"]
+	path = aws-encryption-sdk-specification
+	url = https://github.com/awslabs/private-aws-encryption-sdk-specification-staging.git

CHANGELOG.md

@@ -1,5 +1,20 @@
 # Changelog
 
+## 2.3.0 -- 2021-06-16
+
+* feat: AWS KMS multi-Region Key support
+        
+  Added new the master key AwsKmsMrkAwareMasterKey
+  and the new master key provider AwsKmsMrkAwareMasterKeyProvider
+  that support AWS KMS multi-Region Keys.
+
+  See https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html
+  for more details about AWS KMS multi-Region Keys.
+  
+  See https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/configure.html#config-mrks
+  for more details about how the AWS Encryption SDK interoperates
+  with AWS KMS multi-Region keys.
+
 ## 2.2.0 -- 2021-05-27
 
 * feat: Improvements to the message decryption process. 

NOTICE.txt

@@ -8,4 +8,4 @@ This software includes third party software subject to the following copyrights:
 -Cryptographic functions from Bouncy Castle Crypto APIs for Java - Copyright
 2000-2013 The Legion of the Bouncy Castle
 
-The licenses for these third party components are included in LICENSE.txt 
+The licenses for these third party components are included in LICENSE.txt 

README-JML.md

@@ -646,4 +646,4 @@ OpenJML distinguishes between an assertion or specification being found to be in
 
 ## Where to Find Java Standard Library Specifications
 
-In the installation of OpenJML, the repo OpenJML/Specs (https://github.com/OpenJML/Specs) is downloaded. This contains specifications for a subset of Java's standard library, following the package structure of the JDK. Any missing specifications could be added into files in the projects contained. Note that the specifications provided for standard library classes and methods are assumed, rather than verified against particular implementations, so any added specifications should be carefully examined so as not to introduce potential unsoundness. If appropriate, additional standard library specifications could be merged into the official release of OpenJML by making a pull request to the development branch of OpenJML/Specs.
+In the installation of OpenJML, the repo OpenJML/Specs (https://github.com/OpenJML/Specs) is downloaded. This contains specifications for a subset of Java's standard library, following the package structure of the JDK. Any missing specifications could be added into files in the projects contained. Note that the specifications provided for standard library classes and methods are assumed, rather than verified against particular implementations, so any added specifications should be carefully examined so as not to introduce potential unsoundness. If appropriate, additional standard library specifications could be merged into the official release of OpenJML by making a pull request to the development branch of OpenJML/Specs.

README.md

@@ -56,7 +56,7 @@ You can get the latest release from Maven:
 <dependency>
   <groupId>com.amazonaws</groupId>
   <artifactId>aws-encryption-sdk-java</artifactId>
-  <version>2.2.0</version>
+  <version>2.3.0</version>
 </dependency>
 ```
 

aws-encryption-sdk-specification

@@ -0,0 +1,9 @@
+version: 0.2
+
+phases:
+  install:
+    runtime-versions:
+      nodejs: 12
+  build:
+    commands:
+      - ./util/test-conditions.sh

codebuild/compliance.yml

@@ -6,4 +6,4 @@ phases:
             java: corretto11
     build:
         commands:
-            - mvn install -Dgpg.skip=true "-DtestVectorZip=file://$CODEBUILD_SRC_DIR/src/test/resources/aws-encryption-sdk-test-vectors/vectors/awses-decrypt/python-2.2.0.zip"
+            - mvn install -Dgpg.skip=true "-DtestVectorZip=file://$CODEBUILD_SRC_DIR/src/test/resources/aws-encryption-sdk-test-vectors/vectors/awses-decrypt/python-2.3.0-mrks.zip"

codebuild/corretto11.yml

@@ -6,4 +6,4 @@ phases:
             java: corretto8
     build:
         commands:
-          - mvn install -Dgpg.skip=true "-DtestVectorZip=file://$CODEBUILD_SRC_DIR/src/test/resources/aws-encryption-sdk-test-vectors/vectors/awses-decrypt/python-2.2.0.zip"
+          - mvn install -Dgpg.skip=true "-DtestVectorZip=file://$CODEBUILD_SRC_DIR/src/test/resources/aws-encryption-sdk-test-vectors/vectors/awses-decrypt/python-2.3.0-mrks.zip"