feat(sdk): add nanotdf plaintext policy (#2182)

### Proposed Changes

* Add nanotdf plaintext policy support
* Default to plaintext policy to align with Base TDF

### Checklist

- [ ] I have added or updated unit tests
- [ ] I have added or updated integration tests (if appropriate)
- [ ] I have added or updated documentation

### Testing Instructions

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

Author: jrschumacher

examples/cmd/encrypt.go

@@ -23,6 +23,7 @@ var (
 	dataAttributes []string
 	collection     int
 	alg            string
+	policyMode     string
 )
 
 func init() {
@@ -40,6 +41,7 @@ func init() {
 	encryptCmd.Flags().StringVarP(&outputName, "output", "o", "sensitive.txt.tdf", "name or path of output file; - for stdout")
 	encryptCmd.Flags().StringVarP(&alg, "key-encapsulation-algorithm", "A", "rsa:2048", "Key wrap algorithm algorithm:parameters")
 	encryptCmd.Flags().IntVarP(&collection, "collection", "c", 0, "number of nano's to create for collection. If collection >0 (default) then output will be <iteration>_<output>")
+	encryptCmd.Flags().StringVar(&policyMode, "policy-mode", "", "Store policy as encrypted instead of plaintext (nanoTDF only) [plaintext|encrypted]")
 
 	ExamplesCmd.AddCommand(&encryptCmd)
 }
@@ -146,6 +148,21 @@ func encrypt(cmd *cobra.Command, args []string) error {
 		if err != nil {
 			return err
 		}
+
+		// Handle policy mode if nanoTDF
+		switch policyMode {
+		case "": // default to encrypted
+		case "encrypted":
+			err = nanoTDFConfig.SetPolicyMode(sdk.NanoTDFPolicyModeEncrypted)
+		case "plaintext":
+			err = nanoTDFConfig.SetPolicyMode(sdk.NanoTDFPolicyModePlainText)
+		default:
+			err = fmt.Errorf("unsupported policy mode: %s", policyMode)
+		}
+		if err != nil {
+			return err
+		}
+
 		for i, writer := range writer {
 			input := plainText
 			if collection > 0 {

sdk/granter_test.go

@@ -299,7 +299,7 @@ func TestAttributeFromMalformedURL(t *testing.T) {
 		t.Run(tc.n, func(t *testing.T) {
 			a, err := NewAttributeNameFQN(tc.u)
 			require.ErrorIs(t, err, ErrInvalid)
-			assert.Equal(t, "", a.String())
+			assert.Empty(t, a.String())
 		})
 	}
 }
@@ -342,7 +342,7 @@ func TestAttributeValueFromMalformedURL(t *testing.T) {
 		t.Run(tc.n, func(t *testing.T) {
 			a, err := NewAttributeValueFQN(tc.u)
 			require.ErrorIs(t, err, ErrInvalid)
-			assert.Equal(t, "", a.String())
+			assert.Empty(t, a.String())
 		})
 	}
 }

sdk/nanotdf.go

@@ -61,7 +61,8 @@ type NanoTDFHeader struct {
 	bindCfg             bindingConfig
 	sigCfg              signatureConfig
 	EphemeralKey        []byte
-	EncryptedPolicyBody []byte
+	PolicyMode          PolicyType
+	PolicyBody          []byte
 	gmacPolicyBinding   []byte
 	ecdsaPolicyBindingR []byte
 	ecdsaPolicyBindingS []byte
@@ -90,7 +91,7 @@ func (header *NanoTDFHeader) VerifyPolicyBinding() (bool, error) {
 		return false, err
 	}
 
-	digest := ocrypto.CalculateSHA256(header.EncryptedPolicyBody)
+	digest := ocrypto.CalculateSHA256(header.PolicyBody)
 	if header.IsEcdsaBindingEnabled() {
 		ephemeralECDSAPublicKey, err := ocrypto.UncompressECPubKey(curve, header.EphemeralKey)
 		if err != nil {
@@ -499,14 +500,15 @@ func writeNanoTDFHeader(writer io.Writer, config NanoTDFConfig) ([]byte, uint32,
 	}
 	totalBytes += uint32(l)
 
-	// Write policy - (Policy Mode, Policy length, Policy cipherText, Policy binding)
-	config.policy.body.mode = policyTypeEmbeddedPolicyEncrypted
+	// Write policy mode
+	config.policy.body.mode = config.policyMode
 	l, err = writer.Write([]byte{byte(config.policy.body.mode)})
 	if err != nil {
 		return nil, 0, 0, err
 	}
 	totalBytes += uint32(l)
 
+	// Create policy object
 	policyObj, err := createPolicyObject(config.attributes)
 	if err != nil {
 		return nil, 0, 0, fmt.Errorf("fail to create policy object:%w", err)
@@ -517,59 +519,34 @@ func writeNanoTDFHeader(writer io.Writer, config NanoTDFConfig) ([]byte, uint32,
 		return nil, 0, 0, fmt.Errorf("json.Marshal failed:%w", err)
 	}
 
-	ecdhKey, err := ocrypto.ConvertToECDHPrivateKey(config.keyPair.PrivateKey)
+	// Create the symmetric key
+	symmetricKey, err := createNanoTDFSymmetricKey(config)
 	if err != nil {
-		return nil, 0, 0, fmt.Errorf("ocrypto.ConvertToECDHPrivateKey failed:%w", err)
-	}
-
-	symKey, err := ocrypto.ComputeECDHKeyFromECDHKeys(config.kasPublicKey, ecdhKey)
-	if err != nil {
-		return nil, 0, 0, fmt.Errorf("ocrypto.ComputeECDHKeyFromEC failed:%w", err)
-	}
-
-	salt := versionSalt()
-
-	symmetricKey, err := ocrypto.CalculateHKDF(salt, symKey)
-	if err != nil {
-		return nil, 0, 0, fmt.Errorf("ocrypto.CalculateHKDF failed:%w", err)
-	}
-
-	aesGcm, err := ocrypto.NewAESGcm(symmetricKey)
-	if err != nil {
-		return nil, 0, 0, fmt.Errorf("ocrypto.NewAESGcm failed:%w", err)
+		return nil, 0, 0, err
 	}
 
-	tagSize, err := SizeOfAuthTagForCipher(config.sigCfg.cipher)
-	if err != nil {
-		return nil, 0, 0, fmt.Errorf("SizeOfAuthTagForCipher failed:%w", err)
+	// Set the symmetric key in the collection config
+	if config.collectionCfg.useCollection {
+		config.collectionCfg.symKey = symmetricKey
 	}
 
-	const (
-		kIvLength = 12
-	)
-	iv := make([]byte, kIvLength)
-	cipherText, err := aesGcm.EncryptWithIVAndTagSize(iv, policyObjectAsStr, tagSize)
+	embeddedP, err := createNanoTDFEmbeddedPolicy(symmetricKey, policyObjectAsStr, config)
 	if err != nil {
-		return nil, 0, 0, fmt.Errorf("AesGcm.EncryptWithIVAndTagSize failed:%w", err)
+		return nil, 0, 0, fmt.Errorf("failed to create embedded policy:%w", err)
 	}
 
-	embeddedP := embeddedPolicy{
-		lengthBody: uint16(len(cipherText) - len(iv)),
-		body:       cipherText[len(iv):],
-	}
 	err = embeddedP.writeEmbeddedPolicy(writer)
 	if err != nil {
 		return nil, 0, 0, fmt.Errorf("writeEmbeddedPolicy failed:%w", err)
 	}
 
 	// size of uint16
-	const (
-		kSizeOfUint16 = 2
-	)
+	const kSizeOfUint16 = 2
 	totalBytes += kSizeOfUint16 + uint32(len(embeddedP.body))
 
 	digest := ocrypto.CalculateSHA256(embeddedP.body)
-	if config.bindCfg.useEcdsaBinding { //nolint:nestif // todo: subfunction
+
+	if config.bindCfg.useEcdsaBinding { //nolint:nestif // TODO: refactor
 		rBytes, sBytes, err := ocrypto.ComputeECDSASig(digest, config.keyPair.PrivateKey)
 		if err != nil {
 			return nil, 0, 0, fmt.Errorf("ComputeECDSASig failed:%w", err)
@@ -617,19 +594,15 @@ func writeNanoTDFHeader(writer io.Writer, config NanoTDFConfig) ([]byte, uint32,
 	}
 	totalBytes += uint32(l)
 
-	if config.collectionCfg.useCollection {
-		config.collectionCfg.symKey = symmetricKey
-	}
-
 	return symmetricKey, totalBytes, 0, nil
 }
 
 func NewNanoTDFHeaderFromReader(reader io.Reader) (NanoTDFHeader, uint32, error) {
 	header := NanoTDFHeader{}
 	var size uint32
 
+	// Read and validate magic number
 	magicNumber := make([]byte, len(kNanoTDFMagicStringAndVersion))
-
 	l, err := reader.Read(magicNumber)
 	if err != nil {
 		return header, 0, fmt.Errorf(" io.Reader.Read failed :%w", err)
@@ -643,7 +616,7 @@ func NewNanoTDFHeaderFromReader(reader io.Reader) (NanoTDFHeader, uint32, error)
 		return header, 0, errors.New("not a valid nano tdf")
 	}
 
-	// read resource locator
+	// Read resource locator
 	resource, err := NewResourceLocatorFromReader(reader)
 	if err != nil {
 		return header, 0, fmt.Errorf("call to NewResourceLocatorFromReader failed :%w", err)
@@ -653,7 +626,7 @@ func NewNanoTDFHeaderFromReader(reader io.Reader) (NanoTDFHeader, uint32, error)
 
 	slog.Debug("NewNanoTDFHeaderFromReader", slog.Uint64("resource locator", uint64(resource.getLength())))
 
-	// read ECC and Binding Mode
+	// Read ECC and Binding Mode
 	oneBytes := make([]byte, 1)
 	l, err = reader.Read(oneBytes)
 	if err != nil {
@@ -662,12 +635,12 @@ func NewNanoTDFHeaderFromReader(reader io.Reader) (NanoTDFHeader, uint32, error)
 	size += uint32(l)
 	header.bindCfg = deserializeBindingCfg(oneBytes[0])
 
-	// check  ephemeral ECC Params Enum
+	// Check ephemeral ECC Params Enum
 	if header.bindCfg.eccMode != ocrypto.ECCModeSecp256r1 {
 		return header, 0, errors.New("current implementation of nano tdf only support secp256r1 curve")
 	}
 
-	// read  Payload and Sig Mode
+	// Read Payload and Sig Mode
 	l, err = reader.Read(oneBytes)
 	if err != nil {
 		return header, 0, fmt.Errorf(" io.Reader.Read failed :%w", err)
@@ -682,14 +655,13 @@ func NewNanoTDFHeaderFromReader(reader io.Reader) (NanoTDFHeader, uint32, error)
 	}
 	size += uint32(l)
 
-	if oneBytes[0] != uint8(policyTypeEmbeddedPolicyEncrypted) {
-		return header, 0, errors.New(" current implementation only support embedded policy type")
+	policyMode := PolicyType(oneBytes[0])
+	if err := validNanoTDFPolicyMode(policyMode); err != nil {
+		return header, 0, errors.Join(fmt.Errorf("unsupported policy mode: %v", policyMode), err)
 	}
 
-	// read policy length
-	const (
-		kSizeOfUint16 = 2
-	)
+	// Read policy length
+	const kSizeOfUint16 = 2
 	twoBytes := make([]byte, kSizeOfUint16)
 	l, err = reader.Read(twoBytes)
 	if err != nil {
@@ -699,17 +671,18 @@ func NewNanoTDFHeaderFromReader(reader io.Reader) (NanoTDFHeader, uint32, error)
 	policyLength := binary.BigEndian.Uint16(twoBytes)
 	slog.Debug("NewNanoTDFHeaderFromReader", slog.Uint64("policyLength", uint64(policyLength)))
 
-	// read policy body
-	header.EncryptedPolicyBody = make([]byte, policyLength)
-	l, err = reader.Read(header.EncryptedPolicyBody)
+	// Read policy body
+	header.PolicyMode = policyMode
+	header.PolicyBody = make([]byte, policyLength)
+	l, err = reader.Read(header.PolicyBody)
 	if err != nil {
 		return header, 0, fmt.Errorf(" io.Reader.Read failed :%w", err)
 	}
 	size += uint32(l)
 
-	// read policy binding
-	if header.bindCfg.useEcdsaBinding { //nolint:nestif // todo: subfunction
-		// read rBytes len and its contents
+	// Read policy binding
+	if header.bindCfg.useEcdsaBinding { //nolint:nestif // TODO: refactor
+		// Read rBytes len and its contents
 		l, err = reader.Read(oneBytes)
 		if err != nil {
 			return header, 0, fmt.Errorf(" io.Reader.Read failed :%w", err)
@@ -723,7 +696,7 @@ func NewNanoTDFHeaderFromReader(reader io.Reader) (NanoTDFHeader, uint32, error)
 		}
 		size += uint32(l)
 
-		// read sBytes len and its contents
+		// Read sBytes len and its contents
 		l, err = reader.Read(oneBytes)
 		if err != nil {
 			return header, 0, fmt.Errorf(" io.Reader.Read failed :%w", err)
@@ -750,7 +723,7 @@ func NewNanoTDFHeaderFromReader(reader io.Reader) (NanoTDFHeader, uint32, error)
 		return header, 0, fmt.Errorf("getECCKeyLength :%w", err)
 	}
 
-	// read ephemeral Key
+	// Read ephemeral Key
 	ephemeralKey := make([]byte, ephemeralKeySize)
 	l, err = reader.Read(ephemeralKey)
 	if err != nil {
@@ -995,8 +968,8 @@ func (n *NanoTDFDecryptHandler) Decrypt(_ context.Context, result []kaoResult) (
 	payloadLength := binary.BigEndian.Uint32(payloadLengthBuf)
 	slog.Debug("ReadNanoTDF", slog.Uint64("payloadLength", uint64(payloadLength)))
 
-	cipherDate := make([]byte, payloadLength)
-	_, err = n.reader.Read(cipherDate)
+	cipherData := make([]byte, payloadLength)
+	_, err = n.reader.Read(cipherData)
 	if err != nil {
 		return 0, fmt.Errorf("readSeeker.Seek failed: %w", err)
 	}
@@ -1009,15 +982,15 @@ func (n *NanoTDFDecryptHandler) Decrypt(_ context.Context, result []kaoResult) (
 	ivPadded := make([]byte, 0, ocrypto.GcmStandardNonceSize)
 	noncePadding := make([]byte, kIvPadding)
 	ivPadded = append(ivPadded, noncePadding...)
-	iv := cipherDate[:kNanoTDFIvSize]
+	iv := cipherData[:kNanoTDFIvSize]
 	ivPadded = append(ivPadded, iv...)
 
 	tagSize, err := SizeOfAuthTagForCipher(n.header.sigCfg.cipher)
 	if err != nil {
 		return 0, fmt.Errorf("SizeOfAuthTagForCipher failed:%w", err)
 	}
 
-	decryptedData, err := aesGcm.DecryptWithIVAndTagSize(ivPadded, cipherDate[kNanoTDFIvSize:], tagSize)
+	decryptedData, err := aesGcm.DecryptWithIVAndTagSize(ivPadded, cipherData[kNanoTDFIvSize:], tagSize)
 	if err != nil {
 		return 0, err
 	}
@@ -1108,3 +1081,28 @@ func versionSalt() []byte {
 	digest.Write([]byte(kNanoTDFMagicStringAndVersion))
 	return digest.Sum(nil)
 }
+
+// createNanoTDFSymmetricKey creates the symmetric key for nanoTDF header
+func createNanoTDFSymmetricKey(config NanoTDFConfig) ([]byte, error) {
+	if config.kasPublicKey == nil {
+		return nil, fmt.Errorf("KAS public key is required for encrypted policy mode")
+	}
+
+	ecdhKey, err := ocrypto.ConvertToECDHPrivateKey(config.keyPair.PrivateKey)
+	if err != nil {
+		return nil, fmt.Errorf("ocrypto.ConvertToECDHPrivateKey failed:%w", err)
+	}
+
+	symKey, err := ocrypto.ComputeECDHKeyFromECDHKeys(config.kasPublicKey, ecdhKey)
+	if err != nil {
+		return nil, fmt.Errorf("ocrypto.ComputeECDHKeyFromEC failed:%w", err)
+	}
+
+	salt := versionSalt()
+	symmetricKey, err := ocrypto.CalculateHKDF(salt, symKey)
+	if err != nil {
+		return nil, fmt.Errorf("ocrypto.CalculateHKDF failed:%w", err)
+	}
+
+	return symmetricKey, nil
+}

sdk/nanotdf_config.go

@@ -26,6 +26,7 @@ type NanoTDFConfig struct {
 	policy        policyInfo
 	bindCfg       bindingConfig
 	collectionCfg *collectionConfig
+	policyMode    PolicyType // Added field for policy mode
 }
 
 type NanoTDFOption func(*NanoTDFConfig) error
@@ -55,6 +56,7 @@ func (s SDK) NewNanoTDFConfig() (*NanoTDFConfig, error) {
 			useCollection: false,
 			header:        []byte{},
 		},
+		policyMode: NanoTDFPolicyModeDefault,
 	}
 
 	return c, nil
@@ -89,6 +91,15 @@ func (config *NanoTDFConfig) EnableCollection() {
 	config.collectionCfg.useCollection = true
 }
 
+// SetPolicyMode sets whether the policy should be encrypted or plaintext
+func (config *NanoTDFConfig) SetPolicyMode(mode PolicyType) error {
+	if err := validNanoTDFPolicyMode(mode); err != nil {
+		return err
+	}
+	config.policyMode = mode
+	return nil
+}
+
 // WithNanoDataAttributes appends the given data attributes to the bound policy
 func WithNanoDataAttributes(attributes ...string) NanoTDFOption {
 	return func(c *NanoTDFConfig) error {