File tree 2 files changed +64
-0
lines changed
2 files changed +64
-0
lines changed Original file line number Diff line number Diff line change 1+ import aws_encryption_sdk
2+
3+
4+ def encrypt_decrypt (key_arn , source_plaintext , botocore_session = None ):
5+
6+ kwargs = dict (key_ids = [key_arn ])
7+
8+ if botocore_session is not None :
9+ kwargs ["botocore_session" ] = botocore_session
10+
11+ # Create master key provider using the ARN of the key and the session (botocore_session)
12+ kms_key_provider = aws_encryption_sdk .KMSMasterKeyProvider (** kwargs )
13+
14+ # Encrypt the plaintext using the AWS Encryption SDK. It returns the encrypted message and the header
15+ ciphertext , encrypted_message_header = aws_encryption_sdk .encrypt (
16+ source = source_plaintext , key_provider = kms_key_provider
17+ )
18+
19+ # Decrypt the encrypted message using the AWS Encryption SDK. It returns the decrypted message and the header
20+ plaintext , decrypted_message_header = aws_encryption_sdk .decrypt (
21+ source = ciphertext , key_provider = kms_key_provider
22+ )
23+
24+ # Check if the original message and the decrypted message are the same
25+ assert source_plaintext == plaintext
26+
27+ # Check if the headers of the encrypted message and decrypted message match
28+ assert all (
29+ pair in encrypted_message_header .encryption_context .items ()
30+ for pair in decrypted_message_header .encryption_context .items ()
31+ )
Original file line number Diff line number Diff line change 1+ # Copyright 2017-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.
2+ #
3+ # Licensed under the Apache License, Version 2.0 (the "License"). You
4+ # may not use this file except in compliance with the License. A copy of
5+ # the License is located at
6+ #
7+ # http://aws.amazon.com/apache2.0/
8+ #
9+ # or in the "license" file accompanying this file. This file is
10+ # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
11+ # ANY KIND, either express or implied. See the License for the specific
12+ # language governing permissions and limitations under the License.
13+ """Unit test suite for the Strings examples in the AWS-hosted documentation."""
14+ import os
15+
16+ import botocore .session
17+ import pytest
18+
19+ from ..src .one_kms_cmk import encrypt_decrypt
20+ from .examples_test_utils import get_cmk_arn
21+
22+
23+ pytestmark = [pytest .mark .examples ]
24+
25+
26+ def test_one_kms_cmk ():
27+ plaintext = os .urandom (1024 )
28+ cmk_arn = get_cmk_arn ()
29+ encrypt_decrypt (
30+ key_arn = cmk_arn ,
31+ source_plaintext = plaintext ,
32+ botocore_session = botocore .session .Session (),
33+ )
You can’t perform that action at this time.
0 commit comments