@@ -31,13 +31,6 @@ import {
3131} from '@aws-crypto/kms-keyring-node'
3232import { BranchKeyStoreNode } from '@aws-crypto/branch-keystore-node'
3333
34- import { deserializeFactory } from '@aws-crypto/serialize'
35- import { NodeAlgorithmSuite } from '@aws-crypto/material-management-node'
36- import { readFileSync , writeFileSync } from 'fs'
37- const toUtf8 = ( input : Uint8Array ) =>
38- Buffer . from ( input . buffer , input . byteOffset , input . byteLength ) . toString ( 'utf8' )
39- const deserialize = deserializeFactory ( toUtf8 , NodeAlgorithmSuite )
40-
4134const { decrypt } = buildDecrypt ( CommitmentPolicy . FORBID_ENCRYPT_ALLOW_DECRYPT )
4235const { encrypt } = buildEncrypt ( CommitmentPolicy . REQUIRE_ENCRYPT_ALLOW_DECRYPT )
4336
@@ -81,7 +74,9 @@ describe('committing algorithm test', () => {
8174 needs ( status , 'Unexpected Status' )
8275 needs ( plaintextBase64 , 'Nothing to encrypt' )
8376
84- const suiteId = AlgorithmSuiteIdentifier . ALG_AES256_GCM_IV12_TAG16_HKDF_SHA512_COMMIT_KEY
77+ const suiteId = once
78+ ? AlgorithmSuiteIdentifier . ALG_AES256_GCM_IV12_TAG16_HKDF_SHA512_COMMIT_KEY
79+ : AlgorithmSuiteIdentifier . ALG_AES256_GCM_IV12_TAG16_HKDF_SHA512_COMMIT_KEY_ECDSA_P384
8580 once = true
8681
8782 const encryptOutput = await encrypt ( keyring , plaintextBase64 , {
@@ -128,14 +123,16 @@ describe('committing algorithm test', () => {
128123 case 'aws-kms' :
129124 return new KmsKeyringNode ( { discovery : true } )
130125 case 'static' :
131- const dataKey = Buffer . alloc ( 32 , test [ 'decrypted-dek' ] , 'base64' )
132-
133126 return new ( class TestKeyring extends KeyringNode {
134127 async _onEncrypt ( ) : Promise < NodeEncryptionMaterial > {
135128 throw new Error ( 'I should never see this error' )
136129 }
137130 async _onDecrypt ( material : NodeDecryptionMaterial ) {
138- const unencryptedDataKey = dataKey
131+ const unencryptedDataKey = Buffer . alloc (
132+ 32 ,
133+ test [ 'decrypted-dek' ] ,
134+ 'base64'
135+ )
139136 const trace = {
140137 keyNamespace : 'k' ,
141138 keyName : 'k' ,
@@ -150,79 +147,77 @@ describe('committing algorithm test', () => {
150147 // This is *NOT* recommended.
151148 // The proper extension point for the KeyStore is _only_ the Storage interface!
152149 // However, this does let us do some quick test vector testing.
153- // At this time this is overly perscriptive ,
154- // but the expectation is to be able to depracate this
150+ // At this time this is overly prescriptive ,
151+ // but the expectation is to be able to deprecate this
155152 // in favor of the test vectors project (integration-node)
156- const keyStore = {
157- __proto__ : BranchKeyStoreNode . prototype ,
158- kmsConfiguration : {
159- getRegion ( ) {
160- return null
153+ return new KmsHierarchicalKeyRingNode ( {
154+ branchKeyId : 'bd3842ff-3076-4092-9918-4395730050b8' ,
155+ cacheLimitTtl : 1 ,
156+ keyStore : {
157+ __proto__ : BranchKeyStoreNode . prototype ,
158+ kmsConfiguration : {
159+ getRegion ( ) {
160+ return null
161+ } ,
161162 } ,
162- } ,
163-
164- getKeyStoreInfo ( ) {
165- return {
166- logicalKeyStoreName : 'logicalKeyStoreName' ,
167- }
168- } ,
169-
170- async getBranchKeyVersion (
171- branchKeyId : string ,
172- branchKeyVersion : string
173- ) : Promise < NodeBranchKeyMaterial > {
174- needs (
175- branchKeyId == 'bd3842ff-3076-4092-9918-4395730050b8' ,
176- branchKeyId
177- )
178- needs (
179- branchKeyVersion == 'e9ce18a3-edb5-4272-9f86-1cacb7997ff6' ,
180- branchKeyVersion
181- )
182-
183- return new NodeBranchKeyMaterial (
184- Buffer . from (
185- 'tJwf65epYvUt5HMiQsl/6jlvLxS0tgdjIuvFy2BLIwg=' ,
186- 'base64'
187- ) ,
188- branchKeyId ,
189- branchKeyVersion ,
190- { }
191- )
192- } ,
193- async getActiveBranchKey (
194- branchKeyId : string
195- ) : Promise < NodeBranchKeyMaterial > {
196- needs (
197- branchKeyId == 'bd3842ff-3076-4092-9918-4395730050b8' ,
198- branchKeyId
199- )
200-
201- return new NodeBranchKeyMaterial (
202- Buffer . from (
203- 'tJwf65epYvUt5HMiQsl/6jlvLxS0tgdjIuvFy2BLIwg=' ,
204- 'base64'
205- ) ,
206- branchKeyId ,
207- 'e9ce18a3-edb5-4272-9f86-1cacb7997ff6' ,
208- { }
209- )
210- } ,
211163
212- storage : {
213- _config : { } ,
214- getKeyStorageInfo ( ) {
164+ getKeyStoreInfo ( ) {
215165 return {
216- logicalName : 'logicalKeyStoreName' ,
166+ logicalKeyStoreName : 'logicalKeyStoreName' ,
217167 }
218168 } ,
219- } ,
220- } as any
221169
222- return new KmsHierarchicalKeyRingNode ( {
223- branchKeyId : 'bd3842ff-3076-4092-9918-4395730050b8' ,
224- keyStore,
225- cacheLimitTtl : 1 ,
170+ async getBranchKeyVersion (
171+ branchKeyId : string ,
172+ branchKeyVersion : string
173+ ) : Promise < NodeBranchKeyMaterial > {
174+ needs (
175+ branchKeyId == 'bd3842ff-3076-4092-9918-4395730050b8' ,
176+ branchKeyId
177+ )
178+ needs (
179+ branchKeyVersion == 'e9ce18a3-edb5-4272-9f86-1cacb7997ff6' ,
180+ branchKeyVersion
181+ )
182+
183+ return new NodeBranchKeyMaterial (
184+ Buffer . from (
185+ 'tJwf65epYvUt5HMiQsl/6jlvLxS0tgdjIuvFy2BLIwg=' ,
186+ 'base64'
187+ ) ,
188+ branchKeyId ,
189+ branchKeyVersion ,
190+ { }
191+ )
192+ } ,
193+ async getActiveBranchKey (
194+ branchKeyId : string
195+ ) : Promise < NodeBranchKeyMaterial > {
196+ needs (
197+ branchKeyId == 'bd3842ff-3076-4092-9918-4395730050b8' ,
198+ branchKeyId
199+ )
200+
201+ return new NodeBranchKeyMaterial (
202+ Buffer . from (
203+ 'tJwf65epYvUt5HMiQsl/6jlvLxS0tgdjIuvFy2BLIwg=' ,
204+ 'base64'
205+ ) ,
206+ branchKeyId ,
207+ 'e9ce18a3-edb5-4272-9f86-1cacb7997ff6' ,
208+ { }
209+ )
210+ } ,
211+
212+ storage : {
213+ _config : { } ,
214+ getKeyStorageInfo ( ) {
215+ return {
216+ logicalName : 'logicalKeyStoreName' ,
217+ }
218+ } ,
219+ } ,
220+ } as any ,
226221 } )
227222 }
228223
0 commit comments