cleanup

Author: lucasmcdonald3

examples/src/aws_kms_discovery_keyring_example.py

@@ -161,6 +161,11 @@ def encrypt_and_decrypt_with_keyring(
         encryption_context=encryption_context,
     )
 
+    # 9. Demonstrate that the decrypted plaintext is identical to the original plaintext.
+    # (This is an example for demonstration; you do not need to do this in your own code.)
+    assert plaintext_bytes == EXAMPLE_DATA, \
+        "Decrypted plaintext should be identical to the original plaintext. Invalid decryption"
+
     # 11. Demonstrate that if a discovery keyring (Bob's) doesn't have the correct AWS Account ID's,
     # the decrypt will fail with an error message
     # Note that this assumes Account ID used here ('888888888888') is different than the one used
@@ -185,6 +190,9 @@ def encrypt_and_decrypt_with_keyring(
         plaintext_bytes, _ = client.decrypt(
             source=ciphertext,
             keyring=discovery_keyring_bob,
+            # Verify that the encryption context in the result contains the
+            # encryption context supplied to the encryptData method
+            encryption_context=encryption_context,
         )
 
         raise AssertionError("Decrypt using discovery keyring with wrong AWS Account ID should"

examples/src/aws_kms_discovery_multi_keyring_example.py

@@ -158,3 +158,8 @@ def encrypt_and_decrypt_with_keyring(
         # encryption context supplied to the encryptData method
         encryption_context=encryption_context,
     )
+
+    # 9. Demonstrate that the decrypted plaintext is identical to the original plaintext.
+    # (This is an example for demonstration; you do not need to do this in your own code.)
+    assert plaintext_bytes == EXAMPLE_DATA, \
+        "Decrypted plaintext should be identical to the original plaintext. Invalid decryption"

examples/src/aws_kms_keyring_example.py

@@ -105,7 +105,7 @@ def encrypt_and_decrypt_with_keyring(
         encryption_context=encryption_context,
     )
 
-    # 9. Demonstrate that the decrypted plaintext is identical to the original plaintext.
+    # 8. Demonstrate that the decrypted plaintext is identical to the original plaintext.
     # (This is an example for demonstration; you do not need to do this in your own code.)
     assert plaintext_bytes == EXAMPLE_DATA, \
         "Decrypted plaintext should be identical to the original plaintext. Invalid decryption"

examples/src/aws_kms_mrk_discovery_keyring_example.py

@@ -171,6 +171,6 @@ def encrypt_and_decrypt_with_keyring(
         encryption_context=encryption_context,
     )
 
-    # 9. Demonstrate that the decrypted plaintext is identical to the original plaintext.
+    # 8. Demonstrate that the decrypted plaintext is identical to the original plaintext.
     # (This is an example for demonstration; you do not need to do this in your own code.)
     assert plaintext_bytes == EXAMPLE_DATA

examples/src/aws_kms_mrk_discovery_multi_keyring_example.py

@@ -180,6 +180,6 @@ def encrypt_and_decrypt_with_keyring(
         encryption_context=encryption_context,
     )
 
-    # 9. Demonstrate that the decrypted plaintext is identical to the original plaintext.
+    # 8. Demonstrate that the decrypted plaintext is identical to the original plaintext.
     # (This is an example for demonstration; you do not need to do this in your own code.)
     assert plaintext_bytes == EXAMPLE_DATA

examples/src/aws_kms_mrk_keyring_example.py

@@ -140,7 +140,7 @@ def encrypt_and_decrypt_with_keyring(
         encryption_context=encryption_context,
     )
 
-    # 9. Demonstrate that the decrypted plaintext is identical to the original plaintext.
+    # 8. Demonstrate that the decrypted plaintext is identical to the original plaintext.
     # (This is an example for demonstration; you do not need to do this in your own code.)
     assert plaintext_bytes == EXAMPLE_DATA, \
         "Decrypted plaintext should be identical to the original plaintext. Invalid decryption"

examples/src/aws_kms_mrk_multi_keyring_example.py

@@ -132,7 +132,7 @@ def encrypt_and_decrypt_with_keyring(
         encryption_context=encryption_context,
     )
 
-    # 8. Demonstrate that the decrypted plaintext is identical to the original plaintext.
+    # 7. Demonstrate that the decrypted plaintext is identical to the original plaintext.
     # (This is an example for demonstration; you do not need to do this in your own code.)
     assert plaintext_bytes == EXAMPLE_DATA, \
         "Decrypted plaintext should be identical to the original plaintext. Invalid decryption"
@@ -141,7 +141,7 @@ def encrypt_and_decrypt_with_keyring(
     # multi-keyring used to encrypt the data is also capable of decrypting the data.
     # (This is an example for demonstration; you do not need to do this in your own code.)
 
-    # 9. Create a single AwsKmsMrkKeyring with the replica KMS MRK from the second region.
+    # 8. Create a single AwsKmsMrkKeyring with the replica KMS MRK from the second region.
 
     # Create a boto3 client for KMS in the second region which is the region for mrk_replica_key_id.
     second_region_kms_client = boto3.client('kms', region_name=mrk_replica_decrypt_region)
@@ -155,7 +155,7 @@ def encrypt_and_decrypt_with_keyring(
         input=second_region_mrk_keyring_input
     )
 
-    # 10. Decrypt your encrypted data using the second region AwsKmsMrkKeyring
+    # 9. Decrypt your encrypted data using the second region AwsKmsMrkKeyring
     plaintext_bytes_second_region, dec_header_second_region = client.decrypt(
         source=ciphertext,
         keyring=second_region_mrk_keyring,
@@ -164,7 +164,7 @@ def encrypt_and_decrypt_with_keyring(
         encryption_context=encryption_context,
     )
 
-    # 12. Demonstrate that the decrypted plaintext is identical to the original plaintext.
+    # 10. Demonstrate that the decrypted plaintext is identical to the original plaintext.
     # (This is an example for demonstration; you do not need to do this in your own code.)
     assert plaintext_bytes_second_region == EXAMPLE_DATA
 

examples/src/aws_kms_rsa_keyring_example.py

@@ -111,7 +111,7 @@ def encrypt_and_decrypt_with_keyring(
         encryption_context=encryption_context,
     )
 
-    # 9. Demonstrate that the decrypted plaintext is identical to the original plaintext.
+    # 8. Demonstrate that the decrypted plaintext is identical to the original plaintext.
     # (This is an example for demonstration; you do not need to do this in your own code.)
     assert plaintext_bytes == EXAMPLE_DATA, \
         "Decrypted plaintext should be identical to the original plaintext. Invalid decryption"

examples/src/default_cryptographic_materials_manager_example.py

@@ -117,7 +117,7 @@ def encrypt_and_decrypt_with_default_cmm(
         encryption_context=encryption_context,
     )
 
-    # 9. Demonstrate that the decrypted plaintext is identical to the original plaintext.
+    # 8. Demonstrate that the decrypted plaintext is identical to the original plaintext.
     # (This is an example for demonstration; you do not need to do this in your own code.)
     assert plaintext_bytes == EXAMPLE_DATA, \
         "Decrypted plaintext should be identical to the original plaintext. Invalid decryption"

examples/src/hierarchical_keyring_example.py

@@ -221,7 +221,7 @@ def encrypt_and_decrypt_with_keyring(
     except AWSEncryptionSDKClientError:
         pass
 
-    # 10. Demonstrate that data encrypted by one tenant's branch key can be decrypted by that tenant,
+    # 11. Demonstrate that data encrypted by one tenant's branch key can be decrypted by that tenant,
     #     and that the decrypted data matches the input data.
     plaintext_bytes_a, _ = client.decrypt(
         source=ciphertext_a,

examples/src/migration/migration_set_commitment_policy_example.py

@@ -113,7 +113,7 @@ def encrypt_and_decrypt_with_keyring(
         encryption_context=encryption_context,
     )
 
-    # 9. Demonstrate that the decrypted plaintext is identical to the original plaintext.
+    # 8. Demonstrate that the decrypted plaintext is identical to the original plaintext.
     # (This is an example for demonstration; you do not need to do this in your own code.)
     assert plaintext_bytes == EXAMPLE_DATA, \
         "Decrypted plaintext should be identical to the original plaintext. Invalid decryption"

examples/src/raw_aes_keyring_example.py

@@ -115,7 +115,7 @@ def encrypt_and_decrypt_with_keyring():
         encryption_context=encryption_context,
     )
 
-    # 10. Demonstrate that the decrypted plaintext is identical to the original plaintext.
+    # 9. Demonstrate that the decrypted plaintext is identical to the original plaintext.
     # (This is an example for demonstration; you do not need to do this in your own code.)
     assert plaintext_bytes == EXAMPLE_DATA, \
         "Decrypted plaintext should be identical to the original plaintext. Invalid decryption"

examples/src/raw_rsa_keyring_example.py

@@ -213,7 +213,7 @@ def encrypt_and_decrypt_with_keyring(public_key_file_name=None, private_key_file
         encryption_context=encryption_context,
     )
 
-    # 8. Demonstrate that the decrypted plaintext is identical to the original plaintext.
+    # 7. Demonstrate that the decrypted plaintext is identical to the original plaintext.
     # (This is an example for demonstration; you do not need to do this in your own code.)
     assert plaintext_bytes == EXAMPLE_DATA, \
         "Decrypted plaintext should be identical to the original plaintext. Invalid decryption"
@@ -222,14 +222,14 @@ def encrypt_and_decrypt_with_keyring(public_key_file_name=None, private_key_file
     # decryption of the original ciphertext is not possible with a different keyring (Bob's).
     # (This is an example for demonstration; you do not need to do this in your own code.)
 
-    # 9. Create a new Raw RSA keyring for Bob
+    # 8. Create a new Raw RSA keyring for Bob
     # Generate new keys
     public_key_bob, private_key_bob = generate_rsa_keys()
 
     # Create the keyring
     raw_rsa_keyring_bob = create_rsa_keyring(public_key=public_key_bob, private_key=private_key_bob)
 
-    # 10. Test decrypt for the original ciphertext using raw_rsa_keyring_bob
+    # 9. Test decrypt for the original ciphertext using raw_rsa_keyring_bob
     try:
         plaintext_bytes_bob, _ = client.decrypt(  # pylint: disable=unused-variable
             source=ciphertext,

examples/src/set_encryption_algorithm_suite_example.py

@@ -136,7 +136,7 @@ def encrypt_and_decrypt_with_keyring():
         encryption_context=encryption_context,
     )
 
-    # 10. Demonstrate that the decrypted plaintext is identical to the original plaintext.
+    # 9. Demonstrate that the decrypted plaintext is identical to the original plaintext.
     # (This is an example for demonstration; you do not need to do this in your own code.)
     assert plaintext_bytes == EXAMPLE_DATA, \
         "Decrypted plaintext should be identical to the original plaintext. Invalid decryption"