chore: performance tests for ESDK-python

Author: RitvikKapila

.gitignore

@@ -33,6 +33,8 @@ __pycache__
 .pytest_cache
 # Ignore key materials generated by examples or tests
 test_keyrings/
+# Ignore results of performance test
+performance_tests/results/*
 
 # PyCharm
 .idea/

performance_tests/README.md

@@ -0,0 +1 @@
+# Performance Tests for ESDK Python

performance_tests/__init__.py

@@ -0,0 +1,3 @@
+# Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
+# SPDX-License-Identifier: Apache-2.0
+"""Stub module indicator to make linter configuration simpler."""

performance_tests/consolidate_results.py

@@ -0,0 +1,41 @@
+# Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
+# SPDX-License-Identifier: Apache-2.0
+"""Script for consolidating results for execution times"""
+
+import csv
+import sys
+
+
+def calculate_statistics(_csv_file):
+    """Calculate min, max and average statistics for execution times in a CSV file."""
+    with open(_csv_file, 'r', encoding='utf-8') as file:
+        reader = csv.reader(file)
+        data = [float(row[0]) for row in reader]
+
+    # Calculate statistics
+    if data:
+        _total_entries = len(data)
+        _average = sum(data) / _total_entries
+        _minimum = min(data)
+        _maximum = max(data)
+        return _total_entries, _average, _minimum, _maximum
+
+    return None
+
+
+if __name__ == "__main__":
+    if len(sys.argv) != 2:
+        print("Usage: python consolidate_results.py <csv_file>")
+        sys.exit(1)
+
+    csv_file = sys.argv[1]
+    statistics = calculate_statistics(csv_file)
+    if statistics:
+        total_entries, average, minimum, maximum = statistics
+        print("CSV File:", csv_file)
+        print("Total Entries:", total_entries)
+        print("Average:", average)
+        print("Minimum:", minimum)
+        print("Maximum:", maximum)
+    else:
+        print("No data found in the CSV file.")

performance_tests/requirements.txt

@@ -0,0 +1,5 @@
+attrs >= 17.4.0
+aws-encryption-sdk>=2.3.0
+pytest>=3.3.1
+tqdm
+click

performance_tests/requirements_mpl.txt

@@ -0,0 +1 @@
+amazon-cryptographic-material-providers-test-vectors @ git+https://github.com/aws/aws-cryptographic-material-providers-library.git@lucmcdon/python-mpl#subdirectory=TestVectorsAwsCryptographicMaterialProviders/runtimes/python

performance_tests/setup.cfg

@@ -0,0 +1,41 @@
+[wheel]
+universal = 1
+
+[metadata]
+license_file = LICENSE
+
+[coverage:run]
+branch = True
+
+[coverage:report]
+show_missing = True
+
+[mypy]
+ignore_missing_imports = True
+
+[flake8]
+max_complexity = 10
+max_line_length = 120
+import_order_style = google
+application_import_names = aws_encryption_sdk_cli
+builtins = raw_input
+ignore =
+    # Ignoring D205 and D400 because of false positives
+    D205, D400,
+    # E203 is not PEP8 compliant https://github.com/ambv/black#slices
+    E203,
+    # W503 is not PEP8 compliant https://github.com/ambv/black#line-breaks--binary-operators
+    W503
+
+[doc8]
+max-line-length = 120
+
+[isort]
+line_length = 120
+# https://github.com/timothycrosley/isort#multi-line-output-modes
+multi_line_output = 3
+include_trailing_comma = True
+force_grid_wrap = 0
+combine_as_imports = True
+not_skip = __init__.py
+known_third_party = attr,aws_encryption_sdk,pytest,setuptools,six

performance_tests/setup.py

@@ -0,0 +1,34 @@
+"""Performance test for the AWS Encryption SDK for Python."""
+import os
+import re
+
+from setuptools import find_packages, setup
+
+VERSION_RE = re.compile(r"""__version__ = ['"]([0-9.]+)['"]""")
+HERE = os.path.abspath(os.path.dirname(__file__))
+
+
+def read(*args):
+    """Read complete file contents."""
+    return open(os.path.join(HERE, *args), encoding="utf-8").read()  # pylint: disable=consider-using-with
+
+
+def get_version():
+    """Read the version from this module."""
+    init = read("src", "aws_encryption_sdk_performance_tests", "__init__.py")
+    return VERSION_RE.search(init).group(1)
+
+
+setup(
+    name="aws-encryption-sdk-performance-tests",
+    packages=find_packages("src"),
+    package_dir={"": "src"},
+    author="Amazon Web Services",
+    maintainer="Amazon Web Services",
+    author_email="[email protected]",
+    url="https://github.com/awslabs/aws-encryption-sdk-python",
+    description="Performance tests for the AWS Encryption SDK for Python",
+    keywords="aws-encryption-sdk aws kms encryption",
+    license="Apache License 2.0",
+    version=get_version(),
+)

performance_tests/src/aws_encryption_sdk_performance_tests/__init__.py

@@ -0,0 +1,4 @@
+# Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
+# SPDX-License-Identifier: Apache-2.0
+"""Stub module indicator to make linter configuration simpler."""
+__version__ = "0.0.0"

performance_tests/src/aws_encryption_sdk_performance_tests/keyrings/__init__.py

@@ -0,0 +1,3 @@
+# Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
+# SPDX-License-Identifier: Apache-2.0
+"""Stub module indicator to make linter configuration simpler."""

performance_tests/src/aws_encryption_sdk_performance_tests/keyrings/aws_kms_keyring.py

@@ -0,0 +1,87 @@
+# Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
+# SPDX-License-Identifier: Apache-2.0
+"""Performance tests for the AWS KMS keyring."""
+
+import aws_encryption_sdk
+import boto3
+from aws_cryptographic_materialproviders.mpl import AwsCryptographicMaterialProviders
+from aws_cryptographic_materialproviders.mpl.config import MaterialProvidersConfig
+from aws_cryptographic_materialproviders.mpl.models import CreateAwsKmsKeyringInput
+from aws_cryptographic_materialproviders.mpl.references import IKeyring
+from aws_encryption_sdk import CommitmentPolicy
+
+
+def create_keyring(
+    kms_key_id: str
+):
+    """Demonstrate how to create an AWS KMS keyring.
+
+    Usage: create_keyring(kms_key_id)
+    :param kms_key_id: KMS Key identifier for the KMS key you want to use.
+    :type kms_key_id: string
+
+    For more information on KMS Key identifiers, see
+    https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id
+    """
+    # Create a boto3 client for KMS.
+    kms_client = boto3.client('kms', region_name="us-west-2")
+
+    # Create a KMS keyring
+    mat_prov: AwsCryptographicMaterialProviders = AwsCryptographicMaterialProviders(
+        config=MaterialProvidersConfig()
+    )
+
+    keyring_input: CreateAwsKmsKeyringInput = CreateAwsKmsKeyringInput(
+        kms_key_id=kms_key_id,
+        kms_client=kms_client
+    )
+
+    keyring: IKeyring = mat_prov.create_aws_kms_keyring(
+        input=keyring_input
+    )
+
+    return keyring
+
+
+def encrypt_using_keyring(
+    plaintext_data: bytes,
+    keyring: IKeyring
+):
+    """Demonstrate how to encrypt plaintext data using an AWS KMS keyring.
+
+    Usage: encrypt_using_keyring(plaintext_data, keyring)
+    :param plaintext_data: plaintext data you want to encrypt
+    :type: bytes
+    :param keyring: Keyring to use for encryption.
+    :type keyring: IKeyring
+    """
+    client = aws_encryption_sdk.EncryptionSDKClient(
+        commitment_policy=CommitmentPolicy.REQUIRE_ENCRYPT_REQUIRE_DECRYPT
+    )
+
+    _, _ = client.encrypt(
+        source=plaintext_data,
+        keyring=keyring
+    )
+
+
+def decrypt_using_keyring(
+    ciphertext_data: bytes,
+    keyring: IKeyring
+):
+    """Demonstrate how to decrypt ciphertext data using an AWS KMS keyring.
+
+    Usage: decrypt_using_keyring(ciphertext_data, keyring)
+    :param ciphertext_data: ciphertext data you want to decrypt
+    :type: bytes
+    :param keyring: Keyring to use for decryption.
+    :type keyring: IKeyring
+    """
+    client = aws_encryption_sdk.EncryptionSDKClient(
+        commitment_policy=CommitmentPolicy.REQUIRE_ENCRYPT_REQUIRE_DECRYPT
+    )
+
+    _, _ = client.decrypt(
+        source=ciphertext_data,
+        keyring=keyring
+    )

performance_tests/src/aws_encryption_sdk_performance_tests/keyrings/pylintrc

@@ -0,0 +1,45 @@
+[MESSAGE CONTROL]
+# Disabling messages that either we don't care about we intentionally break.
+disable =
+    import-error, # ignore mpl import errors
+    invalid-name,  # we prefer long, descriptive, names for examples
+    bad-continuation,  # we let black handle this
+    ungrouped-imports,  # we let isort handle this
+    no-member,  # breaks with attrs
+    no-self-use,  # interesting to keep in mind for later refactoring, but not blocking
+    useless-object-inheritance,  # we need to support Python 2, so no, not useless
+    duplicate-code,  # some examples may be similar
+    too-few-public-methods,  # does not allow value stores
+    too-many-locals,  # examples may sometimes have more locals defined for clarity than would be appropriate in code
+    no-else-return,  # we omit this on purpose for brevity where it would add no value
+    attribute-defined-outside-init,  # breaks with attrs_post_init
+    abstract-method,  # throws false positives on io.BaseIO grandchildren
+    redefined-outer-name,  # we do this on purpose in multiple places
+    consider-using-f-string # disable until 2022-05-05; 6 months after 3.5 deprecation
+
+[BASIC]
+# Allow function names up to 50 characters
+function-rgx = [a-z_][a-z0-9_]{2,50}$
+# Allow method names up to 50 characters
+method-rgx = [a-z_][a-z0-9_]{2,50}$
+# Allow class attribute names up to 50 characters
+# Whitelist class attribute names: iv
+class-attribute-rgx = (([A-Za-z_][A-Za-z0-9_]{2,50}|(__.*__))$)|(^iv$)
+# Whitelist attribute names: iv
+attr-rgx = ([a-z_][a-z0-9_]{2,30}$)|(^iv$)
+# Whitelist argument names: iv, b
+argument-rgx = ([a-z_][a-z0-9_]{2,30}$)|(^iv$)|(^b$)
+# Whitelist variable names: iv, b, _b, x, y, r, s
+variable-rgx = ([a-z_][a-z0-9_]{2,30}$)|(^iv$)|(^b$)|(^_b$)|(^x$)|(^y$)|(^r$)|(^s$)
+
+[VARIABLES]
+additional-builtins = raw_input
+
+[DESIGN]
+max-args = 10
+
+[FORMAT]
+max-line-length = 120
+
+[REPORTS]
+msg-template = {path}:{line}: [{msg_id}({symbol}), {obj}] {msg}

performance_tests/src/aws_encryption_sdk_performance_tests/master_key_providers/__init__.py

@@ -0,0 +1,3 @@
+# Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
+# SPDX-License-Identifier: Apache-2.0
+"""Stub module indicator to make linter configuration simpler."""

performance_tests/src/aws_encryption_sdk_performance_tests/master_key_providers/aws_kms_key_provider.py

@@ -0,0 +1,70 @@
+# Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
+# SPDX-License-Identifier: Apache-2.0
+"""Performance tests for the AWS KMS master key provider."""
+
+import aws_encryption_sdk
+from aws_encryption_sdk import CommitmentPolicy
+
+
+def create_key_provider(
+    kms_key_id: str
+):
+    """Demonstrate how to create an AWS KMS master key-provider.
+
+    Usage: create_key_provider(kms_key_id)
+    :param kms_key_id: KMS Key identifier for the KMS key you want to use.
+    :type kms_key_id: string
+
+    For more information on KMS Key identifiers, see
+    https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id
+    """
+    # Create a KMS master key-provider.
+    key_provider = aws_encryption_sdk.StrictAwsKmsMasterKeyProvider(key_ids=[
+        kms_key_id,
+    ])
+
+    return key_provider
+
+
+def encrypt_using_key_provider(
+    plaintext_data: bytes,
+    key_provider: aws_encryption_sdk.key_providers.base.MasterKeyProvider
+):
+    """Demonstrate how to encrypt plaintext data using an AWS KMS master key-provider.
+
+    Usage: encrypt_using_key_provider(plaintext_data, key_provider)
+    :param plaintext_data: plaintext data you want to encrypt
+    :type: bytes
+    :param key_provider: Master key provider to use for encryption.
+    :type key_provider: aws_encryption_sdk.key_providers.base.MasterKeyProvider
+    """
+    client = aws_encryption_sdk.EncryptionSDKClient(
+        commitment_policy=CommitmentPolicy.REQUIRE_ENCRYPT_REQUIRE_DECRYPT
+    )
+
+    _, _ = client.encrypt(
+        source=plaintext_data,
+        key_provider=key_provider
+    )
+
+
+def decrypt_using_key_provider(
+    ciphertext_data: bytes,
+    key_provider: aws_encryption_sdk.key_providers.base.MasterKeyProvider
+):
+    """Demonstrate how to decrypt ciphertext data using an AWS KMS master key-provider.
+
+    Usage: decrypt_using_key_provider(ciphertext_data, key_provider)
+    :param ciphertext_data: ciphertext data you want to decrypt
+    :type: bytes
+    :param key_provider: Master key provider to use for decryption.
+    :type key_provider: aws_encryption_sdk.key_providers.base.MasterKeyProvider
+    """
+    client = aws_encryption_sdk.EncryptionSDKClient(
+        commitment_policy=CommitmentPolicy.REQUIRE_ENCRYPT_REQUIRE_DECRYPT
+    )
+
+    _, _ = client.decrypt(
+        source=ciphertext_data,
+        key_provider=key_provider
+    )