def test_signer_key_bytes_cycle():
key = ec.generate_private_key(curve=ec.SECP384R1, backend=default_backend())
signer = Signer(algorithm=aws_encryption_sdk.Algorithm.AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384, key=key)
key_bytes = signer.key_bytes()
new_signer = Signer.from_key_bytes(
algorithm=aws_encryption_sdk.Algorithm.AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384, key_bytes=key_bytes
)
assert new_signer.key.private_numbers().private_value == signer.key.private_numbers().private_value
def test_signer_key_bytes(patch_default_backend, patch_serialization,
patch_build_hasher):
private_key = MagicMock()
signer = Signer(MagicMock(), key=private_key)
test = signer.key_bytes()
assert test is private_key.private_bytes.return_value
private_key.private_bytes.assert_called_once_with(
encoding=patch_serialization.Encoding.DER,
format=patch_serialization.PrivateFormat.PKCS8,
encryption_algorithm=patch_serialization.NoEncryption.return_value)
def _generate_signing_key_and_update_encryption_context(
self, algorithm, encryption_context):
"""Generates a signing key based on the provided algorithm.
:param algorithm: Algorithm for which to generate signing key
:type algorithm: aws_encryption_sdk.identifiers.Algorithm
:param dict encryption_context: Encryption context from request
:returns: Signing key bytes
:rtype: bytes or None
"""
_LOGGER.debug("Generating signing key")
if algorithm.signing_algorithm_info is None:
return None
signer = Signer(algorithm=algorithm,
key=generate_ecc_signing_key(algorithm=algorithm))
encryption_context[ENCODED_SIGNER_KEY] = to_str(
signer.encoded_public_key())
return signer.key_bytes()
def test_f_signer_key_bytes():
test = Signer(algorithm=ALGORITHM, key=VALUES['ecc_private_key_prime'])
assert test.key_bytes() == VALUES['ecc_private_key_prime_private_bytes']