Ejemplo n.º 1
0
def test_raw_keyring_decrypts_what_raw_master_key_encrypts(
        encryption_materials_samples):

    # Create instance of raw master key
    test_raw_master_key = RawMasterKey(
        key_id=_KEY_ID,
        provider_id=_PROVIDER_ID,
        wrapping_key=WrappingKey(
            wrapping_algorithm=_WRAPPING_ALGORITHM,
            wrapping_key=_PRIVATE_WRAPPING_KEY_PEM,
            wrapping_key_type=EncryptionKeyType.PRIVATE,
        ),
    )

    test_raw_rsa_keyring = RawRSAKeyring.from_pem_encoding(
        key_namespace=_PROVIDER_ID,
        key_name=_KEY_ID,
        wrapping_algorithm=_WRAPPING_ALGORITHM,
        private_encoded_key=_PRIVATE_WRAPPING_KEY_PEM,
        public_encoded_key=_PUBLIC_WRAPPING_KEY_PEM,
    )

    raw_mkp_generated_data_key = test_raw_master_key.generate_data_key(
        algorithm=encryption_materials_samples.algorithm,
        encryption_context=encryption_materials_samples.encryption_context,
    )

    raw_mkp_encrypted_data_key = test_raw_master_key.encrypt_data_key(
        data_key=raw_mkp_generated_data_key,
        algorithm=encryption_materials_samples.algorithm,
        encryption_context=encryption_materials_samples.encryption_context,
    )

    decryption_materials = test_raw_rsa_keyring.on_decrypt(
        decryption_materials=DecryptionMaterials(
            algorithm=encryption_materials_samples.algorithm,
            encryption_context=encryption_materials_samples.encryption_context,
            verification_key=b"ex_verification_key",
        ),
        encrypted_data_keys=[raw_mkp_encrypted_data_key],
    )

    assert raw_mkp_generated_data_key.data_key == decryption_materials.data_encryption_key.data_key
Ejemplo n.º 2
0
def test_raw_keyring_decrypts_what_raw_master_key_encrypts(
        encryption_materials_samples):

    # Initializing attributes
    key_namespace = _PROVIDER_ID
    key_name = _KEY_ID

    # Creating an instance of a raw AES keyring
    test_raw_aes_keyring = RawAESKeyring(
        key_namespace=key_namespace,
        key_name=key_name,
        wrapping_key=_WRAPPING_KEY,
    )

    # Creating an instance of a raw master key
    test_raw_master_key = RawMasterKey(
        key_id=test_raw_aes_keyring.key_name,
        provider_id=test_raw_aes_keyring.key_namespace,
        wrapping_key=test_raw_aes_keyring._wrapping_key_structure,
    )

    if encryption_materials_samples.data_encryption_key is None:
        return
    raw_master_key_encrypted_data_key = test_raw_master_key.encrypt_data_key(
        data_key=encryption_materials_samples.data_encryption_key,
        algorithm=encryption_materials_samples.algorithm,
        encryption_context=encryption_materials_samples.encryption_context,
    )

    # Check if plaintext data key encrypted by raw master key is decrypted by raw keyring

    raw_aes_keyring_decrypted_data_key = test_raw_aes_keyring.on_decrypt(
        decryption_materials=DecryptionMaterials(
            algorithm=encryption_materials_samples.algorithm,
            encryption_context=encryption_materials_samples.encryption_context,
            verification_key=b"ex_verification_key",
        ),
        encrypted_data_keys=[raw_master_key_encrypted_data_key],
    ).data_encryption_key.data_key

    assert encryption_materials_samples.data_encryption_key.data_key == raw_aes_keyring_decrypted_data_key