def test_raw_keyring_decrypts_what_raw_master_key_encrypts( encryption_materials_samples): # Create instance of raw master key test_raw_master_key = RawMasterKey( key_id=_KEY_ID, provider_id=_PROVIDER_ID, wrapping_key=WrappingKey( wrapping_algorithm=_WRAPPING_ALGORITHM, wrapping_key=_PRIVATE_WRAPPING_KEY_PEM, wrapping_key_type=EncryptionKeyType.PRIVATE, ), ) test_raw_rsa_keyring = RawRSAKeyring.from_pem_encoding( key_namespace=_PROVIDER_ID, key_name=_KEY_ID, wrapping_algorithm=_WRAPPING_ALGORITHM, private_encoded_key=_PRIVATE_WRAPPING_KEY_PEM, public_encoded_key=_PUBLIC_WRAPPING_KEY_PEM, ) raw_mkp_generated_data_key = test_raw_master_key.generate_data_key( algorithm=encryption_materials_samples.algorithm, encryption_context=encryption_materials_samples.encryption_context, ) raw_mkp_encrypted_data_key = test_raw_master_key.encrypt_data_key( data_key=raw_mkp_generated_data_key, algorithm=encryption_materials_samples.algorithm, encryption_context=encryption_materials_samples.encryption_context, ) decryption_materials = test_raw_rsa_keyring.on_decrypt( decryption_materials=DecryptionMaterials( algorithm=encryption_materials_samples.algorithm, encryption_context=encryption_materials_samples.encryption_context, verification_key=b"ex_verification_key", ), encrypted_data_keys=[raw_mkp_encrypted_data_key], ) assert raw_mkp_generated_data_key.data_key == decryption_materials.data_encryption_key.data_key
def test_raw_keyring_decrypts_what_raw_master_key_encrypts( encryption_materials_samples): # Initializing attributes key_namespace = _PROVIDER_ID key_name = _KEY_ID # Creating an instance of a raw AES keyring test_raw_aes_keyring = RawAESKeyring( key_namespace=key_namespace, key_name=key_name, wrapping_key=_WRAPPING_KEY, ) # Creating an instance of a raw master key test_raw_master_key = RawMasterKey( key_id=test_raw_aes_keyring.key_name, provider_id=test_raw_aes_keyring.key_namespace, wrapping_key=test_raw_aes_keyring._wrapping_key_structure, ) if encryption_materials_samples.data_encryption_key is None: return raw_master_key_encrypted_data_key = test_raw_master_key.encrypt_data_key( data_key=encryption_materials_samples.data_encryption_key, algorithm=encryption_materials_samples.algorithm, encryption_context=encryption_materials_samples.encryption_context, ) # Check if plaintext data key encrypted by raw master key is decrypted by raw keyring raw_aes_keyring_decrypted_data_key = test_raw_aes_keyring.on_decrypt( decryption_materials=DecryptionMaterials( algorithm=encryption_materials_samples.algorithm, encryption_context=encryption_materials_samples.encryption_context, verification_key=b"ex_verification_key", ), encrypted_data_keys=[raw_master_key_encrypted_data_key], ).data_encryption_key.data_key assert encryption_materials_samples.data_encryption_key.data_key == raw_aes_keyring_decrypted_data_key