def decrypt_payload(payload, data_key): my_key_provider = MyRawMasterKeyProvider(data_key) my_key_provider.add_master_key("DataKey") decrypted_plaintext, header = enc_client.decrypt( source=payload, materials_manager=aws_encryption_sdk.DefaultCryptoMaterialsManager(master_key_provider=my_key_provider)) return decrypted_plaintext
def test_encrypt_source_length_enforcement(): key_provider = fake_kms_key_provider() cmm = aws_encryption_sdk.DefaultCryptoMaterialsManager(key_provider) plaintext = io.BytesIO(VALUES["plaintext_128"]) with pytest.raises(CustomMaximumValueExceeded) as excinfo: aws_encryption_sdk.encrypt( source=plaintext, materials_manager=cmm, source_length=int(len(VALUES["plaintext_128"]) / 2) ) excinfo.match(r"Bytes encrypted has exceeded stated source length estimate:*") assert repr(plaintext) not in excinfo.exconly()
def test_encrypt_source_length_enforcement(): key_provider = fake_kms_key_provider() cmm = aws_encryption_sdk.DefaultCryptoMaterialsManager(key_provider) with pytest.raises(CustomMaximumValueExceeded) as excinfo: aws_encryption_sdk.encrypt(source=VALUES['plaintext_128'], materials_manager=cmm, source_length=int( len(VALUES['plaintext_128']) / 2)) excinfo.match( r'Bytes encrypted has exceeded stated source length estimate:*')
def build_crypto_materials_manager_from_args(key_providers_config, caching_config): # type:(List[RAW_MASTER_KEY_PROVIDER_CONFIG], CACHING_CONFIG) -> aws_encryption_sdk.CachingCryptoMaterialsManager """Builds a cryptographic materials manager from the provided arguments. :param list key_providers_config: List of one or more dicts containing key provider configuration :param dict caching_config: Parsed caching configuration :rtype: aws_encryption_sdk.materials_managers.base.CryptoMaterialsManager """ caching_config = copy.deepcopy(caching_config) key_provider = _parse_master_key_providers_from_args(*key_providers_config) cmm = aws_encryption_sdk.DefaultCryptoMaterialsManager(key_provider) if caching_config is None: return cmm cache = aws_encryption_sdk.LocalCryptoMaterialsCache( capacity=caching_config.pop("capacity")) return aws_encryption_sdk.CachingCryptoMaterialsManager( backing_materials_manager=cmm, cache=cache, **caching_config)