def test_signer_key_bytes_cycle(): key = ec.generate_private_key(curve=ec.SECP384R1, backend=default_backend()) signer = Signer(algorithm=aws_encryption_sdk.Algorithm.AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384, key=key) key_bytes = signer.key_bytes() new_signer = Signer.from_key_bytes( algorithm=aws_encryption_sdk.Algorithm.AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384, key_bytes=key_bytes ) assert new_signer.key.private_numbers().private_value == signer.key.private_numbers().private_value
def test_signer_key_bytes(patch_default_backend, patch_serialization, patch_build_hasher): private_key = MagicMock() signer = Signer(MagicMock(), key=private_key) test = signer.key_bytes() assert test is private_key.private_bytes.return_value private_key.private_bytes.assert_called_once_with( encoding=patch_serialization.Encoding.DER, format=patch_serialization.PrivateFormat.PKCS8, encryption_algorithm=patch_serialization.NoEncryption.return_value)
def _generate_signing_key_and_update_encryption_context( self, algorithm, encryption_context): """Generates a signing key based on the provided algorithm. :param algorithm: Algorithm for which to generate signing key :type algorithm: aws_encryption_sdk.identifiers.Algorithm :param dict encryption_context: Encryption context from request :returns: Signing key bytes :rtype: bytes or None """ _LOGGER.debug("Generating signing key") if algorithm.signing_algorithm_info is None: return None signer = Signer(algorithm=algorithm, key=generate_ecc_signing_key(algorithm=algorithm)) encryption_context[ENCODED_SIGNER_KEY] = to_str( signer.encoded_public_key()) return signer.key_bytes()
def test_f_signer_key_bytes(): test = Signer(algorithm=ALGORITHM, key=VALUES['ecc_private_key_prime']) assert test.key_bytes() == VALUES['ecc_private_key_prime_private_bytes']