def get_object(self, Bucket=None, Key=None, handler=None):
resp = self.client.get_object(Bucket=Bucket, Key=Key)
data_enc = resp['Body'].read()
if handler is None:
handler = DecryptionHandler(self.key_provider)
data = handler.build_from_metadata_and_decrypt(resp['Metadata'],
data_enc)
return data
def test_deconstruct_envelope(self):
from s3_encryption.handler import DecryptionHandler
handler = DecryptionHandler(self.mock_provider)
class Envelope(object):
# EncryptionEnvelope takes care of base64 decoding items when
# they're returned
key = self.decode64(self.encrypted_key)
handler.envelope = Envelope()
handler.deconstruct_envelope()
assert_equal(handler.envelope.key, self.key)
def test_deconstruct_envelope(self):
from s3_encryption.handler import DecryptionHandler
handler = DecryptionHandler(self.mock_provider)
class Envelope(object):
# EncryptionEnvelope takes care of base64 decoding items when
# they're returned
key = self.decode64(self.encrypted_key)
handler.envelope = Envelope()
handler.deconstruct_envelope()
assert_equal(handler.envelope.key, self.key)
async def get_object(self, Bucket=None, Key=None):
logger.info('Getting object with key "%s" from bucket "%s"', Key,
Bucket)
resp = await self.client.get_object(Bucket=Bucket, Key=Key)
data_enc = await resp['Body'].read()
handler = DecryptionHandler(self.key_provider, self.encryption_mode)
handler.build_from_metadata(resp['Metadata'])
if S3Action.GET_OBJECT not in handler.actions_for_cipher():
raise ValueError(
'Current cipher can not be used to get a single object')
data = await self.loop.run_in_executor(None, handler.decrypt, data_enc)
return data
def test_build_response_context(self):
from s3_encryption.handler import DecryptionHandler
old_deconstruct = DecryptionHandler.deconstruct_envelope
mock_metadata = {
'x-amz-key': self.encrypted_key,
'x-amz-iv': self.encode64(self.iv),
'x-amz-matdesc': self.matdesc
}
def decon(x):
x.envelope.key = self.key
DecryptionHandler.deconstruct_envelope = decon
handler = DecryptionHandler(self.mock_provider)
context = handler.build_response_context(mock_metadata, self.base_response_context)
DecryptionHandler.deconstruct_envelope = old_deconstruct
assert_equal(context['raw_body'], self.raw_body)
def test_build_response_context(self):
from s3_encryption.handler import DecryptionHandler
old_deconstruct = DecryptionHandler.deconstruct_envelope
mock_metadata = {
'x-amz-key': self.encrypted_key,
'x-amz-iv': self.encode64(self.iv),
'x-amz-matdesc': self.matdesc
}
def decon(x):
x.envelope.key = self.key
DecryptionHandler.deconstruct_envelope = decon
handler = DecryptionHandler(self.mock_provider)
context = handler.build_response_context(mock_metadata,
self.base_response_context)
DecryptionHandler.deconstruct_envelope = old_deconstruct
assert_equal(self.bytes_to_str(context['raw_body']), self.raw_body)
def get_object(self, Bucket=None, Key=None):
resp = self.client.get_object(Bucket=Bucket, Key=Key)
context = {'body': resp['Body'].read()}
handler = DecryptionHandler(self.key_provider)
context = handler.build_response_context(resp['Metadata'], context)
return context['raw_body']
def get_object(self, Bucket=None, Key=None):
resp = self.client.get_object(Bucket=Bucket, Key=Key)
context = {'body': resp['Body'].read()}
handler = DecryptionHandler(self.key_provider)
context = handler.build_response_context(resp['Metadata'], context)
return context['raw_body']