In [12]:
import botocore
import aws_encryption_sdk
import os


# Sources
* https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/python-example-code.html


In [27]:
session = botocore.session.Session(profile='personal1')

In [29]:
key_arn = "arn:aws:kms:us-east-1:455819476927:key/07e8f93b-b878-4e91-b58a-4b6c04f0a7b6"

In [38]:
master_key_provider = aws_encryption_sdk.KMSMasterKeyProvider(botocore_session=session, 
                                                              key_ids=[key_arn])

# KMS Hello World

In [40]:
secret_text = "I really like chinese food"

In [41]:
my_ciphertext, encryptor_header =  aws_encryption_sdk.encrypt(source=secret_text, key_provider=master_key_provider)

In [76]:
cyper_list = str(my_ciphertext).split(';')

In [84]:
print(my_ciphertext)

b'\x01\x80\x03x\x1a7\x03\xddnd0\xa9\x1ek/\x11\x9c\x9d\x90\xac\x00_\x00\x01\x00\x15aws-crypto-public-key\x00DA8stQNvW8RSLSody/1So4E5SpxGEvoslztgvsB9O5V9OC2gaCrgBliXbtK0tgrS90A==\x00\x01\x00\x07aws-kms\x00Karn:aws:kms:us-east-1:455819476927:key/07e8f93b-b878-4e91-b58a-4b6c04f0a7b6\x00\xb8\x01\x02\x01\x00x\x04V\xc6\x94[k*\xb8\xbd>N\x1c\xba\xac\x1c\xe0l\xd2\x07\xd9\x1c\x89_\xc6\xff6\xb0\x13p\xbe\xf5\x8a\x01J\xb8j"\xc4\xea\xfbX\x17\xe3"\x9e{\x18\xff\x11\x00\x00\x00~0|\x06\t*\x86H\x86\xf7\r\x01\x07\x06\xa0o0m\x02\x01\x000h\x06\t*\x86H\x86\xf7\r\x01\x07\x010\x1e\x06\t`\x86H\x01e\x03\x04\x01.0\x11\x04\x0c,\xcdD\xc5F\xf7\xc9%\xf4\xc8D1\x02\x01\x10\x80;-\xd1\xe2(=;\x0c7$V\xd9\x9d\xb5@\x8f\xbeG\x0cw\xba\xca\x9a\xb2pH/\xb7]F\x88\xeb\x12\x05\x1b&\xc9\x1b\xb1L\xa0\x9b\xef\\Y\xe5p\xef[\xae\x9c0v\xbaO\xd6\xee\x98}\xc4\x02\x00\x00\x00\x00\x0c\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\n\r\x92\xfbr\x84\xa4\xe1\xb7(>qS\x15q\xff\xff\xff\xff\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\

Parts of this cypher text string are recognizeable, we can see the ID of the KMS master key, and the encrpyted data key returned by the encryptor_header

In [86]:
print(encryptor_header.algorithm)

AlgorithmSuite.AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384


In [87]:
print(encryptor_header.encryption_context)

{'aws-crypto-public-key': 'A8stQNvW8RSLSody/1So4E5SpxGEvoslztgvsB9O5V9OC2gaCrgBliXbtK0tgrS90A=='}


In [88]:
print(encryptor_header.encrypted_data_keys)

{EncryptedDataKey(key_provider=MasterKeyInfo(provider_id='aws-kms', key_info=b'arn:aws:kms:us-east-1:455819476927:key/07e8f93b-b878-4e91-b58a-4b6c04f0a7b6'), encrypted_data_key=b'\x01\x02\x01\x00x\x04V\xc6\x94[k*\xb8\xbd>N\x1c\xba\xac\x1c\xe0l\xd2\x07\xd9\x1c\x89_\xc6\xff6\xb0\x13p\xbe\xf5\x8a\x01J\xb8j"\xc4\xea\xfbX\x17\xe3"\x9e{\x18\xff\x11\x00\x00\x00~0|\x06\t*\x86H\x86\xf7\r\x01\x07\x06\xa0o0m\x02\x01\x000h\x06\t*\x86H\x86\xf7\r\x01\x07\x010\x1e\x06\t`\x86H\x01e\x03\x04\x01.0\x11\x04\x0c,\xcdD\xc5F\xf7\xc9%\xf4\xc8D1\x02\x01\x10\x80;-\xd1\xe2(=;\x0c7$V\xd9\x9d\xb5@\x8f\xbeG\x0cw\xba\xca\x9a\xb2pH/\xb7]F\x88\xeb\x12\x05\x1b&\xc9\x1b\xb1L\xa0\x9b\xef\\Y\xe5p\xef[\xae\x9c0v\xbaO\xd6\xee\x98}\xc4')}


In [70]:
cycled_plaintext, decrypted_header = aws_encryption_sdk.decrypt(
    source=my_ciphertext,
    key_provider=master_key_provider
)

In [71]:
cycled_plaintext

b'I really like chinese food'

# Cycle Zip File

In [92]:
source_file = r"C:\Users\PMariani\Desktop\home\docs\personal_projects\aws_playground\dummy_data\alice_in_wonderland.7z"
output = r"C:\Users\PMariani\Desktop\home\docs\personal_projects\aws_playground\dummy_data\alice_in_wonderland.7z.encrypted"

In [95]:
my_ciphertext, encryptor_header = aws_encryption_sdk.encrypt(source=source_file, key_provider=master_key_provider)

In [None]:
aws-encryption-cli 