-
Notifications
You must be signed in to change notification settings - Fork 84
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #63 from mattsb42-aws/vectors
New test vector handlers
- Loading branch information
Showing
30 changed files
with
8,073 additions
and
14 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,21 +1,38 @@ | ||
*.class | ||
*.egg-info | ||
*.pyc | ||
*.pyo | ||
*~ | ||
.DS_Store | ||
.tox | ||
/.cache* | ||
/.coverage* | ||
/build | ||
/doc/generated/* | ||
/runpy | ||
/test/integration/test_values.conf | ||
__pycache__ | ||
|
||
# Test vectors (legacy) | ||
aws_encryption_sdk_resources | ||
|
||
# OS Artifacts | ||
.DS_Store | ||
|
||
# Build Artifacts | ||
build | ||
dist | ||
docs/build | ||
test/integration/test_values.conf | ||
/doc/generated/* | ||
|
||
# Bytecode Artifacts | ||
*.pyc | ||
*.pyo | ||
.cache* | ||
__pycache__ | ||
*.egg-info | ||
|
||
# Coverage.py | ||
.coverage* | ||
|
||
# MyPy | ||
.mypy_cache | ||
|
||
# PyEnv | ||
.python-version | ||
|
||
# PyTest | ||
.pytest_cache | ||
|
||
# PyCharm | ||
.idea/ | ||
|
||
# Tox | ||
.tox |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
include README.rst | ||
include CHANGELOG.rst | ||
include CONTRIBUTING.rst | ||
include LICENSE | ||
include requirements.txt | ||
|
||
recursive-include doc * | ||
recursive-include test *.py | ||
recursive-include examples *.py |
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
attrs >= 17.4.0 | ||
six |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
[wheel] | ||
universal = 1 | ||
|
||
[metadata] | ||
license_file = LICENSE | ||
|
||
[coverage:run] | ||
branch = True | ||
|
||
[coverage:report] | ||
show_missing = True | ||
|
||
[mypy] | ||
ignore_missing_imports = True | ||
|
||
[flake8] | ||
max_complexity = 10 | ||
max_line_length = 120 | ||
import_order_style = google | ||
application_import_names = aws_encryption_sdk_cli | ||
builtins = raw_input | ||
ignore = | ||
# Ignoring D205 and D400 because of false positives | ||
D205, D400, | ||
# E203 is not PEP8 compliant https://github.com/ambv/black#slices | ||
E203, | ||
# W503 is not PEP8 compliant https://github.com/ambv/black#line-breaks--binary-operators | ||
W503 | ||
|
||
[doc8] | ||
max-line-length = 120 | ||
|
||
[isort] | ||
line_length = 120 | ||
# https://github.com/timothycrosley/isort#multi-line-output-modes | ||
multi_line_output = 3 | ||
include_trailing_comma = True | ||
force_grid_wrap = 0 | ||
combine_as_imports = True | ||
not_skip = __init__.py | ||
known_first_party = awses_test_vectors | ||
known_third_party = attr,aws_encryption_sdk,pytest,setuptools,six |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,65 @@ | ||
"""Test vector handlers for the AWS Encryption SDK for Python.""" | ||
import os | ||
import re | ||
|
||
from setuptools import find_packages, setup | ||
|
||
VERSION_RE = re.compile(r"""__version__ = ['"]([0-9.]+)['"]""") | ||
HERE = os.path.abspath(os.path.dirname(__file__)) | ||
|
||
|
||
def read(*args): | ||
"""Read complete file contents.""" | ||
return open(os.path.join(HERE, *args)).read() | ||
|
||
|
||
def get_version(): | ||
"""Read the version from this module.""" | ||
init = read("src", "awses_test_vectors", "__init__.py") | ||
return VERSION_RE.search(init).group(1) | ||
|
||
|
||
def get_requirements(): | ||
"""Read the requirements file.""" | ||
requirements = read("requirements.txt") | ||
return [r for r in requirements.strip().splitlines()] | ||
|
||
|
||
setup( | ||
name="aws-encryption-sdk-vector-handlers", | ||
packages=find_packages("src"), | ||
package_dir={"": "src"}, | ||
version=get_version(), | ||
author="Amazon Web Services", | ||
maintainer="Amazon Web Services", | ||
author_email="aws-cryptools@amazon.com", | ||
url="https://github.com/awslabs/aws-encryption-sdk-python", | ||
description="Test vector handlers for the AWS Encryption SDK for Python", | ||
long_description=read("README.rst"), | ||
keywords="aws-encryption-sdk aws kms encryption", | ||
license="Apache License 2.0", | ||
install_requires=get_requirements(), | ||
classifiers=[ | ||
"Development Status :: 5 - Production/Stable", | ||
"Intended Audience :: Developers", | ||
"Natural Language :: English", | ||
"License :: OSI Approved :: Apache Software License", | ||
"Programming Language :: Python", | ||
"Programming Language :: Python :: 2", | ||
"Programming Language :: Python :: 2.7", | ||
"Programming Language :: Python :: 3", | ||
"Programming Language :: Python :: 3.4", | ||
"Programming Language :: Python :: 3.5", | ||
"Programming Language :: Python :: 3.6", | ||
"Programming Language :: Python :: 3.7", | ||
"Programming Language :: Python :: Implementation :: CPython", | ||
"Topic :: Security", | ||
"Topic :: Security :: Cryptography", | ||
], | ||
entry_points={ | ||
"console_scripts": [ | ||
"awses-full-message-encrypt=awses_test_vectors.commands.full_message_encrypt:cli", | ||
"awses-full-message-decrypt=awses_test_vectors.commands.full_message_decrypt:cli", | ||
] | ||
}, | ||
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
# Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"). You | ||
# may not use this file except in compliance with the License. A copy of | ||
# the License is located at | ||
# | ||
# http://aws.amazon.com/apache2.0/ | ||
# | ||
# or in the "license" file accompanying this file. This file is | ||
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF | ||
# ANY KIND, either express or implied. See the License for the specific | ||
# language governing permissions and limitations under the License. | ||
__version__ = "0.0.0" |
12 changes: 12 additions & 0 deletions
12
test_vector_generator/src/awses_test_vectors/commands/__init__.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
# Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"). You | ||
# may not use this file except in compliance with the License. A copy of | ||
# the License is located at | ||
# | ||
# http://aws.amazon.com/apache2.0/ | ||
# | ||
# or in the "license" file accompanying this file. This file is | ||
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF | ||
# ANY KIND, either express or implied. See the License for the specific | ||
# language governing permissions and limitations under the License. |
37 changes: 37 additions & 0 deletions
37
test_vector_generator/src/awses_test_vectors/commands/full_message_decrypt.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
# Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"). You | ||
# may not use this file except in compliance with the License. A copy of | ||
# the License is located at | ||
# | ||
# http://aws.amazon.com/apache2.0/ | ||
# | ||
# or in the "license" file accompanying this file. This file is | ||
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF | ||
# ANY KIND, either express or implied. See the License for the specific | ||
# language governing permissions and limitations under the License. | ||
""" | ||
AWS Encryption SDK full message decrypt command. | ||
""" | ||
import argparse | ||
|
||
from awses_test_vectors.manifests.full_message.decrypt import MessageDecryptionManifest | ||
|
||
try: # Python 3.5.0 and 3.5.1 have incompatible typing modules | ||
from typing import Iterable, Optional # noqa pylint: disable=unused-import | ||
except ImportError: # pragma: no cover | ||
# We only actually need these imports when running the mypy checks | ||
pass | ||
|
||
|
||
def cli(args=None): | ||
# type: (Optional[Iterable[str]]) -> None | ||
"""CLI entry point for processing AWS Encryption SDK Decrypt Message manifests.""" | ||
parser = argparse.ArgumentParser(description="Decrypt ciphertexts generated by awses-full-message-encrypt") | ||
parser.add_argument("--input", type=argparse.FileType("r"), help="Existing full message decrypt manifest") | ||
|
||
parsed = parser.parse_args(args) | ||
|
||
decrypt_manifest = MessageDecryptionManifest.from_file(parsed.input) | ||
|
||
decrypt_manifest.run() |
49 changes: 49 additions & 0 deletions
49
test_vector_generator/src/awses_test_vectors/commands/full_message_encrypt.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
# Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"). You | ||
# may not use this file except in compliance with the License. A copy of | ||
# the License is located at | ||
# | ||
# http://aws.amazon.com/apache2.0/ | ||
# | ||
# or in the "license" file accompanying this file. This file is | ||
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF | ||
# ANY KIND, either express or implied. See the License for the specific | ||
# language governing permissions and limitations under the License. | ||
""" | ||
AWS Encryption SDK full message encrypt command. | ||
""" | ||
import argparse | ||
|
||
from awses_test_vectors.manifests.full_message.encrypt import MessageEncryptionManifest | ||
|
||
try: # Python 3.5.0 and 3.5.1 have incompatible typing modules | ||
from typing import Iterable, Optional # noqa pylint: disable=unused-import | ||
except ImportError: # pragma: no cover | ||
# We only actually need these imports when running the mypy checks | ||
pass | ||
|
||
|
||
def cli(args=None): | ||
# type: (Optional[Iterable[str]]) -> None | ||
"""CLI entry point for processing AWS Encryption SDK Encrypt Message manifests.""" | ||
parser = argparse.ArgumentParser( | ||
description="Build ciphertexts and decrypt manifest from keys and encrypt manifests" | ||
) | ||
parser.add_argument("--output", help="Directory in which to store results") | ||
parser.add_argument("--input", type=argparse.FileType("r"), help="Existing full message encrypt manifest") | ||
parser.add_argument( | ||
"--human", | ||
required=False, | ||
default=None, | ||
action="store_const", | ||
const=4, | ||
dest="json_indent", | ||
help="Output human-readable JSON", | ||
) | ||
|
||
parsed = parser.parse_args(args) | ||
|
||
encrypt_manifest = MessageEncryptionManifest.from_file(parsed.input) | ||
|
||
encrypt_manifest.run_and_write_to_dir(target_directory=parsed.output, json_indent=parsed.json_indent) |
12 changes: 12 additions & 0 deletions
12
test_vector_generator/src/awses_test_vectors/internal/__init__.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
# Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"). You | ||
# may not use this file except in compliance with the License. A copy of | ||
# the License is located at | ||
# | ||
# http://aws.amazon.com/apache2.0/ | ||
# | ||
# or in the "license" file accompanying this file. This file is | ||
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF | ||
# ANY KIND, either express or implied. See the License for the specific | ||
# language governing permissions and limitations under the License. |
39 changes: 39 additions & 0 deletions
39
test_vector_generator/src/awses_test_vectors/internal/aws_kms.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
# Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"). You | ||
# may not use this file except in compliance with the License. A copy of | ||
# the License is located at | ||
# | ||
# http://aws.amazon.com/apache2.0/ | ||
# | ||
# or in the "license" file accompanying this file. This file is | ||
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF | ||
# ANY KIND, either express or implied. See the License for the specific | ||
# language governing permissions and limitations under the License. | ||
""" | ||
Helper utilities for interacting with AWS KMS. | ||
""" | ||
from aws_encryption_sdk.identifiers import AlgorithmSuite | ||
from aws_encryption_sdk.key_providers.kms import KMSMasterKeyProvider | ||
|
||
from awses_test_vectors.internal.defaults import ENCODING | ||
|
||
# This lets us easily use a single boto3 client per region for all KMS master keys. | ||
KMS_MASTER_KEY_PROVIDER = KMSMasterKeyProvider() | ||
|
||
|
||
def arn_from_key_id(key_id): | ||
# type: (str) -> str | ||
"""Determine the KMS CMK Arn for the identified key ID. | ||
To avoid needing additional KMS permissions, we just call ``generate_data_key`` | ||
using a master key identified by ``key_id``. | ||
:param str key_id: Original key ID | ||
:returns: Full Arn for KMS CMK that key ID identifies | ||
:rtype: str | ||
""" | ||
encrypted_data_key = KMS_MASTER_KEY_PROVIDER.master_key(key_id.encode(ENCODING)).generate_data_key( | ||
algorithm=AlgorithmSuite.AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384, encryption_context={} | ||
) | ||
return encrypted_data_key.key_provider.key_info.decode(ENCODING) |
17 changes: 17 additions & 0 deletions
17
test_vector_generator/src/awses_test_vectors/internal/defaults.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
# Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"). You | ||
# may not use this file except in compliance with the License. A copy of | ||
# the License is located at | ||
# | ||
# http://aws.amazon.com/apache2.0/ | ||
# | ||
# or in the "license" file accompanying this file. This file is | ||
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF | ||
# ANY KIND, either express or implied. See the License for the specific | ||
# language governing permissions and limitations under the License. | ||
""" | ||
Default values for use in AWS Encryption SDK test vector handlers. | ||
""" | ||
|
||
ENCODING = "utf-8" |
Oops, something went wrong.