Merge pull request #82 from mattsb42-aws/vectors

Cleanup test vector handlers module and prepare for release

.travis.yml

@@ -94,5 +94,116 @@ matrix:
       env: TOXENV=black-check
     - python: 3.6
       env: TOXENV=isort-check
+    ########################
+    # Test Vector Handlers #
+    ########################
+    # CPython 2.7
+    - python: 2.7
+      env:
+        TEST_VECTOR_HANDLERS=1
+        TOXENV=py27-awses_1.3.0
+    - python: 2.7
+      env:
+        TEST_VECTOR_HANDLERS=1
+        TOXENV=py27-awses_1.3.max
+    - python: 2.7
+      env:
+        TEST_VECTOR_HANDLERS=1
+        TOXENV=py27-awses_latest
+    # CPython 3.4
+    - python: 3.4
+      env:
+        TEST_VECTOR_HANDLERS=1
+        TOXENV=py34-awses_1.3.0
+    - python: 3.4
+      env:
+        TEST_VECTOR_HANDLERS=1
+        TOXENV=py34-awses_1.3.max
+    - python: 3.4
+      env:
+        TEST_VECTOR_HANDLERS=1
+        TOXENV=py34-awses_latest
+    # CPython 3.5
+    - python: 3.5
+      env:
+        TEST_VECTOR_HANDLERS=1
+        TOXENV=py35-awses_1.3.0
+    - python: 3.5
+      env:
+        TEST_VECTOR_HANDLERS=1
+        TOXENV=py35-awses_1.3.max
+    - python: 3.5
+      env:
+        TEST_VECTOR_HANDLERS=1
+        TOXENV=py35-awses_latest
+    # CPython 3.6
+    - python: 3.6
+      env:
+        TEST_VECTOR_HANDLERS=1
+        TOXENV=py36-awses_1.3.0
+    - python: 3.6
+      env:
+        TEST_VECTOR_HANDLERS=1
+        TOXENV=py36-awses_1.3.max
+    - python: 3.6
+      env:
+        TEST_VECTOR_HANDLERS=1
+        TOXENV=py36-awses_latest
+    # CPython 3.7
+    - python: 3.7
+      env:
+        TEST_VECTOR_HANDLERS=1
+        TOXENV=py37-awses_1.3.0
+      dist: xenial
+      sudo: true
+    - python: 3.7
+      env:
+        TEST_VECTOR_HANDLERS=1
+        TOXENV=py37-awses_1.3.max
+      dist: xenial
+      sudo: true
+    - python: 3.7
+      env:
+        TEST_VECTOR_HANDLERS=1
+        TOXENV=py37-awses_latest
+      dist: xenial
+      sudo: true
+    # Linters
+    - python: 3.6
+      env:
+        TEST_VECTOR_HANDLERS=1
+        TOXENV=bandit
+    - python: 3.6
+      env:
+        TEST_VECTOR_HANDLERS=1
+        TOXENV=readme
+    # Pending buildout of docs
+    #- python: 3.6
+    #  env:
+    #    TEST_VECTOR_HANDLERS=1
+    #    TOXENV=docs
+    #- python: 3.6
+    #  env:
+    #    TEST_VECTOR_HANDLERS=1
+    #    TOXENV=doc8
+    # Pending linting cleanup
+    #- python: 3.6
+    #  env:
+    #    TEST_VECTOR_HANDLERS=1
+    #    TOXENV=flake8
+    #- python: 3.6
+    #  env:
+    #    TEST_VECTOR_HANDLERS=1
+    #    TOXENV=pylint
+    #- python: 3.6
+    #  env:
+    #    TEST_VECTOR_HANDLERS=1
+    #    TOXENV=flake8-tests
+    #- python: 3.6
+    #  env:
+    #    TEST_VECTOR_HANDLERS=1
+    #    TOXENV=pylint-tests
 install: pip install tox
-script: tox
+script:
+  - if [[ -n $TEST_VECTOR_HANDLERS ]]; then cd test_vector_handlers; fi
+  - tox

test_vector_handlers/README.rst

@@ -0,0 +1,57 @@
+#######################################
+aws-encryption-sdk test vector handlers
+#######################################
+
+There modules provide handlers to be used to process existing, or generate new,
+test vectors based on test vector manifests.
+
+***************
+Getting Started
+***************
+
+Required Prerequisites
+======================
+
+* Python 2.7 or 3.4+
+* aws-encryption-sdk
+
+Use
+===
+
+In addition to direct use of the library, some CLI tools are provided to simplify
+processing of common test manifest types.
+
+Full Message Encrypt
+--------------------
+
+Used to process an AWS Encryption SDK Full Message Encrypt manifest and produce
+a Full Message Decrypt manifest along with all corresponding plaintexts and ciphertexts.
+
+.. code::
+
+    usage: awses-full-message-encrypt [-h] --output OUTPUT --input INPUT [--human]
+
+    Build ciphertexts and decrypt manifest from keys and encrypt manifests
+
+    optional arguments:
+      -h, --help       show this help message and exit
+      --output OUTPUT  Directory in which to store results
+      --input INPUT    Existing full message encrypt manifest
+      --human          Output human-readable JSON
+
+
+Full Message Decrypt
+--------------------
+
+Used to process an AWS Encryption SDK Full Message Decrypt manifest to
+decrypt and verify all referenced ciphertexts.
+
+.. code::
+
+    usage: awses-full-message-decrypt [-h] --input INPUT
+
+    Decrypt ciphertexts generated by awses-full-message-encrypt
+
+    optional arguments:
+      -h, --help     show this help message and exit
+      --input INPUT  Existing full message decrypt manifest

test_vector_handlers/requirements.txt

@@ -0,0 +1,3 @@
+attrs >= 17.4.0
+aws-encryption-sdk
+six

test_vector_generator/src/awses_test_vectors/__init__.py → test_vector_handlers/src/awses_test_vectors/__init__.py

@@ -10,4 +10,4 @@
 # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
 # ANY KIND, either express or implied. See the License for the specific
 # language governing permissions and limitations under the License.
-__version__ = "0.0.0"
+__version__ = "1.0.0"

test_vector_generator/src/awses_test_vectors/commands/full_message_decrypt.py → test_vector_handlers/src/awses_test_vectors/commands/full_message_decrypt.py

@@ -28,7 +28,9 @@ def cli(args=None):
     # type: (Optional[Iterable[str]]) -> None
     """CLI entry point for processing AWS Encryption SDK Decrypt Message manifests."""
     parser = argparse.ArgumentParser(description="Decrypt ciphertexts generated by awses-full-message-encrypt")
-    parser.add_argument("--input", type=argparse.FileType("r"), help="Existing full message decrypt manifest")
+    parser.add_argument(
+        "--input", required=True, type=argparse.FileType("r"), help="Existing full message decrypt manifest"
+    )
 
     parsed = parser.parse_args(args)
 

test_vector_generator/src/awses_test_vectors/commands/full_message_encrypt.py → test_vector_handlers/src/awses_test_vectors/commands/full_message_encrypt.py

@@ -30,8 +30,10 @@ def cli(args=None):
     parser = argparse.ArgumentParser(
         description="Build ciphertexts and decrypt manifest from keys and encrypt manifests"
     )
-    parser.add_argument("--output", help="Directory in which to store results")
-    parser.add_argument("--input", type=argparse.FileType("r"), help="Existing full message encrypt manifest")
+    parser.add_argument("--output", required=True, help="Directory in which to store results")
+    parser.add_argument(
+        "--input", required=True, type=argparse.FileType("r"), help="Existing full message encrypt manifest"
+    )
     parser.add_argument(
         "--human",
         required=False,

test_vector_generator/src/awses_test_vectors/internal/aws_kms.py → test_vector_handlers/src/awses_test_vectors/internal/aws_kms.py

@@ -13,7 +13,10 @@
 """
 Helper utilities for interacting with AWS KMS.
 """
-from aws_encryption_sdk.identifiers import AlgorithmSuite
+try:
+    from aws_encryption_sdk.identifiers import AlgorithmSuite
+except ImportError:
+    from aws_encryption_sdk.identifiers import Algorithm as AlgorithmSuite
 from aws_encryption_sdk.key_providers.kms import KMSMasterKeyProvider
 
 from awses_test_vectors.internal.defaults import ENCODING

test_vector_generator/src/awses_test_vectors/internal/util.py → test_vector_handlers/src/awses_test_vectors/internal/util.py

@@ -19,7 +19,11 @@
 
 import six
 from attr import Attribute  # noqa pylint: disable=unused-import
-from aws_encryption_sdk.identifiers import AlgorithmSuite
+
+try:
+    from aws_encryption_sdk.identifiers import AlgorithmSuite
+except ImportError:
+    from aws_encryption_sdk.identifiers import Algorithm as AlgorithmSuite
 
 try:  # Python 3.5.0 and 3.5.1 have incompatible typing modules
     from typing import Any, Callable, Dict, Iterable, Type  # noqa pylint: disable=unused-import

test_vector_generator/src/awses_test_vectors/manifests/full_message/encrypt.py → test_vector_handlers/src/awses_test_vectors/manifests/full_message/encrypt.py

@@ -23,7 +23,6 @@
 import attr
 import aws_encryption_sdk
 import six
-from aws_encryption_sdk.identifiers import AlgorithmSuite
 from aws_encryption_sdk.key_providers.base import MasterKeyProvider
 
 from awses_test_vectors.internal.defaults import ENCODING
@@ -40,6 +39,12 @@
 from awses_test_vectors.manifests.keys import KeysManifest
 from awses_test_vectors.manifests.master_key import MasterKeySpec, master_key_provider_from_master_key_specs
 
+try:
+    from aws_encryption_sdk.identifiers import AlgorithmSuite
+except ImportError:
+    from aws_encryption_sdk.identifiers import Algorithm as AlgorithmSuite
+
+
 try:  # Python 3.5.0 and 3.5.1 have incompatible typing modules
     from typing import Callable, Dict, IO, Iterable, Optional  # noqa pylint: disable=unused-import
     from awses_test_vectors.internal.mypy_types import (  # noqa pylint: disable=unused-import

test_vector_generator/src/awses_test_vectors/manifests/master_key.py → test_vector_handlers/src/awses_test_vectors/manifests/master_key.py

@@ -18,7 +18,6 @@
 import attr
 import six
 from aws_encryption_sdk.identifiers import EncryptionKeyType, WrappingAlgorithm
-from aws_encryption_sdk.internal.crypto.wrapping_keys import WrappingKey
 from aws_encryption_sdk.key_providers.base import MasterKeyProvider  # noqa pylint: disable=unused-import
 from aws_encryption_sdk.key_providers.kms import KMSMasterKey  # noqa pylint: disable=unused-import
 from aws_encryption_sdk.key_providers.raw import RawMasterKey
@@ -27,6 +26,12 @@
 from awses_test_vectors.internal.util import membership_validator
 from awses_test_vectors.manifests.keys import KeysManifest, KeySpec  # noqa pylint: disable=unused-import
 
+try:
+    from aws_encryption_sdk.internal.crypto.wrapping_keys import WrappingKey
+except ImportError:
+    from aws_encryption_sdk.internal.crypto import WrappingKey
+
+
 try:  # Python 3.5.0 and 3.5.1 have incompatible typing modules
     from typing import Iterable  # noqa pylint: disable=unused-import
     from awses_test_vectors.internal.mypy_types import MASTER_KEY_SPEC  # noqa pylint: disable=unused-import

test_vector_generator/tox.ini → test_vector_handlers/tox.ini

@@ -1,6 +1,7 @@
 [tox]
 envlist =
-    py{27,34,35,36,37},
+    py{27,34,35,36,37}-awses_{1.3.0,1.3.max,latest},
+    # 1.2.0 and 1.2.max are being difficult because of attrs
     bandit, doc8, readme, docs,
     {flake8,pylint}{,-tests},
     # prone to false positives
@@ -44,8 +45,10 @@ passenv =
     AWS_PROFILE
 sitepackages = False
 deps =
-    aws-encryption-sdk
     -rtest/requirements.txt
+    awses_1.3.0: aws-encryption-sdk==1.3.0
+    awses_1.3.max: aws-encryption-sdk >= 1.3.0, < 1.4.0
+    awses_latest: aws-encryption-sdk
 commands = {[testenv:base-command]commands}
 
 [testenv:full-encrypt]
@@ -126,7 +129,7 @@ commands =
 [testenv:pylint]
 basepython = python3
 deps =
-    {[testenv]deps}
+    -rtest/requirements.txt
     pyflakes
     pylint
 commands =
@@ -219,7 +222,7 @@ commands = python setup.py check -r -s
 basepython = python3
 deps =
     # Pull bandit from github because they haven't published 1.4.1 to pypi yet
-    git+git://github.com/openstack/bandit.git@master
+    git+git://github.com/PyCQA/bandit.git@master
 commands = bandit -r src/awses_test_vectors/
 
 # Prone to false positives: only run independently