feat(test_vector_handlers): TestVectors test with MPL constructs #650
Conversation
lucasmcdonald3
changed the title
lucasmcdonald3
changed the title
| ) | ||
| ) | ||
|
|
||
| # Weird hack #2: |
There was a problem hiding this comment.
Weird hack #2 is NOT present in Java.
Java test vectors use a modified keys.json file from other manifests: https://github.com/aws/aws-encryption-sdk-java/blob/master/src/test/resources/keys.json#L45
This is changed from "key-id": "rsa-4096-private" to "key-id": "rsa-4096"; similarly on the public key.
This allows the edk.keyProviderInfo == keyring.keyName check to pass, and the keyring "works".
But (afaik) all of these vector suites provide their own keys.json that still have key-ids that specify private/public, so Java would not work with those vector suites.
This code should probably be in the TestVectors Dafny. It's only here because I debugged this in Python, and want some feedback before changing the Dafny.
There was a problem hiding this comment.
I'm not sure I'm following, I follow up.
This sounds like these hacks are fighting. The name of the key and the name of the key info are not the same thing.
There was a problem hiding this comment.
I'd describe it as "coordinating" rather than fighting :)
The primary evidence for this is that the test vectors pass with this change
I think the plan of action here SHOULD be some combination of 1) editing key manifests going forward, so the key name of a public/private key pair is the same; 2) add a "legacy" check in TestVectors to align the key name of any keys with names "rsa-4096-private" and "rsa-4096-public"
There was a problem hiding this comment.
Is this plan of action going to happen here or is this happening somewhere else?
seebees
left a comment
seebees
left a comment
There was a problem hiding this comment.
So we generate with master key, and then decrypt with JS and master key.
How do we test keyring? Does the master key target do both?
There was a problem hiding this comment.
Should this be in the MPL Test vectors project?
There was a problem hiding this comment.
If it isn't already, I think that's a good idea
There was a problem hiding this comment.
Chatted with Jose, it's a good idea to put this in the test vector framework.
There was a problem hiding this comment.
Can I resolve this? If this is done, just resolve the conversation plz :)
| ) | ||
| ) | ||
|
|
||
| # Weird hack #2: |
There was a problem hiding this comment.
I'm not sure I'm following, I follow up.
This sounds like these hacks are fighting. The name of the key and the name of the key info are not the same thing.
That is correct for Python <3.11. |
seebees
left a comment
seebees
left a comment
There was a problem hiding this comment.
Looks good! So many commits!
| # pylint: disable=fixme | ||
| # TODO: Point at MPL main branch once Python MPL is merged into main. | ||
| # TODO-MPL: Point at PyPI once MPL is released. | ||
| # This blocks releasing ESDK-Python MPL integration. |
There was a problem hiding this comment.
Just wondering do we have a way to enforce this?
There was a problem hiding this comment.
Yes! PyPI will not let you publish a package that uses GitHub directly. We MUST refer to the published MPL to publish the new ESDK-Python.
There was a problem hiding this comment.
| del test_decryptor.config.encryption_context | ||
|
|
||
| test_header, test_header_auth = test_decryptor._read_header() | ||
|
|
||
| self.mock_deserialize_header.assert_called_once_with(ct_stream, None) | ||
| mock_verifier.from_key_bytes.assert_called_once_with( | ||
| algorithm=self.mock_header.algorithm, key_bytes=sentinel.verification_key | ||
| ) | ||
| mock_decrypt_materials_request.assert_called_once_with( | ||
| encrypted_data_keys=self.mock_header.encrypted_data_keys, | ||
| algorithm=self.mock_header.algorithm, | ||
| encryption_context=sentinel.encryption_context, | ||
| commitment_policy=mock_commitment_policy, | ||
| ) | ||
| self.mock_materials_manager.decrypt_materials.assert_called_once_with( | ||
| request=mock_decrypt_materials_request.return_value | ||
| ) | ||
| mock_verifier_instance.update.assert_called_once_with(self.mock_raw_header) | ||
| self.mock_deserialize_header_auth.assert_called_once_with( | ||
| version=self.mock_header.version, | ||
| stream=ct_stream, | ||
| algorithm=self.mock_header.algorithm, | ||
| verifier=mock_verifier_instance, | ||
| ) | ||
| mock_derive_datakey.assert_called_once_with( | ||
| source_key=VALUES["data_key_obj"].data_key, | ||
| algorithm=self.mock_header.algorithm, | ||
| message_id=self.mock_header.message_id, | ||
| ) | ||
| assert test_decryptor._derived_data_key is mock_derive_datakey.return_value | ||
| self.mock_validate_header.assert_called_once_with( | ||
| header=self.mock_header, | ||
| header_auth=sentinel.header_auth, | ||
| raw_header=self.mock_raw_header, | ||
| data_key=mock_derive_datakey.return_value, | ||
| ) | ||
| assert test_header is self.mock_header | ||
| assert test_header_auth is sentinel.header_auth |
There was a problem hiding this comment.
Just wondering why we are deleting these?
There was a problem hiding this comment.
This might be a diff issue... let me double check
There was a problem hiding this comment.
Ah! This was a merge conflict issue. I committed this test when I shouldn't have.
The behavior from this test is no longer valid.
This test would assert that encryption context on decrypt works for native (ESDK-Python) CMMs.
We decided that encryption context on decrypt would not be supported in this thread.
The new behavior validating encryption context on decrypt raises an exception is present here.
2 participants
Issue #, if available:
Description of changes:
awses_local; this test is now redundant by the additions above.Out of Scope
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
Check any applicable: