How to use generate_data_key method in localstack

Best Python code snippet using localstack_python

test_provider_base.py

Source:test_provider_base.py Github

copy

Full Screen

1import pytest2from mock import MagicMock, sentinel, call3import aliyun_encryption_sdk4from aliyun_encryption_sdk.handle.format import FormatHandler, Asn1FormatHandler5from aliyun_encryption_sdk.kms.kms import AliyunKms6from aliyun_encryption_sdk.model import Algorithm7from aliyun_encryption_sdk.provider.base import BaseDataKeyProvider8KEY_ID = "acs:kms:RegionId:UserId:key/CmkId"9HANGZHOU_KEY = "acs:kms:cn-hangzhou:UserId:key/CmkId"10HANGZHOU_KEY1 = "acs:kms:cn-hangzhou:UserId:key/CmkId1"11HANGZHOU_KEY2 = "acs:kms:cn-hangzhou:UserId:key/CmkId2"12BEIJING_KEY1 = "acs:kms:cn-beijing:UserId:key/CmkId1"13SHANGHAI_KEY1 = "acs:kms:cn-shanghai:UserId:key/CmkId1"14class MockDataKeyProvider(BaseDataKeyProvider):15 def process_cipher_material(self, cipher_material):16 pass17 def get_cipher_material(self, cipher_text):18 pass19def build_provider(**kwargs):20 parameter = dict(21 key_id=KEY_ID22 )23 parameter.update(kwargs)24 return MockDataKeyProvider(**parameter)25@pytest.mark.parametrize(26 "invalid_kwargs, error_message",27 (28 (dict(key_id=None), r"'key_id' must be str type"),29 (dict(kms=MagicMock()), r"'kms' must be AliyunKms type"),30 (dict(format_handle=None), r"'format_handle' must be FormatHandler type"),31 (dict(algorithm=None), r"'algorithm' must be Algorithm type"),32 (dict(keys=MagicMock()), r"'keys' must be set or list type")33 ),34)35def test_invalid_parameter_type(invalid_kwargs, error_message):36 with pytest.raises(TypeError) as e:37 build_provider(**invalid_kwargs)38 e.match(error_message)39def test_valid_parameter():40 moch_kms = MagicMock(__class__=AliyunKms)41 mock_format_handle = MagicMock(__class__=FormatHandler)42 keys = set()43 keys.add("acs:kms:RegionId:UserId:key/CmkId1")44 keys.add("acs:kms:RegionId:UserId:key/CmkId2")45 key_id = "acs:kms:RegionId:UserId:key/CmkId"46 valid_kwargs = dict(47 key_id=key_id,48 kms=moch_kms,49 format_handle=mock_format_handle,50 algorithm=Algorithm.AES_GCM_NOPADDING_128,51 keys=keys52 )53 provider = build_provider(**valid_kwargs)54 assert provider.kms is moch_kms55 assert provider.format_handle is mock_format_handle56 assert provider.algorithm is Algorithm.AES_GCM_NOPADDING_12857 for key in provider._keys:58 assert key.key_arn in keys59def test_default():60 provider = build_provider()61 assert provider.key.key_arn == KEY_ID62 assert provider.kms is None63 assert isinstance(provider.format_handle, Asn1FormatHandler)64 assert provider.algorithm is Algorithm.AES_GCM_NOPADDING_25665 assert provider._keys == set()66@pytest.yield_fixture67def patch_EncryptedDataKey(mocker):68 mocker.patch.object(aliyun_encryption_sdk.provider.base, "EncryptedDataKey")69 yield aliyun_encryption_sdk.provider.base.EncryptedDataKey70@pytest.yield_fixture71def patch_to_bytes(mocker):72 mocker.patch.object(aliyun_encryption_sdk.provider.base, "to_bytes")73 yield aliyun_encryption_sdk.provider.base.to_bytes74@pytest.yield_fixture75def patch_base64_b64decode(mocker):76 mocker.patch.object(aliyun_encryption_sdk.provider.base.base64, "b64decode")77 yield aliyun_encryption_sdk.provider.base.base64.b64decode78def test_encrypt_data_key_no_multi_keys(79 patch_EncryptedDataKey,80 patch_to_bytes,81 patch_base64_b64decode82):83 mock_encryption_material = MagicMock(encryption_context=sentinel.encryption_context)84 mock_kms = MagicMock(85 __class__=AliyunKms,86 generate_data_key=MagicMock(87 return_value=(sentinel.plaintext_data_key, sentinel.encrypted_data_key)88 ),89 reEncrypt_data_key=MagicMock(),90 encrypt_data_key=MagicMock()91 )92 provider = build_provider(kms=mock_kms)93 result = provider.encrypt_data_key(mock_encryption_material)94 mock_kms.generate_data_key.assert_called_once_with(95 provider.key, provider.algorithm, sentinel.encryption_context96 )97 patch_base64_b64decode.assert_called_once_with(sentinel.plaintext_data_key)98 assert not mock_kms.reEncrypt_data_key.called99 assert not mock_kms.encrypt_data_key.called100 assert patch_EncryptedDataKey.return_value in result.encrypted_data_keys101 assert result.plaintext_data_key is patch_base64_b64decode.return_value102def test_encrypt_data_key_multi_same_region_keys(103 patch_EncryptedDataKey,104 patch_to_bytes,105 patch_base64_b64decode106):107 mock_encryption_material = MagicMock(encryption_context=sentinel.encryption_context)108 mock_kms = MagicMock(109 __class__=AliyunKms,110 generate_data_key=MagicMock(111 return_value=(sentinel.plaintext_data_key,sentinel.encrypted_data_key)112 ),113 reEncrypt_data_key=MagicMock(side_effect=(sentinel.key1, sentinel.key2)),114 encrypt_data_key=MagicMock()115 )116 keys = {HANGZHOU_KEY1, HANGZHOU_KEY2}117 provider = build_provider(key_id=HANGZHOU_KEY, kms=mock_kms, keys=keys)118 result = provider.encrypt_data_key(mock_encryption_material)119 mock_kms.generate_data_key.assert_called_once_with(120 provider.key, provider.algorithm, sentinel.encryption_context121 )122 mock_kms.reEncrypt_data_key.assert_has_calls(123 [call(key, patch_EncryptedDataKey.return_value, sentinel.encryption_context) for key in provider._keys],124 True125 )126 assert not mock_kms.encrypt_data_key.called127 assert len(result.encrypted_data_keys) == 3128 assert patch_EncryptedDataKey.return_value in result.encrypted_data_keys129 assert sentinel.key1 in result.encrypted_data_keys130 assert sentinel.key2 in result.encrypted_data_keys131 assert result.plaintext_data_key is patch_base64_b64decode.return_value132def test_encrypt_data_key_multi_different_region_keys(133 patch_EncryptedDataKey,134 patch_to_bytes,135 patch_base64_b64decode136):137 mock_encryption_material = MagicMock(encryption_context=sentinel.encryption_context)138 mock_kms = MagicMock(139 __class__=AliyunKms,140 generate_data_key=MagicMock(141 return_value=(sentinel.plaintext_data_key, sentinel.encrypted_data_key)142 ),143 reEncrypt_data_key=MagicMock(),144 encrypt_data_key=MagicMock(side_effect=(sentinel.key1, sentinel.key2))145 )146 keys = {BEIJING_KEY1, SHANGHAI_KEY1}147 provider = build_provider(key_id=HANGZHOU_KEY, kms=mock_kms, keys=keys)148 result = provider.encrypt_data_key(mock_encryption_material)149 mock_kms.generate_data_key.assert_called_once_with(150 provider.key, provider.algorithm, sentinel.encryption_context151 )152 mock_kms.encrypt_data_key.assert_has_calls(153 [call(key, sentinel.plaintext_data_key, sentinel.encryption_context) for key in provider._keys],154 True155 )156 assert not mock_kms.reEncrypt_data_key.called157 assert len(result.encrypted_data_keys) == 3158 assert patch_EncryptedDataKey.return_value in result.encrypted_data_keys159 assert sentinel.key1 in result.encrypted_data_keys160 assert sentinel.key2 in result.encrypted_data_keys161 assert result.plaintext_data_key is patch_base64_b64decode.return_value162def test_encrypt_data_key_multi_mix_region_keys(163 patch_EncryptedDataKey,164 patch_to_bytes,165 patch_base64_b64decode166):167 mock_encryption_material = MagicMock(encryption_context=sentinel.encryption_context)168 mock_kms = MagicMock(169 __class__=AliyunKms,170 generate_data_key=MagicMock(171 return_value=(sentinel.plaintext_data_key, sentinel.encrypted_data_key)172 ),173 reEncrypt_data_key=MagicMock(return_value=sentinel.key1),174 encrypt_data_key=MagicMock(return_value=sentinel.key2)175 )176 keys = {HANGZHOU_KEY1, SHANGHAI_KEY1}177 provider = build_provider(key_id=HANGZHOU_KEY, kms=mock_kms, keys=keys)178 result = provider.encrypt_data_key(mock_encryption_material)179 mock_kms.generate_data_key.assert_called_once_with(180 provider.key, provider.algorithm, sentinel.encryption_context181 )182 for key in provider._keys:183 if provider.key.isCommonRegion(key):184 mock_kms.reEncrypt_data_key.assert_called_once_with(185 key, patch_EncryptedDataKey.return_value, sentinel.encryption_context186 )187 else:188 mock_kms.encrypt_data_key.assert_called_once_with(189 key, sentinel.plaintext_data_key, sentinel.encryption_context190 )191 assert len(result.encrypted_data_keys) == 3192 assert patch_EncryptedDataKey.return_value in result.encrypted_data_keys193 assert sentinel.key1 in result.encrypted_data_keys194 assert sentinel.key2 in result.encrypted_data_keys195 assert result.plaintext_data_key is patch_base64_b64decode.return_value196def test_decrypt_data_key_valid(patch_base64_b64decode):197 mock_decryption_material = MagicMock(encryption_context=sentinel.encryption_context)198 mock_key1 = MagicMock(key_id=HANGZHOU_KEY)199 mock_key2 = MagicMock(key_id=HANGZHOU_KEY1)200 mock_encrypted_data_keys = {mock_key1, mock_key2}201 mock_kms = MagicMock(202 __class__=AliyunKms,203 generate_data_key=MagicMock(204 return_value=(sentinel.plaintext_data_key, sentinel.encrypted_data_key)205 ),206 decrypt_data_key=MagicMock(),207 )208 provider = build_provider(key_id=HANGZHOU_KEY, kms=mock_kms)209 result = provider.decrypt_data_key(mock_decryption_material, mock_encrypted_data_keys)210 mock_kms.decrypt_data_key.assert_called_once_with(211 mock_key1, sentinel.encryption_context212 )213 assert result.plaintext_data_key is patch_base64_b64decode.return_value214def test_decrypt_data_key_invalid(patch_base64_b64decode):215 mock_decryption_material = MagicMock(encryption_context=sentinel.encryption_context)216 mock_key1 = MagicMock(key_id=HANGZHOU_KEY1)217 mock_key2 = MagicMock(key_id=HANGZHOU_KEY2)218 mock_encrypted_data_keys = {mock_key1, mock_key2}219 mock_kms = MagicMock(220 __class__=AliyunKms,221 generate_data_key=MagicMock(222 return_value=(sentinel.plaintext_data_key, sentinel.encrypted_data_key)223 ),224 decrypt_data_key=MagicMock(),225 )226 provider = build_provider(key_id=HANGZHOU_KEY, kms=mock_kms)227 result = provider.decrypt_data_key(mock_decryption_material, mock_encrypted_data_keys)228 assert not mock_kms.decrypt_data_key.called229 assert not patch_base64_b64decode.called...

Full Screen

Full Screen

test_kms_crypt.py

Source:test_kms_crypt.py Github

copy

Full Screen

1import six2from botocore.exceptions import ClientError3from mock import MagicMock4from spacel.security.kms_crypt import KmsCrypto5from spacel.security.kms_key import KmsKeyFactory6from test import ORBIT_REGION7from test.security import BaseKmsTest, PLAINTEXT_KEY, ENCRYPTED_KEY8class TestKmsCrypto(BaseKmsTest):9 def setUp(self):10 super(TestKmsCrypto, self).setUp()11 self.kms_key = MagicMock(spec=KmsKeyFactory)12 self.kms_crypt = KmsCrypto(self.clients, self.kms_key)13 def test_roundtrip_bytes(self):14 self._round_trip(six.b('hello world'))15 def test_roundtrip_ascii(self):16 self._round_trip('hello world')17 def test_roundtrip_utf8(self):18 self._round_trip(six.u('\u9731'))19 def test_decrypt_invalid(self):20 # Invalid ciphertext: decrypts to garbage21 self.assertRaises(ValueError, self.kms_crypt.decrypt,22 b'1234567890123456',23 b'1234567890123456',24 b'1234567890123456',25 ORBIT_REGION,26 'bytes')27 def test_encrypt_missing_key(self):28 # GenerateDataKey fails as key doesn't exist, key is created:29 key_not_found = ClientError({'Error': {30 'Message': ('An error occurred (NotFoundException) when calling ' +31 'the GenerateDataKey operation: Alias ' +32 'arn:aws:kms:us-east-1:330658367937:alias/your-alias ' +33 'is not found')34 }}, 'GenerateDataKey')35 self.kms.generate_data_key.side_effect = [36 key_not_found,37 {38 'Plaintext': PLAINTEXT_KEY,39 'CiphertextBlob': ENCRYPTED_KEY40 }41 ]42 self.kms_crypt.encrypt(self.app_region, 'test')43 self.assertEquals(2, self.kms.generate_data_key.call_count)44 self.kms_key.create_key.assert_called_with(self.app_region)45 def test_encrypt_error(self):46 # GenerateDataKey fails as key doesn't exist, key is created:47 key_not_found = ClientError({'Error': {48 'Message': 'Kaboom'49 }}, 'GenerateDataKey')50 self.kms.generate_data_key.side_effect = key_not_found51 self.assertRaises(ClientError, self.kms_crypt.encrypt, self.app_region,52 'test')53 def _round_trip(self, data):54 item = self.kms_crypt.encrypt(self.app_region, data)55 self.assertEquals(ENCRYPTED_KEY, item.key)56 self.assertEquals(ORBIT_REGION, item.key_region)57 decrypted = self.kms_crypt.decrypt_payload(item)58 self.assertEquals(decrypted, data)...

Full Screen

Full Screen

kms_file_encrytper.1.py

Source:kms_file_encrytper.1.py Github

copy

Full Screen

...32# Create variable to hold the list of KMS key aliases 33keylist = (get_aliases())34# run the function to print the list of keys an ask the user to select one of the keys35keynum = (print_keys(keylist))36def generate_data_key(key):37 key = keylist[key]38 datakey = client.generate_data_key(KeyId=key,KeySpec='AES_256')39 return datakey40 41#call function to generate data key42dk = (generate_data_key(keynum))43print(dk)...

Full Screen

Full Screen

Automation Testing Tutorials

Learn to execute automation testing from scratch with LambdaTest Learning Hub. Right from setting up the prerequisites to run your first automation test, to following best practices and diving deeper into advanced test scenarios. LambdaTest Learning Hubs compile a list of step-by-step guides to help you be proficient with different test automation frameworks i.e. Selenium, Cypress, TestNG etc.

LambdaTest Learning Hubs:

YouTube

You could also refer to video tutorials over LambdaTest YouTube channel to get step by step demonstration from industry experts.

Run localstack automation tests on LambdaTest cloud grid

Perform automation testing on 3000+ real desktop and mobile devices online.

Try LambdaTest Now !!

Get 100 minutes of automation test minutes FREE!!

Next-Gen App & Browser Testing Cloud

Was this article helpful?

Helpful

NotHelpful