There modules provide handlers to be used to process existing, or generate new, test vectors based on test vector manifests.
- Python 3.8+
- aws-encryption-sdk
In addition to direct use of the library, some CLI tools are provided to simplify processing of common test manifest types.
Used to process an AWS Encryption SDK Full Message Encrypt manifest.
usage: awses-full-message-encrypt [-h] --input INPUT Build ciphertexts and decrypt manifest from keys and encrypt manifests optional arguments: -h, --help show this help message and exit --input INPUT Existing full message encrypt manifest
Used to process an AWS Encryption SDK Full Message Decrypt Generation manifest and produce a Full Message Decrypt manifest along with all corresponding plaintexts and ciphertexts.
usage: awses-full-message-decrypt-generate [-h] --output OUTPUT --input INPUT [--human] Build ciphertexts and decrypt manifest from keys and encrypt manifests optional arguments: -h, --help show this help message and exit --output OUTPUT Directory in which to store results --input INPUT Existing full message decrypt generation manifest --human Output human-readable JSON
The output of this command can be used to produce a zip file to be added to the shared test vectors repository. Make sure that the individual contents of the output directory are top-level entries in the zip file; it is easy to add an additional top-level folder by accident!
Used to process an AWS Encryption SDK Full Message Decrypt manifest to decrypt and verify all referenced ciphertexts.
usage: awses-full-message-decrypt [-h] --input INPUT Decrypt ciphertexts generated by awses-full-message-encrypt optional arguments: -h, --help show this help message and exit --input INPUT Existing full message decrypt manifest