How to use the aioboto3.s3.cse.SymmetricCryptoContext function in aioboto3

To help you get started, we’ve selected a few aioboto3 examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github terrycain / aioboto3 / tests / View on Github external
async def test_symmetric_cse_encrypt_decrypt_aes_cbc(event_loop, s3_moto_patch, region, bucket_name, s3_key_name):
    s3_client, s3_resource = s3_moto_patch
    s3_client = s3_client('s3', region_name=region)

    await s3_client.create_bucket(Bucket=bucket_name, CreateBucketConfiguration={'LocationConstraint': region})

    aes_key = b'O\x8b\xdc\x92\x87k\x9aJ{m\x82\xb3\x96\xf7\x93]\xa1\xb2Cl\x86<5\xbe\x13\xaf\xa8\x94\xa2O3\xef'

    symmetric_crypto_context = cse.SymmetricCryptoContext(aes_key)
    s3_cse = cse.S3CSE(symmetric_crypto_context, s3_client_args={'region_name': region})

    async with s3_cse:
        # Upload file
        await s3_cse.put_object(Body=DATA, Bucket=bucket_name, Key=s3_key_name)

        encrypted_resp = await s3_client.get_object(Bucket=bucket_name, Key=s3_key_name)
        encrypted_resp['Body'] = await encrypted_resp['Body'].read()

        # Check it doesnt start with lorem ipsum
        assert not encrypted_resp['Body'].startswith(DATA[:10])

        # Check metadata for KMS encryption
        assert len(base64.b64decode(encrypted_resp['Metadata']['x-amz-key'])) == 48
        assert encrypted_resp['Metadata']['x-amz-unencrypted-content-length'] == str(len(DATA))
        assert encrypted_resp['Metadata']['x-amz-matdesc'] == '{}'