0

I am looking to encrypt some secret text using aws_encryption_sdkin python .However I see some unwanted character while decrypting. I have used java version of sdk before I did not see any this kind of issue .Below is my code .

import aws_encryption_sdk
from aws_encryption_sdk import CommitmentPolicy
import botocore.session
import pytest
import base64

def cycle_string(key_arn, source_plaintext, botocore_session=None):
    
  
    client = aws_encryption_sdk.EncryptionSDKClient(commitment_policy=CommitmentPolicy.REQUIRE_ENCRYPT_REQUIRE_DECRYPT)

    kms_kwargs = dict(key_ids=[key_arn])
    print(kms_kwargs)
    if botocore_session is not None:
        kms_kwargs["botocore_session"] = botocore_session
    master_key_provider = aws_encryption_sdk.StrictAwsKmsMasterKeyProvider(**kms_kwargs)

    # Encrypt the plaintext source data
    ciphertext, encryptor_header = client.encrypt(source=source_plaintext, key_provider=master_key_provider)
    # print(ciphertext, encryptor_header)
    # Decrypt the ciphertext
    encrrtext=base64.b64encode(ciphertext)
    encrciphertext=base64.b64decode(encrrtext)

    cycled_plaintext, decrypted_header = client.decrypt(source=encrciphertext, key_provider=master_key_provider)
    # print(cycled_plaintext, decrypted_header)
    print(encrrtext)
    print(cycled_plaintext)
    print(source_plaintext)

# Verify that the "cycled" (encrypted, then decrypted) plaintext is identical to the source plaintext
    assert cycled_plaintext == source_plaintext

    # Verify that the encryption context used in the decrypt operation includes all key pairs from
    # the encrypt operation. (The SDK can add pairs, so don't require an exact match.)
    #
    # In production, always use a meaningful encryption context. In this sample, we omit the
    # encryption context (no key pairs).
    assert all(
        pair in decrypted_header.encryption_context.items() for pair in encryptor_header.encryption_context.items()
    )

plaintext = "hello there"
cmk_arn = "<arn>"
cycle_string(key_arn=cmk_arn, source_plaintext=plaintext, botocore_session=botocore.session.Session())


    O/P:
b'hello there'
hello there

I was expecting it to return same text as source .Any help on this would be appreciated

Improve this question

1 Answer 1

Reset to default
1

Seems like the SDK returns a byte-string. When printing python denotes these by adding the b'' part. You can convert the byte string to a normal string by adding cycled_plaintext = cycled_plaintext.decode('UTF-8') before the assertion.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.