Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add kms:ReEncrypt invalid destination key test

Browse Source
This commit is contained in:
mattsb42-aws 2019-08-27 20:49:47 -07:00
parent 9ffb9d3d0a
commit dd63cebf81
2 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
moto/kms/models.py
View File

@ -217,6 +217,8 @@ class KmsBackend(BaseBackend):
def re_encrypt( def re_encrypt(
self, ciphertext_blob, source_encryption_context, destination_key_id, destination_encryption_context self, ciphertext_blob, source_encryption_context, destination_key_id, destination_encryption_context
): ):
destination_key_id = self.any_id_to_key_id(destination_key_id)
plaintext, decrypting_arn = self.decrypt( plaintext, decrypting_arn = self.decrypt(
ciphertext_blob=ciphertext_blob, encryption_context=source_encryption_context ciphertext_blob=ciphertext_blob, encryption_context=source_encryption_context
) )

19
tests/test_kms/test_kms.py
View File

@ -889,6 +889,25 @@ def test_re_encrypt_decrypt(plaintext):
decrypt_response_1["Plaintext"].should.equal(decrypt_response_2["Plaintext"]) decrypt_response_1["Plaintext"].should.equal(decrypt_response_2["Plaintext"])
@mock_kms
def test_re_encrypt_to_invalid_destination():
client = boto3.client("kms", region_name="us-west-2")
key = client.create_key(Description="key 1")
key_id = key["KeyMetadata"]["KeyId"]
encrypt_response = client.encrypt(
KeyId=key_id,
Plaintext=b"some plaintext",
)
with assert_raises(client.exceptions.NotFoundException):
client.re_encrypt(
CiphertextBlob=encrypt_response["CiphertextBlob"],
DestinationKeyId="8327948729348",
)
@mock_kms @mock_kms
def test_enable_key_rotation_key_not_found(): def test_enable_key_rotation_key_not_found():
client = boto3.client("kms", region_name="us-east-1") client = boto3.client("kms", region_name="us-east-1")