KMS encrypt file data using Boto3

45
May 15, 2019, at 5:30 PM

I am using the below code to KMS encrypt the data in a file. Is there a way to do something similar using boto3 in python?

public KmsMasterKeyProvider getkmsKeyProvider(String arn) throws IOException{
    KmsMasterKeyProvider prov =  new KmsMasterKeyProvider(
            new DefaultAWSCredentialsProviderChain(),
            Region.getRegion(getRegion()),
            createConfiguration(),
            arn);
    return prov;
}

Code to Encrypt

        AwsCrypto crypto = new AwsCrypto();
        KmsMasterKeyProvider prov =  util.getkmsKeyProvider(keyArn);
            FileInputStream decryptedStream = new FileInputStream(temp_data_file);
        String output = prop.getProperty(OUTPUT_TMP_PATH)+"file.out";
        final FileOutputStream out = new FileOutputStream(output);
        final CryptoOutputStream<?> encryptingStream = crypto.createEncryptingStream(prov,out);
        IOUtils.copy(decryptedStream, encryptingStream);
        encryptingStream.close();
        decryptedStream.close();
        File outputFile = new File(output);
Answer 1

The code examples you show are using the AWS Encryption SDK[1], which is available for Python[2], yes!

An equivalent snippet to what you show in your question would be:

import aws_encryption_sdk
def encrypt_file(cmk_arn, plaintext_filename, ciphertext_filename):
    key_provider = aws_encryption_sdk.KMSMasterKeyProvider(key_ids=[cmk_arn])
    with open(plaintext_filename, "rb") as plaintext, open(ciphertext_filename, "wb") as ciphertext:
        with aws_encryption_sdk.stream(mode="encrypt", source=plaintext, key_provider=key_provider) as encryptor:
            for chunk in encryptor:
                ciphertext.write(chunk)

You can find more examples here[3] as well as in our docs[1][2].

[1] https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/introduction.html

[2] https://aws-encryption-sdk-python.readthedocs.io/en/latest/

[3] https://github.com/aws/aws-encryption-sdk-python/tree/master/examples/src

READ ALSO
How to Communicate between Activity and Service using LocalBroadcastManager in a different Process

How to Communicate between Activity and Service using LocalBroadcastManager in a different Process

I have a Service which is in a different process defined in Manifest and a MapboxMap Activity, and I just wanted to know how I can communicate between my Service and Activity using LocalBroadcastManager

32
spring security work only for highest priority order

spring security work only for highest priority order

I am trying to integrate spring mvc in existing spring rest projectSecurity for spring rest is working fine

32
Expressing Java Annotation Class with Members in Kotlin

Expressing Java Annotation Class with Members in Kotlin

I'm new to Kotlin and currently using v13

28
What is the certificate in the context of RSA and asymmetric encryption?

What is the certificate in the context of RSA and asymmetric encryption?

I try to implement a asymmetric encription for learning purposeI learned that a certificate helps to identify the owner of a public key

10