Expand imports to improve readability

src/aws_encryption_sdk/internal/formatting/deserialize.py

@@ -316,25 +316,6 @@ def deserialize_tag(stream, header, verifier=None):
     return data_tag
 
 
-def update_verifier_with_tag(stream, header, verifier):
-    """Updates verifier with data for authentication tag.
-
-    .. note::
-        This is meant to be used in conjunction with deserialize_non_framed_values
-        to update the verifier over information which has already been retrieved.
-
-    :param stream: Source data stream
-    :type stream: io.BytesIO
-    :param header: Deserialized header
-    :type header: aws_encryption_sdk.structures.MessageHeader
-    :param verifier: Signature verifier object
-    :type verifier: aws_encryption_sdk.internal.crypto.Verifier
-    :returns: Data authentication tag value
-    :rtype: bytes
-    """
-    return unpack_values(">{auth_len}s".format(auth_len=header.algorithm.auth_len), stream, verifier)
-
-
 def deserialize_frame(stream, header, verifier=None):
     """Deserializes a frame from a body.
 

src/aws_encryption_sdk/streaming_client.py

@@ -21,9 +21,6 @@
 import attr
 import six
 
-import aws_encryption_sdk.internal.formatting.deserialize
-import aws_encryption_sdk.internal.formatting.encryption_context
-import aws_encryption_sdk.internal.formatting.serialize
 import aws_encryption_sdk.internal.utils
 from aws_encryption_sdk.exceptions import (
     ActionNotAllowedError,
@@ -38,6 +35,24 @@
 from aws_encryption_sdk.internal.crypto.encryption import Decryptor, Encryptor, decrypt
 from aws_encryption_sdk.internal.crypto.iv import non_framed_body_iv
 from aws_encryption_sdk.internal.defaults import FRAME_LENGTH, LINE_LENGTH, MAX_NON_FRAMED_SIZE, TYPE, VERSION
+from aws_encryption_sdk.internal.formatting.deserialize import (
+    deserialize_footer,
+    deserialize_frame,
+    deserialize_header,
+    deserialize_header_auth,
+    deserialize_non_framed_values,
+    deserialize_tag,
+    validate_header,
+)
+from aws_encryption_sdk.internal.formatting.encryption_context import assemble_content_aad
+from aws_encryption_sdk.internal.formatting.serialize import (
+    serialize_footer,
+    serialize_frame,
+    serialize_header,
+    serialize_header_auth,
+    serialize_non_framed_close,
+    serialize_non_framed_open,
+)
 from aws_encryption_sdk.key_providers.base import MasterKeyProvider
 from aws_encryption_sdk.materials_managers import DecryptionMaterialsRequest, EncryptionMaterialsRequest
 from aws_encryption_sdk.materials_managers.base import CryptoMaterialsManager
@@ -461,10 +476,8 @@ def _prep_message(self):
 
     def _write_header(self):
         """Builds the message header and writes it to the output stream."""
-        self.output_buffer += aws_encryption_sdk.internal.formatting.serialize.serialize_header(
-            header=self._header, signer=self.signer
-        )
-        self.output_buffer += aws_encryption_sdk.internal.formatting.serialize.serialize_header_auth(
+        self.output_buffer += serialize_header(header=self._header, signer=self.signer)
+        self.output_buffer += serialize_header_auth(
             algorithm=self._encryption_materials.algorithm,
             header=self.output_buffer,
             data_encryption_key=self._derived_data_key,
@@ -476,7 +489,7 @@ def _prep_non_framed(self):
         aad_content_string = aws_encryption_sdk.internal.utils.get_aad_content_string(
             content_type=self.content_type, is_final_frame=True
         )
-        associated_data = aws_encryption_sdk.internal.formatting.encryption_context.assemble_content_aad(
+        associated_data = assemble_content_aad(
             message_id=self._header.message_id,
             aad_content_string=aad_content_string,
             seq_num=1,
@@ -488,7 +501,7 @@ def _prep_non_framed(self):
             associated_data=associated_data,
             iv=non_framed_body_iv(self._encryption_materials.algorithm),
         )
-        self.output_buffer += aws_encryption_sdk.internal.formatting.serialize.serialize_non_framed_open(
+        self.output_buffer += serialize_non_framed_open(
             algorithm=self._encryption_materials.algorithm,
             iv=self.encryptor.iv,
             plaintext_length=self.stream_length,
@@ -521,12 +534,10 @@ def _read_bytes_to_non_framed_body(self, b):
             if self.signer is not None:
                 self.signer.update(closing)
 
-            closing += aws_encryption_sdk.internal.formatting.serialize.serialize_non_framed_close(
-                tag=self.encryptor.tag, signer=self.signer
-            )
+            closing += serialize_non_framed_close(tag=self.encryptor.tag, signer=self.signer)
 
             if self.signer is not None:
-                closing += aws_encryption_sdk.internal.formatting.serialize.serialize_footer(self.signer)
+                closing += serialize_footer(self.signer)
             return ciphertext + closing
 
         return ciphertext
@@ -575,7 +586,7 @@ def _read_bytes_to_framed_body(self, b):
                 self.sequence_number,
             )
             self._bytes_encrypted += bytes_in_frame
-            ciphertext, plaintext = aws_encryption_sdk.internal.formatting.serialize.serialize_frame(
+            ciphertext, plaintext = serialize_frame(
                 algorithm=self._encryption_materials.algorithm,
                 plaintext=plaintext,
                 message_id=self._header.message_id,
@@ -592,7 +603,7 @@ def _read_bytes_to_framed_body(self, b):
         if finalize:
             _LOGGER.debug("Writing footer")
             if self.signer is not None:
-                output += aws_encryption_sdk.internal.formatting.serialize.serialize_footer(self.signer)
+                output += serialize_footer(self.signer)
             self.source_stream.close()
         return output
 
@@ -713,7 +724,7 @@ def _read_header(self):
             and aws_encryption_sdk.internal.structures.MessageHeaderAuthentication
         :raises CustomMaximumValueExceeded: if frame length is greater than the custom max value
         """
-        header, raw_header = aws_encryption_sdk.internal.formatting.deserialize.deserialize_header(self.source_stream)
+        header, raw_header = deserialize_header(self.source_stream)
         self.__unframed_bytes_read += len(raw_header)
 
         if (
@@ -742,15 +753,13 @@ def _read_header(self):
         if self.verifier is not None:
             self.verifier.update(raw_header)
 
-        header_auth = aws_encryption_sdk.internal.formatting.deserialize.deserialize_header_auth(
+        header_auth = deserialize_header_auth(
             stream=self.source_stream, algorithm=header.algorithm, verifier=self.verifier
         )
         self._derived_data_key = derive_data_encryption_key(
             source_key=decryption_materials.data_key.data_key, algorithm=header.algorithm, message_id=header.message_id
         )
-        aws_encryption_sdk.internal.formatting.deserialize.validate_header(
-            header=header, header_auth=header_auth, raw_header=raw_header, data_key=self._derived_data_key
-        )
+        validate_header(header=header, header_auth=header_auth, raw_header=raw_header, data_key=self._derived_data_key)
         return header, header_auth
 
     @property
@@ -767,7 +776,7 @@ def body_end(self):
 
     def _prep_non_framed(self):
         """Prepare the opening data for a non-framed message."""
-        self._unframed_body_iv, self.body_length = aws_encryption_sdk.internal.formatting.deserialize.deserialize_non_framed_values(  # noqa # pylint: disable=line-too-long
+        self._unframed_body_iv, self.body_length = deserialize_non_framed_values(
             stream=self.source_stream, header=self._header, verifier=self.verifier
         )
 
@@ -803,14 +812,12 @@ def _read_bytes_from_non_framed_body(self, b):
         if self.verifier is not None:
             self.verifier.update(ciphertext)
 
-        tag = aws_encryption_sdk.internal.formatting.deserialize.deserialize_tag(
-            stream=self.source_stream, header=self._header, verifier=self.verifier
-        )
+        tag = deserialize_tag(stream=self.source_stream, header=self._header, verifier=self.verifier)
 
         aad_content_string = aws_encryption_sdk.internal.utils.get_aad_content_string(
             content_type=self._header.content_type, is_final_frame=True
         )
-        associated_data = aws_encryption_sdk.internal.formatting.encryption_context.assemble_content_aad(
+        associated_data = assemble_content_aad(
             message_id=self._header.message_id,
             aad_content_string=aad_content_string,
             seq_num=1,
@@ -827,9 +834,7 @@ def _read_bytes_from_non_framed_body(self, b):
         plaintext = self.decryptor.update(ciphertext)
         plaintext += self.decryptor.finalize()
 
-        self.footer = aws_encryption_sdk.internal.formatting.deserialize.deserialize_footer(
-            stream=self.source_stream, verifier=self.verifier
-        )
+        self.footer = deserialize_footer(stream=self.source_stream, verifier=self.verifier)
         self.source_stream.close()
         return plaintext
 
@@ -845,7 +850,7 @@ def _read_bytes_from_framed_body(self, b):
         _LOGGER.debug("collecting %d bytes", b)
         while len(plaintext) < b and not final_frame:
             _LOGGER.debug("Reading frame")
-            frame_data, final_frame = aws_encryption_sdk.internal.formatting.deserialize.deserialize_frame(
+            frame_data, final_frame = deserialize_frame(
                 stream=self.source_stream, header=self._header, verifier=self.verifier
             )
             _LOGGER.debug("Read complete for frame %d", frame_data.sequence_number)
@@ -855,7 +860,7 @@ def _read_bytes_from_framed_body(self, b):
             aad_content_string = aws_encryption_sdk.internal.utils.get_aad_content_string(
                 content_type=self._header.content_type, is_final_frame=frame_data.final_frame
             )
-            associated_data = aws_encryption_sdk.internal.formatting.encryption_context.assemble_content_aad(
+            associated_data = assemble_content_aad(
                 message_id=self._header.message_id,
                 aad_content_string=aad_content_string,
                 seq_num=frame_data.sequence_number,
@@ -871,9 +876,7 @@ def _read_bytes_from_framed_body(self, b):
             _LOGGER.debug("bytes collected: %d", plaintext_length)
         if final_frame:
             _LOGGER.debug("Reading footer")
-            self.footer = aws_encryption_sdk.internal.formatting.deserialize.deserialize_footer(
-                stream=self.source_stream, verifier=self.verifier
-            )
+            self.footer = deserialize_footer(stream=self.source_stream, verifier=self.verifier)
             self.source_stream.close()
         return plaintext
 

test/unit/test_streaming_client_stream_decryptor.py

@@ -48,34 +48,24 @@ def setUp(self):
         self.mock_input_stream.tell.side_effect = (0, 500)
 
         # Set up deserialize_header patch
-        self.mock_deserialize_header_patcher = patch(
-            "aws_encryption_sdk.streaming_client.aws_encryption_sdk.internal.formatting.deserialize.deserialize_header"
-        )
+        self.mock_deserialize_header_patcher = patch("aws_encryption_sdk.streaming_client.deserialize_header")
         self.mock_deserialize_header = self.mock_deserialize_header_patcher.start()
         self.mock_deserialize_header.return_value = self.mock_header, self.mock_raw_header
         # Set up deserialize_header_auth patch
-        self.mock_deserialize_header_auth_patcher = patch(
-            "aws_encryption_sdk.streaming_client"
-            ".aws_encryption_sdk.internal.formatting.deserialize.deserialize_header_auth"
-        )
+        self.mock_deserialize_header_auth_patcher = patch("aws_encryption_sdk.streaming_client.deserialize_header_auth")
         self.mock_deserialize_header_auth = self.mock_deserialize_header_auth_patcher.start()
         self.mock_deserialize_header_auth.return_value = sentinel.header_auth
         # Set up validate_header patch
-        self.mock_validate_header_patcher = patch(
-            "aws_encryption_sdk.streaming_client.aws_encryption_sdk.internal.formatting.deserialize.validate_header"
-        )
+        self.mock_validate_header_patcher = patch("aws_encryption_sdk.streaming_client.validate_header")
         self.mock_validate_header = self.mock_validate_header_patcher.start()
         # Set up deserialize_non_framed_values patch
         self.mock_deserialize_non_framed_values_patcher = patch(
-            "aws_encryption_sdk.streaming_client"
-            ".aws_encryption_sdk.internal.formatting.deserialize.deserialize_non_framed_values"
+            "aws_encryption_sdk.streaming_client.deserialize_non_framed_values"
         )
         self.mock_deserialize_non_framed_values = self.mock_deserialize_non_framed_values_patcher.start()
         self.mock_deserialize_non_framed_values.return_value = (sentinel.iv, len(VALUES["data_128"]))
         # Set up deserialize_tag_value patch
-        self.mock_deserialize_tag_patcher = patch(
-            "aws_encryption_sdk.streaming_client" ".aws_encryption_sdk.internal.formatting.deserialize.deserialize_tag"
-        )
+        self.mock_deserialize_tag_patcher = patch("aws_encryption_sdk.streaming_client.deserialize_tag")
         self.mock_deserialize_tag = self.mock_deserialize_tag_patcher.start()
         self.mock_deserialize_tag.return_value = sentinel.tag
         # Set up get_aad_content_string patch
@@ -85,32 +75,19 @@ def setUp(self):
         self.mock_get_aad_content_string = self.mock_get_aad_content_string_patcher.start()
         self.mock_get_aad_content_string.return_value = sentinel.aad_content_string
         # Set up assemble_content_aad patch
-        self.mock_assemble_content_aad_patcher = patch(
-            "aws_encryption_sdk.streaming_client"
-            ".aws_encryption_sdk.internal.formatting.encryption_context.assemble_content_aad"
-        )
+        self.mock_assemble_content_aad_patcher = patch("aws_encryption_sdk.streaming_client.assemble_content_aad")
         self.mock_assemble_content_aad = self.mock_assemble_content_aad_patcher.start()
         self.mock_assemble_content_aad.return_value = sentinel.associated_data
         # Set up Decryptor patch
         self.mock_decryptor_patcher = patch("aws_encryption_sdk.streaming_client.Decryptor")
         self.mock_decryptor = self.mock_decryptor_patcher.start()
         self.mock_decryptor_instance = MagicMock()
         self.mock_decryptor.return_value = self.mock_decryptor_instance
-        # Set up update_verifier_with_tag patch
-        self.mock_update_verifier_with_tag_patcher = patch(
-            "aws_encryption_sdk.streaming_client"
-            ".aws_encryption_sdk.internal.formatting.deserialize.update_verifier_with_tag"
-        )
-        self.mock_update_verifier_with_tag = self.mock_update_verifier_with_tag_patcher.start()
         # Set up deserialize_footer patch
-        self.mock_deserialize_footer_patcher = patch(
-            "aws_encryption_sdk.streaming_client.aws_encryption_sdk.internal.formatting.deserialize.deserialize_footer"
-        )
+        self.mock_deserialize_footer_patcher = patch("aws_encryption_sdk.streaming_client.deserialize_footer")
         self.mock_deserialize_footer = self.mock_deserialize_footer_patcher.start()
         # Set up deserialize_frame patch
-        self.mock_deserialize_frame_patcher = patch(
-            "aws_encryption_sdk.streaming_client.aws_encryption_sdk.internal.formatting.deserialize.deserialize_frame"
-        )
+        self.mock_deserialize_frame_patcher = patch("aws_encryption_sdk.streaming_client.deserialize_frame")
         self.mock_deserialize_frame = self.mock_deserialize_frame_patcher.start()
         # Set up decrypt patch
         self.mock_decrypt_patcher = patch("aws_encryption_sdk.streaming_client.decrypt")
@@ -125,7 +102,6 @@ def tearDown(self):
         self.mock_get_aad_content_string_patcher.stop()
         self.mock_assemble_content_aad_patcher.stop()
         self.mock_decryptor_patcher.stop()
-        self.mock_update_verifier_with_tag_patcher.stop()
         self.mock_deserialize_footer_patcher.stop()
         self.mock_deserialize_frame_patcher.stop()
         self.mock_decrypt_patcher.stop()

test/unit/test_streaming_client_stream_encryptor.py

@@ -107,14 +107,10 @@ def setUp(self):
         self.mock_data_encryption_key = VALUES["data_key_obj"]
         self.mock_prepare_data_keys.return_value = (self.mock_data_encryption_key, self.mock_encrypted_data_keys)
         # Set up serialize_header patch
-        self.mock_serialize_header_patcher = patch(
-            "aws_encryption_sdk.streaming_client.aws_encryption_sdk.internal.formatting.serialize.serialize_header"
-        )
+        self.mock_serialize_header_patcher = patch("aws_encryption_sdk.streaming_client.serialize_header")
         self.mock_serialize_header = self.mock_serialize_header_patcher.start()
         # Set up serialize_header_auth patch
-        self.mock_serialize_header_auth_patcher = patch(
-            "aws_encryption_sdk.streaming_client.aws_encryption_sdk.internal.formatting.serialize.serialize_header_auth"
-        )
+        self.mock_serialize_header_auth_patcher = patch("aws_encryption_sdk.streaming_client.serialize_header_auth")
         self.mock_serialize_header_auth = self.mock_serialize_header_auth_patcher.start()
         # Set up get_aad_content_string patch
         self.mock_get_aad_content_string_patcher = patch(
@@ -123,10 +119,7 @@ def setUp(self):
         self.mock_get_aad_content_string = self.mock_get_aad_content_string_patcher.start()
         self.mock_get_aad_content_string.return_value = sentinel.aad_content_string
         # Set up assemble_content_aad patch
-        self.mock_assemble_content_aad_patcher = patch(
-            "aws_encryption_sdk.streaming_client"
-            ".aws_encryption_sdk.internal.formatting.encryption_context.assemble_content_aad"
-        )
+        self.mock_assemble_content_aad_patcher = patch("aws_encryption_sdk.streaming_client.assemble_content_aad")
         self.mock_assemble_content_aad = self.mock_assemble_content_aad_patcher.start()
         self.mock_assemble_content_aad.return_value = sentinel.associated_data
         # Set up encryptor patch
@@ -137,25 +130,19 @@ def setUp(self):
         self.mock_encryptor.return_value = self.mock_encryptor_instance
         # Set up serialize_non_framed_open patch
         self.mock_serialize_non_framed_open_patcher = patch(
-            "aws_encryption_sdk.streaming_client"
-            ".aws_encryption_sdk.internal.formatting.serialize.serialize_non_framed_open"
+            "aws_encryption_sdk.streaming_client.serialize_non_framed_open"
         )
         self.mock_serialize_non_framed_open = self.mock_serialize_non_framed_open_patcher.start()
         # Set up serialize_non_framed_close patch
         self.mock_serialize_non_framed_close_patcher = patch(
-            "aws_encryption_sdk.streaming_client"
-            ".aws_encryption_sdk.internal.formatting.serialize.serialize_non_framed_close"
+            "aws_encryption_sdk.streaming_client.serialize_non_framed_close"
         )
         self.mock_serialize_non_framed_close = self.mock_serialize_non_framed_close_patcher.start()
         # Set up serialize_footer patch
-        self.mock_serialize_footer_patcher = patch(
-            "aws_encryption_sdk.streaming_client.aws_encryption_sdk.internal.formatting.serialize.serialize_footer"
-        )
+        self.mock_serialize_footer_patcher = patch("aws_encryption_sdk.streaming_client.serialize_footer")
         self.mock_serialize_footer = self.mock_serialize_footer_patcher.start()
         # Set up serialize_frame patch
-        self.mock_serialize_frame_patcher = patch(
-            "aws_encryption_sdk.streaming_client.aws_encryption_sdk.internal.formatting.serialize.serialize_frame"
-        )
+        self.mock_serialize_frame_patcher = patch("aws_encryption_sdk.streaming_client.serialize_frame")
         self.mock_serialize_frame = self.mock_serialize_frame_patcher.start()
 
     def tearDown(self):