Skip to content

Instantly share code, notes, and snippets.

Avatar
🍕
craving pizza

Ami Blonder fuzzyami

🍕
craving pizza
  • TLV
View GitHub Profile
@fuzzyami
fuzzyami / kms.py
Last active Nov 6, 2019
encrypt and decrypt with kms, boto3 and pyCrypto. Python2 compatible
View kms.py
#!/usr/bin/env python
import base64
from Crypto import Random
import boto3
from Crypto.Cipher import AES
PAD = lambda s: s + (32 - len(s) % 32) * ' '
@fuzzyami
fuzzyami / gist:f3a7231037166117a6fef9607960aee7
Last active Feb 4, 2022
golang encyrpt, decrypt key with kms
View gist:f3a7231037166117a6fef9607960aee7
/*
The code below shows how to encrypt and then decrypt some plaintext into a cyphertext using
KMS's Encrypt/Decrypt functions and secretbox (https://godoc.org/golang.org/x/crypto/nacl/secretbox).
The plaintext message is sealed into a secretbox using a key that is generated by kmsClient.GenerateDataKey().
Note that this procedure reuquires that a master key would *already exist in KMS* and that its arn/alias is specified.
The aws library assumes that the proper credentials can be found in the shared file (~/.aws/credentials)
and opts for the 'default' role.
Once sealed, the cyphertext is then unboxed, again by first getting the key from kms (kmsClient.Decrypt),