we only need to care about Python 3.6 for the decrypt oracle

* remove import safeguards to allow 3.5.0 and 3.5.1 to not fail
* convert from comment-style typehints to inline

Author: mattsb42-aws

.travis.yml

@@ -206,33 +206,12 @@ matrix:
     ##################
     # Decrypt Oracle #
     ##################
-    # CPython 2.7
-    - python: 2.7
-      env:
-        DECRYPT_ORACLE=1
-        TOXENV=py27-local
-    # CPython 3.4
-    - python: 3.4
-      env:
-        DECRYPT_ORACLE=1
-        TOXENV=py34-local
-    # CPython 3.5
-    - python: 3.5
-      env:
-        DECRYPT_ORACLE=1
-        TOXENV=py35-local
     # CPython 3.6
+    # Because this build as Python 3.6 Lambda, this is the only runtime we are targetting.
     - python: 3.6
       env:
         DECRYPT_ORACLE=1
         TOXENV=py36-local
-    # CPython 3.7
-    - python: 3.7
-      env:
-        DECRYPT_ORACLE=1
-        TOXENV=py37-local
-      dist: xenial
-      sudo: true
     # Linters
     - python: 3.6
       env:

decrypt_oracle/setup.cfg

@@ -39,4 +39,4 @@ force_grid_wrap = 0
 combine_as_imports = True
 not_skip = __init__.py
 known_first_party = aws_encryption_sdk_decryption_oracle
-known_third_party =aws_encryption_sdk,aws_encryption_sdk_decryption_oracle,chalice,pytest,requests,setuptools
+known_third_party =aws_encryption_sdk,aws_encryption_sdk_decrypt_oracle,aws_encryption_sdk_decryption_oracle,chalice,pytest,requests,setuptools

decrypt_oracle/src/aws_encryption_sdk_decrypt_oracle/app.py

@@ -26,15 +26,8 @@
 APP = Chalice(app_name="aws-encryption-sdk-decrypt-oracle", debug=CHALICE_DEBUG)
 APP.log.setLevel(logging.DEBUG)
 
-try:  # Python 3.5.0 and 3.5.1 have incompatible typing modules
-    from typing import Dict, Text, NoReturn, Union  # noqa pylint: disable=unused-import
-except ImportError:  # pragma: no cover
-    # We only actually need these imports when running the mypy checks
-    pass
 
-
-def _master_key_provider():
-    # type: () -> KMSMasterKeyProvider
+def _master_key_provider() -> KMSMasterKeyProvider:
     """Build the V0 master key provider."""
     master_key_provider = KMSMasterKeyProvider()
     master_key_provider.add_master_key_provider(NullMasterKey())
@@ -43,8 +36,7 @@ def _master_key_provider():
 
 
 @APP.route("/v0/decrypt", methods=["POST"], content_types=["application/octet-stream"])
-def basic_decrypt():
-    # type: () -> Response
+def basic_decrypt() -> Response:
     """Basic decrypt handler for decrypt oracle v0.
 
     **Request**

decrypt_oracle/src/aws_encryption_sdk_decrypt_oracle/key_providers/counting.py

@@ -14,27 +14,22 @@
 Master key that generates deterministic data keys and decrypts a pre-defined
 encrypted data key value to that deterministic data keys.
 """
+from typing import Dict, NoReturn, Text
+
 from aws_encryption_sdk.exceptions import DecryptKeyError
-from aws_encryption_sdk.identifiers import AlgorithmSuite  # noqa pylint: disable=unused-import
+from aws_encryption_sdk.identifiers import AlgorithmSuite
 from aws_encryption_sdk.key_providers.base import MasterKey, MasterKeyConfig
-from aws_encryption_sdk.structures import EncryptedDataKey  # noqa pylint: disable=unused-import
+from aws_encryption_sdk.structures import EncryptedDataKey
 from aws_encryption_sdk.structures import DataKey
 
-try:  # Python 3.5.0 and 3.5.1 have incompatible typing modules
-    from typing import Dict, Text, NoReturn  # noqa pylint: disable=unused-import
-except ImportError:  # pragma: no cover
-    # We only actually need these imports when running the mypy checks
-    pass
-
 
 class CountingMasterKeyConfig(MasterKeyConfig):
     # pylint: disable=too-few-public-methods
     """Passthrough master key configuration to set the key id to "test_counting_prov_info"."""
 
     provider_id = "test_counting"
 
-    def __init__(self):
-        # type: () -> None
+    def __init__(self) -> None:
         """Set the key id to "test_counting_prov_info"."""
         super(CountingMasterKeyConfig, self).__init__(key_id=b"test_counting_prov_info")
 
@@ -51,8 +46,7 @@ class CountingMasterKey(MasterKey):
     _config_class = CountingMasterKeyConfig
     _encrypted_data_key = b"\x40\x41\x42\x43\x44"
 
-    def _generate_data_key(self, algorithm, encryption_context):
-        # type: (AlgorithmSuite, Dict[Text, Text]) -> DataKey
+    def _generate_data_key(self, algorithm: AlgorithmSuite, encryption_context: Dict[Text, Text]) -> DataKey:
         """Perform the provider-specific data key generation task.
 
         :param algorithm: Algorithm on which to base data key
@@ -64,8 +58,9 @@ def _generate_data_key(self, algorithm, encryption_context):
         data_key = b"".join([chr(i).encode("utf-8") for i in range(1, algorithm.data_key_len + 1)])
         return DataKey(key_provider=self.key_provider, data_key=data_key, encrypted_data_key=self._encrypted_data_key)
 
-    def _encrypt_data_key(self, data_key, algorithm, encryption_context):
-        # type: (DataKey, AlgorithmSuite,  Dict[Text, Text]) -> NoReturn
+    def _encrypt_data_key(
+        self, data_key: DataKey, algorithm: AlgorithmSuite, encryption_context: Dict[Text, Text]
+    ) -> NoReturn:
         """Encrypt a data key and return the ciphertext.
 
         :param data_key: Unencrypted data key
@@ -78,8 +73,9 @@ def _encrypt_data_key(self, data_key, algorithm, encryption_context):
         """
         raise NotImplementedError("CountingMasterKey does not support encrypt_data_key")
 
-    def _decrypt_data_key(self, encrypted_data_key, algorithm, encryption_context):
-        # type: (EncryptedDataKey, AlgorithmSuite, Dict[Text, Text]) -> DataKey
+    def _decrypt_data_key(
+        self, encrypted_data_key: EncryptedDataKey, algorithm: AlgorithmSuite, encryption_context: Dict[Text, Text]
+    ) -> DataKey:
         """Decrypt an encrypted data key and return the plaintext.
 
         :param data_key: Encrypted data key

decrypt_oracle/src/aws_encryption_sdk_decrypt_oracle/key_providers/null.py

@@ -11,26 +11,21 @@
 # ANY KIND, either express or implied. See the License for the specific
 # language governing permissions and limitations under the License.
 """Master key that provides null data keys."""
-from aws_encryption_sdk.identifiers import AlgorithmSuite  # noqa pylint: disable=unused-import
+from typing import Dict, NoReturn, Text
+
+from aws_encryption_sdk.identifiers import AlgorithmSuite
 from aws_encryption_sdk.key_providers.base import MasterKey, MasterKeyConfig
-from aws_encryption_sdk.structures import EncryptedDataKey  # noqa pylint: disable=unused-import
+from aws_encryption_sdk.structures import EncryptedDataKey
 from aws_encryption_sdk.structures import DataKey
 
-try:  # Python 3.5.0 and 3.5.1 have incompatible typing modules
-    from typing import Dict, Text, NoReturn  # noqa pylint: disable=unused-import
-except ImportError:  # pragma: no cover
-    # We only actually need these imports when running the mypy checks
-    pass
-
 
 class NullMasterKeyConfig(MasterKeyConfig):
     # pylint: disable=too-few-public-methods
     """Passthrough master key configuration to set the key id to "null"."""
 
     provider_id = "null"
 
-    def __init__(self):
-        # type: () -> None
+    def __init__(self) -> None:
         """Set the key id to "null"."""
         super(NullMasterKeyConfig, self).__init__(key_id=b"null")
 
@@ -43,8 +38,7 @@ class NullMasterKey(MasterKey):
     _allowed_provider_ids = (provider_id, "zero")
     _config_class = NullMasterKeyConfig
 
-    def owns_data_key(self, data_key):
-        # type: (DataKey) -> bool
+    def owns_data_key(self, data_key: DataKey) -> bool:
         """Determine whether the data key is owned by a ``null`` or ``zero`` provider.
 
         :param data_key: Data key to evaluate
@@ -57,8 +51,7 @@ def owns_data_key(self, data_key):
         return data_key.key_provider.provider_id in self._allowed_provider_ids
 
     @staticmethod
-    def _null_plaintext_data_key(algorithm):
-        # type: (AlgorithmSuite) -> bytes
+    def _null_plaintext_data_key(algorithm: AlgorithmSuite) -> bytes:
         """Build the null data key of the correct length for the requested algorithm suite.
 
         :param algorithm: Algorithm on which to base data key
@@ -68,8 +61,7 @@ def _null_plaintext_data_key(algorithm):
         """
         return b"\x00" * algorithm.data_key_len
 
-    def _generate_data_key(self, algorithm, encryption_context):
-        # type: (AlgorithmSuite, Dict[Text, Text]) -> DataKey
+    def _generate_data_key(self, algorithm: AlgorithmSuite, encryption_context: Dict[Text, Text]) -> DataKey:
         """NullMasterKey does not support generate_data_key
 
         :param algorithm: Algorithm on which to base data key
@@ -81,8 +73,9 @@ def _generate_data_key(self, algorithm, encryption_context):
             key_provider=self.key_provider, data_key=self._null_plaintext_data_key(algorithm), encrypted_data_key=b""
         )
 
-    def _encrypt_data_key(self, data_key, algorithm, encryption_context):
-        # type: (DataKey, AlgorithmSuite,  Dict[Text, Text]) -> NoReturn
+    def _encrypt_data_key(
+        self, data_key: DataKey, algorithm: AlgorithmSuite, encryption_context: Dict[Text, Text]
+    ) -> NoReturn:
         """NullMasterKey does not support encrypt_data_key
 
         :param data_key: Unencrypted data key
@@ -95,8 +88,9 @@ def _encrypt_data_key(self, data_key, algorithm, encryption_context):
         """
         raise NotImplementedError("NullMasterKey does not support encrypt_data_key")
 
-    def _decrypt_data_key(self, encrypted_data_key, algorithm, encryption_context):
-        # type: (EncryptedDataKey, AlgorithmSuite, Dict[Text, Text]) -> DataKey
+    def _decrypt_data_key(
+        self, encrypted_data_key: EncryptedDataKey, algorithm: AlgorithmSuite, encryption_context: Dict[Text, Text]
+    ) -> DataKey:
         """Decrypt an encrypted data key and return the plaintext.
 
         :param data_key: Encrypted data key

decrypt_oracle/test/integration/integration_test_utils.py

@@ -15,6 +15,7 @@
 import json
 import os
 from collections import namedtuple
+from typing import Any, Callable, Iterable, Optional, Text
 
 import pytest
 from aws_encryption_sdk.key_providers.kms import KMSMasterKeyProvider
@@ -27,7 +28,7 @@
 _ENDPOINT = None
 
 
-def decrypt_endpoint():
+def decrypt_endpoint() -> Text:
     """Build the API endpoint based on environment variables."""
     global _ENDPOINT  # pylint: disable=global-statement
 
@@ -51,7 +52,7 @@ def decrypt_endpoint():
     return _ENDPOINT
 
 
-def get_cmk_arn():
+def get_cmk_arn() -> Text:
     """Retrieve the target CMK ARN from environment variable."""
     try:
         arn = os.environ[AWS_KMS_KEY_ID]
@@ -68,7 +69,7 @@ def get_cmk_arn():
     raise ValueError("KMS CMK ARN provided for integration tests must be a key not an alias")
 
 
-def kms_master_key_provider(cache=True):
+def kms_master_key_provider(cache: Optional[bool] = True):
     """Build the expected KMS Master Key Provider based on environment variables."""
     global _KMS_MKP  # pylint: disable=global-statement
 
@@ -85,15 +86,15 @@ def kms_master_key_provider(cache=True):
     return _kms_master_key_provider
 
 
-def test_vectors_filename():
+def test_vectors_filename() -> Text:
     """Provide the absolute path to the test vectors file."""
     return os.path.join(HERE, "..", "vectors", "decrypt_vectors.json")
 
 
 TestVector = namedtuple("TestVector", ["plaintext", "ciphertext", "key_type", "algorithm_suite"])
 
 
-def all_test_vectors():
+def all_test_vectors() -> Iterable[Any]:
     """Collect and iterate through all test vectors."""
 
     with open(test_vectors_filename(), "r") as vectors_file:
@@ -114,7 +115,7 @@ def all_test_vectors():
         )
 
 
-def filtered_test_vectors(filter_function):
+def filtered_test_vectors(filter_function: Callable) -> Iterable[Any]:
     """Collect and iterate through all test vectors that pass the filter function."""
     for vector_param in all_test_vectors():
         if filter_function(vector_param.values[0]):

decrypt_oracle/test/test_n_generate_test_vectors.py

@@ -15,31 +15,24 @@
 import binascii
 import json
 import os
+from typing import Dict, Iterable, Text
 
 import aws_encryption_sdk
 import pytest
 from aws_encryption_sdk.key_providers.base import MasterKeyProvider
 from aws_encryption_sdk.key_providers.kms import KMSMasterKey
-
 from aws_encryption_sdk_decrypt_oracle.key_providers.counting import CountingMasterKey
 from aws_encryption_sdk_decrypt_oracle.key_providers.null import NullMasterKey
 
 from .integration.integration_test_utils import test_vectors_filename
 
-try:  # Python 3.5.0 and 3.5.1 have incompatible typing modules
-    from typing import Dict, Text, Iterable  # noqa pylint: disable=unused-import
-except ImportError:  # pragma: no cover
-    # We only actually need these imports when running the mypy checks
-    pass
-
 HERE = os.path.abspath(os.path.dirname(__file__))
 GENERATE_VECTORS = "AWS_ENCRYPTION_SDK_PYTHON_DECRYPT_ORACLE_GENERATE_TEST_VECTORS"
 PUBLIC_CMK = "arn:aws:kms:us-west-2:658956600833:alias/EncryptDecrypt"
 ENCRYPTION_CONTEXT = {"key1": "val1", "key2": "val2"}
 
 
-def _key_providers():
-    # type: () -> Iterable[MasterKeyProvider]
+def _key_providers() -> Iterable[MasterKeyProvider]:
     """Generate all master key providers for test vector generation.
     Each will be used independently.
     """
@@ -48,8 +41,7 @@ def _key_providers():
     yield KMSMasterKey(key_id=PUBLIC_CMK)
 
 
-def _generate_vectors(key_provider, plaintext):
-    # type: (MasterKeyProvider, bytes) -> Iterable[Dict[Text, Text]]
+def _generate_vectors(key_provider: MasterKeyProvider, plaintext: bytes) -> Iterable[Dict[Text, Text]]:
     """Generate all desired test vectors for a given key provider and plaintext."""
     for algorithm_suite in aws_encryption_sdk.Algorithm:
         ciphertext, _header = aws_encryption_sdk.encrypt(

decrypt_oracle/test/unit/key_providers/test_u_counting.py

@@ -13,7 +13,6 @@
 """Unit test for ``aws_encryption_sdk_decrypt_oracle.key_providers.counting``."""
 import aws_encryption_sdk
 import pytest
-
 from aws_encryption_sdk_decrypt_oracle.key_providers.counting import CountingMasterKey
 
 from ...integration.integration_test_utils import filtered_test_vectors

decrypt_oracle/test/unit/key_providers/test_u_null.py

@@ -13,7 +13,6 @@
 """Unit test for ``aws_encryption_sdk_decrypt_oracle.key_providers.null``."""
 import aws_encryption_sdk
 import pytest
-
 from aws_encryption_sdk_decrypt_oracle.key_providers.null import NullMasterKey
 
 from ...integration.integration_test_utils import filtered_test_vectors