AWS Encryption SDK for .NET
The AWS Encryption SDK is available on NuGet and can referenced from an existing .csproj through typical ways.
Using the dotnet CLI:
dotnet add <your-project-name>.csproj package AWS.EncryptionSDKAlternatively, you may directly modify the .csproj and add the AWS Encryption SDK to PackageReference ItemGroup:
<PackageReference Include="AWS.EncryptionSDK" />The AWS Encryption SDK targets both .NET/.NET Core 3.1 and newer on all platforms, and .NET Framework 4.5.2 and newer on Windows only.
If you are using macOS then you must install OpenSSL 1.1,
and the OpenSSL 1.1 lib directory must be on the dynamic linker path at runtime.
Also, if using an M1-based Mac, you must install OpenSSL and the .NET SDK for x86-64.
Please refer to the wiki for detailed instructions.
To build, the AWS Encryption SDK requires the most up to date version of Dafny on your PATH.
The AWS Encryption SDK targets frameworks netstandard2.1 and net452.
Tests and test vectors target frameworks netcoreapp3.1 and net452.
In all cases, net452 and newer .NET Framework versions are only supported on Windows.
To build and test the AWS Encryption SDK, you must install the following .NET tools:
- .NET Core 3.1 or newer
- .NET Framework 4.5.2 or newer (if on Windows)
You will also need to ensure that you fetch all submodules using either git clone --recursive ... when cloning the repository or git submodule update --init on an existing clone.
To build all source files into one dll:
dotnet build
If you set up the AWS Encryption SDK to use the AWS KMS Keyring, the AWS Encryption SDK will make calls to AWS KMS on your behalf, using the appropriate AWS SDK.
However, you must first set up AWS credentials for use with the AWS SDK. Instructions for setting up AWS credentials are available in the AWS Docs for the AWS SDK for .NET..
To run the test suite you must first set up AWS credentials for use with the AWS SDK. This is required in order to run the integration tests, which use a KMS Keyring against a publically accessible KMS CMK.
Instructions for setting up AWS credentials are available in the AWS Docs for the AWS SDK for .NET.
Run the test suite with:
dotnet test
You can see more detail about what test cases are being run by increasing the verbosity:
dotnet test --logger:"console;verbosity=normal"
Run the test vector suite after set up with:
dotnet test TestVectors
Run tests on examples, to ensure they are up to date:
dotnet test Examples
Please note that tests and test vectors require internet access and valid AWS credentials, since calls to KMS are made as part of the test workflow.
See the TestVectorGenerator README.
From the Test/ directory, you can generate a coverage.cobertura.xml file containing code coverage results to the Test/TestResults/ directory with:
dotnet test --collect:"XPlat Code Coverage" --settings ../runsettings.xml
We use Coverlet for our code coverage. For a list of Coverlet commands/additional options, please see the following usage guide.
We use ReportGenerator to visualize code coverage.
Install ReportGenerator with:
dotnet new tool-manifest
dotnet tool install dotnet-reportgenerator-globaltool
From Source/, generate a human readable index.html file of our code coverage to Test/TestResults/ with:
dotnet reportgenerator
"-reports:../Test/TestResults/coverage.cobertura.xml"
"-targetdir:../Test/TestResults"
To view the code coverage report, open the index.html file in any browser.
This library is licensed under the Apache 2.0 License.