End-to-end test using AWS CLI

#!/usr/bin/env bash

echo "Configure your AWS with your credentials"

# If your system already has this configured, you can comment this line below
aws configure

# Configure the plain text that you want to cipher and the KeyID that you want
plaintext="Hello, this is a secret message!"
keyID="87057259-0b6e-46a3-9a6e-381513c7e2ad"

# AWS CLI wants to work with base64 format data
bintext=$(echo -n "$plaintext" | base64)

echo "This is the plain text"
echo $plaintext
echo "This is the bin of plain text that will be used in test"
echo $bintext
echo "This is the KeyId"
echo $keyID

# AWS CLI wants to work with base64 format data
ciphertext=$(aws kms encrypt --key-id $keyID --plaintext $bintext --output text --query CiphertextBlob)

echo "This is the cypher text (in base64 format)"
echo "$ciphertext" > ciphertext.txt
echo $(cat ciphertext.txt)

decrypted=$(aws kms decrypt --ciphertext-blob $ciphertext --output text --query Plaintext)

# Get back data to text format
echo "$decrypted" | base64 --decode > decryptResponse.txt

echo "This is the result of encrypting and decrypting"
result=$(cat decryptResponse.txt)
echo $result

if [[ "$plaintext" == "$result" ]]; then
  echo "Encrypt and Decrypt was Succeed"
else
  echo "Failed to validate Encrypt and Decrypt"
fi