aws_encryption_sdk.internal.utils¶
Helper utility functions for AWS Encryption SDK.
Functions
|
Returns the appropriate content type based on the frame length. |
|
|
|
Prepares the appropriate Body AAD Value for a message body. |
Generates a new message ID. |
|
|
Take an input and prepare it for use as a stream. |
|
Prepares a DataKey to be used for encrypting message and list of EncryptedDataKey objects to be serialized into header. |
Validates that the supplied source_data_key’s data_key is the correct length for the supplied algorithm’s kdf_input_len value. |
|
|
Validates that frame length is within the defined limits and is compatible with the selected algorithm. |
Classes
|
-
aws_encryption_sdk.internal.utils.
content_type
(frame_length)¶ Returns the appropriate content type based on the frame length.
- Parameters
frame_length (int) – Message frame length
- Returns
Appropriate content type based on frame length
- Return type
-
aws_encryption_sdk.internal.utils.
validate_frame_length
(frame_length, algorithm)¶ Validates that frame length is within the defined limits and is compatible with the selected algorithm.
- Parameters
frame_length (int) – Frame size in bytes
algorithm (aws_encryption_sdk.identifiers.Algorithm) – Algorithm to use for encryption
- Raises
SerializationError – if frame size is negative or not a multiple of the algorithm block size
SerializationError – if frame size is larger than the maximum allowed frame size
-
aws_encryption_sdk.internal.utils.
message_id
()¶ Generates a new message ID.
- Returns
Message ID
- Return type
-
aws_encryption_sdk.internal.utils.
get_aad_content_string
(content_type, is_final_frame)¶ Prepares the appropriate Body AAD Value for a message body.
- Parameters
content_type (aws_encryption_sdk.identifiers.ContentType) – Defines the type of content for which to prepare AAD String
is_final_frame (bool) – Boolean stating whether this is the final frame in a body
- Returns
Appropriate AAD Content String
- Return type
- Raises
UnknownIdentityError – if unknown content type
-
aws_encryption_sdk.internal.utils.
prepare_data_keys
(primary_master_key, master_keys, algorithm, encryption_context)¶ Prepares a DataKey to be used for encrypting message and list of EncryptedDataKey objects to be serialized into header.
- Parameters
primary_master_key (aws_encryption_sdk.key_providers.base.MasterKey) – Master key with which to generate the encryption data key
master_keys (list of
aws_encryption_sdk.key_providers.base.MasterKey
) – All master keys with which to encrypt data keysalgorithm (aws_encryption_sdk.identifiers.Algorithm) – Algorithm to use for encryption
encryption_context (dict) – Encryption context to use when generating data key
- Return type
tuple containing
aws_encryption_sdk.structures.DataKey
and set ofaws_encryption_sdk.structures.EncryptedDataKey
-
aws_encryption_sdk.internal.utils.
prep_stream_data
(data)¶ Take an input and prepare it for use as a stream.
- Parameters
data – Input data
- Returns
Prepared stream
- Return type
InsistentReaderBytesIO
-
aws_encryption_sdk.internal.utils.
source_data_key_length_check
(source_data_key, algorithm)¶ Validates that the supplied source_data_key’s data_key is the correct length for the supplied algorithm’s kdf_input_len value.
- Parameters
source_data_key (
aws_encryption_sdk.structures.RawDataKey
oraws_encryption_sdk.structures.DataKey
) – Source data key object received from MasterKey decrypt or generate data_key methodsalgorithm (aws_encryption_sdk.identifiers.Algorithm) – Algorithm object which directs how this data key will be used
- Raises
InvalidDataKeyError – if data key length does not match required kdf input length