aws_encryption_sdk.internal.crypto.authentication¶
Contains authentication primitives.
Classes
Signer (algorithm, key) |
Abstract signing handler. |
Verifier (algorithm, key) |
Abstract signature verification handler. |
-
class
aws_encryption_sdk.internal.crypto.authentication.
Signer
(algorithm, key)¶ Bases:
aws_encryption_sdk.internal.crypto.authentication._PrehashingAuthenticator
Abstract signing handler.
Parameters: - algorithm (aws_encryption_sdk.identifiers.Algorithm) – Algorithm on which to base signer
- key (currently only Elliptic Curve Private Keys are supported) – Private key from which a signer can be generated
Prepares initial values.
-
encoded_public_key
()¶ Returns the encoded public key.
Note
For ECC curves, this will return the encoded compressed public point.
Returns: Encoded public key from signer Return type: bytes
-
finalize
()¶ Finalizes the signer and returns the signature.
Returns: Calculated signer signature Return type: bytes
-
classmethod
from_key_bytes
(algorithm, key_bytes)¶ Builds a Signer from an algorithm suite and a raw signing key.
Parameters: - algorithm (aws_encryption_sdk.identifiers.Algorithm) – Algorithm on which to base signer
- key_bytes (bytes) – Raw signing key
Return type: aws_encryption_sdk.internal.crypto.Signer
-
class
aws_encryption_sdk.internal.crypto.authentication.
Verifier
(algorithm, key)¶ Bases:
aws_encryption_sdk.internal.crypto.authentication._PrehashingAuthenticator
Abstract signature verification handler.
Note
For ECC curves, the signature must be DER encoded as specified in RFC 3279.
Parameters: - algorithm (aws_encryption_sdk.identifiers.Algorithm) – Algorithm on which to base verifier
- public_key (may vary) – Appropriate public key object for algorithm
Prepares initial values.
-
classmethod
from_encoded_point
(algorithm, encoded_point)¶ Creates a Verifier object based on the supplied algorithm and encoded compressed ECC curve point.
Parameters: - algorithm (aws_encryption_sdk.identifiers.Algorithm) – Algorithm on which to base verifier
- encoded_point (bytes) – ECC public point compressed and encoded with _ecc_encode_compressed_point
Returns: Instance of Verifier generated from encoded point
Return type: aws_encryption_sdk.internal.crypto.Verifier
-
classmethod
from_key_bytes
(algorithm, key_bytes)¶ Creates a Verifier object based on the supplied algorithm and raw verification key.
Parameters: - algorithm (aws_encryption_sdk.identifiers.Algorithm) – Algorithm on which to base verifier
- encoded_point (bytes) – Raw verification key
Returns: Instance of Verifier generated from encoded point
Return type: aws_encryption_sdk.internal.crypto.Verifier