aws_encryption_sdk.internal.crypto.wrapping_keys¶
Contains wrapping key primitives.
Classes
WrappingKey (wrapping_algorithm, …[, password]) |
Creates a wrapping encryption key object to encrypt and decrypt data keys. |
-
class
aws_encryption_sdk.internal.crypto.wrapping_keys.
WrappingKey
(wrapping_algorithm, wrapping_key, wrapping_key_type, password=None)¶ Bases:
object
Creates a wrapping encryption key object to encrypt and decrypt data keys.
For use inside
aws_encryption_sdk.key_providers.raw.RawMasterKeyProvider
objects.Parameters: - wrapping_algorithm (aws_encryption_sdk.identifiers.WrappingAlgorithm) – Wrapping Algorithm with which to wrap plaintext_data_key
- wrapping_key (bytes) – Encryption key with which to wrap plaintext_data_key
- wrapping_key_type (aws_encryption_sdk.identifiers.EncryptionKeyType) – Type of encryption key with which to wrap plaintext_data_key
- password (bytes) – Password to decrypt wrapping_key (optional, currently only relevant for RSA)
Prepares initial values.
-
decrypt
(encrypted_wrapped_data_key, encryption_context)¶ Decrypts a wrapped, encrypted, data key.
Parameters: - encrypted_wrapped_data_key (aws_encryption_sdk.internal.structures.EncryptedData) – Encrypted, wrapped, data key
- encryption_context (dict) – Encryption context to use in decryption
Returns: Plaintext of data key
Return type:
-
encrypt
(plaintext_data_key, encryption_context)¶ Encrypts a data key using a direct wrapping key.
Parameters: Returns: Deserialized object containing encrypted key
Return type: