aws_encryption_sdk.internal.formatting.deserialize¶
Components for handling AWS Encryption SDK message deserialization.
Functions
deserialize_footer(stream[, verifier]) |
Deserializes a footer. |
deserialize_frame(stream, header[, verifier]) |
Deserializes a frame from a body. |
deserialize_header(stream) |
Deserializes the header from a source stream |
deserialize_header_auth(stream, algorithm[, …]) |
Deserializes a MessageHeaderAuthentication object from a source stream. |
deserialize_non_framed_values(stream, header) |
Deserializes the IV and body length from a non-framed stream. |
deserialize_tag(stream, header[, verifier]) |
Deserialize the Tag value from a non-framed stream. |
deserialize_wrapped_key(wrapping_algorithm, …) |
Extracts and deserializes EncryptedData from a Wrapped EncryptedDataKey. |
unpack_values(format_string, stream[, verifier]) |
Helper function to unpack struct data from a stream and update the signature verifier. |
validate_header(header, header_auth, …) |
Validates the header using the header authentication data. |
Deserializes a footer.
Parameters: - stream (io.BytesIO) – Source data stream
- verifier (aws_encryption_sdk.internal.crypto.Verifier) – Signature verifier object (optional)
Returns: Deserialized footer
Return type: Raises: SerializationError – if verifier supplied and no footer found
-
aws_encryption_sdk.internal.formatting.deserialize.deserialize_frame(stream, header, verifier=None)¶ Deserializes a frame from a body.
Parameters: - stream (io.BytesIO) – Source data stream
- header (aws_encryption_sdk.structures.MessageHeader) – Deserialized header
- verifier (aws_encryption_sdk.internal.crypto.Verifier) – Signature verifier object (optional)
Returns: Deserialized frame and a boolean stating if this is the final frame
Return type: aws_encryption_sdk.internal.structures.MessageFrameBodyand bool
-
aws_encryption_sdk.internal.formatting.deserialize.deserialize_header(stream)¶ Deserializes the header from a source stream
Parameters: stream (io.BytesIO) – Source data stream
Returns: Deserialized MessageHeader object
Return type: Raises: - NotSupportedError – if unsupported data types are found
- UnknownIdentityError – if unknown data types are found
- SerializationError – if IV length does not match algorithm
-
aws_encryption_sdk.internal.formatting.deserialize.deserialize_header_auth(stream, algorithm, verifier=None)¶ Deserializes a MessageHeaderAuthentication object from a source stream.
Parameters: - stream (io.BytesIO) – Source data stream
- algorithm – The AlgorithmSuite object type contained in the header
- verifier (aws_encryption_sdk.internal.crypto.Verifier) – Signature verifier object (optional)
Returns: Deserialized MessageHeaderAuthentication object
Return type: aws_encryption_sdk.internal.structures.MessageHeaderAuthentication
-
aws_encryption_sdk.internal.formatting.deserialize.deserialize_non_framed_values(stream, header, verifier=None)¶ Deserializes the IV and body length from a non-framed stream.
Parameters: - stream (io.BytesIO) – Source data stream
- header (aws_encryption_sdk.structures.MessageHeader) – Deserialized header
- verifier (aws_encryption_sdk.internal.crypto.Verifier) – Signature verifier object (optional)
Returns: IV and Data Length values for body
Return type: tuple of bytes and int
-
aws_encryption_sdk.internal.formatting.deserialize.deserialize_tag(stream, header, verifier=None)¶ Deserialize the Tag value from a non-framed stream.
Parameters: - stream (io.BytesIO) – Source data stream
- header (aws_encryption_sdk.structures.MessageHeader) – Deserialized header
- verifier (aws_encryption_sdk.internal.crypto.Verifier) – Signature verifier object (optional)
Returns: Tag value for body
Return type:
-
aws_encryption_sdk.internal.formatting.deserialize.deserialize_wrapped_key(wrapping_algorithm, wrapping_key_id, wrapped_encrypted_key)¶ Extracts and deserializes EncryptedData from a Wrapped EncryptedDataKey.
Parameters: - wrapping_algorithm (aws_encryption_sdk.identifiers.WrappingAlgorithm) – Wrapping Algorithm with which to wrap plaintext_data_key
- wrapping_key_id (bytes) – Key ID of wrapping MasterKey
- wrapped_encrypted_key (aws_encryption_sdk.structures.EncryptedDataKey) – Raw Wrapped EncryptedKey
Returns: EncryptedData of deserialized Wrapped EncryptedKey
Return type: Raises: - SerializationError – if wrapping_key_id does not match deserialized wrapping key id
- SerializationError – if wrapping_algorithm IV length does not match deserialized IV length
-
aws_encryption_sdk.internal.formatting.deserialize.unpack_values(format_string, stream, verifier=None)¶ Helper function to unpack struct data from a stream and update the signature verifier.
Parameters: - format_string (str) – Struct format string
- stream (io.BytesIO) – Source data stream
- verifier (aws_encryption_sdk.internal.crypto.Verifier) – Signature verifier object
Returns: Unpacked values
Return type:
-
aws_encryption_sdk.internal.formatting.deserialize.validate_header(header, header_auth, raw_header, data_key)¶ Validates the header using the header authentication data.
Parameters: - header (aws_encryption_sdk.structures.MessageHeader) – Deserialized header
- header_auth (aws_encryption_sdk.internal.structures.MessageHeaderAuthentication) – Deserialized header auth
- raw_header (bytes) – Raw header bytes
- data_key (bytes) – Data key with which to perform validation
Raises: SerializationError – if header authorization fails