aws_encryption_sdk.key_providers.raw

Resources required for Raw Master Keys.

Classes

RawMasterKey Raw Master Key.
RawMasterKeyConfig(key_id, provider_id, …) Configuration object for RawMasterKey objects.
RawMasterKeyProvider Raw Master Key Provider.
class aws_encryption_sdk.key_providers.raw.RawMasterKey

Bases: aws_encryption_sdk.key_providers.base.MasterKey

Raw Master Key.

New in version 1.5.0: Master key providers are deprecated. Use aws_encryption_sdk.keyrings.raw.RawAESKeyring or aws_encryption_sdk.keyrings.raw.RawRSAKeyring instead.

Parameters:
  • config (aws_encryption_sdk.key_providers.raw.RawMasterKeyConfig) – Configuration object (config or individual parameters required)
  • key_id (bytes) – Key ID for Master Key
  • provider_id (str) – String defining provider ID
  • wrapping_key (aws_encryption_sdk.internal.crypto.WrappingKey) – Encryption key with which to wrap plaintext_data_key

Inject registration of the new Raw Master Key Provider into the creation of each instance.

Note

Overloaded here to allow definition of _key_info_prefix on instantiation.

owns_data_key(data_key)

Determines if data_key object is owned by this RawMasterKey.

Parameters:data_key (aws_encryption_sdk.structures.DataKey, aws_encryption_sdk.structures.RawDataKey, or aws_encryption_sdk.structures.EncryptedDataKey) – Data key to evaluate
Returns:Boolean statement of ownership
Return type:bool
class aws_encryption_sdk.key_providers.raw.RawMasterKeyConfig(key_id, provider_id, wrapping_key)

Bases: aws_encryption_sdk.key_providers.base.MasterKeyConfig

Configuration object for RawMasterKey objects.

Parameters:
  • key_id (bytes) – Key ID for Master Key
  • provider_id (str) – String defining provider ID
  • wrapping_key (aws_encryption_sdk.internal.crypto.WrappingKey) – Encryption key with which to wrap plaintext_data_key
class aws_encryption_sdk.key_providers.raw.RawMasterKeyProvider

Bases: aws_encryption_sdk.key_providers.base.MasterKeyProvider

Raw Master Key Provider.

New in version 1.5.0: Master key providers are deprecated. Use aws_encryption_sdk.keyrings.raw.RawAESKeyring or aws_encryption_sdk.keyrings.raw.RawRSAKeyring instead.

Parameters:config (aws_encryption_sdk.key_providers.base.MasterKeyProviderConfig) – Configuration object (optional)

Set key index and member set for all new instances here to avoid requiring child classes to call super init.