aws_encryption_sdk.internal.formatting.deserialize
Components for handling AWS Encryption SDK message deserialization.
Functions
|
Deserialize some encrypted data keys from a stream. |
|
Deserializes a footer. |
|
Deserializes a frame from a body. |
|
Deserializes the header from a source stream |
|
Deserializes a MessageHeaderAuthentication object from a source stream. |
|
Deserializes the IV and body length from a non-framed stream. |
|
Deserialize the Tag value from a non-framed stream. |
|
Extracts and deserializes EncryptedData from a Wrapped EncryptedDataKey. |
|
Helper function to unpack struct data from a stream and update the signature verifier. |
|
Validates the header using the header authentication data. |
- aws_encryption_sdk.internal.formatting.deserialize.validate_header(header, header_auth, raw_header, data_key)
Validates the header using the header authentication data.
- Parameters
header (aws_encryption_sdk.structures.MessageHeader) – Deserialized header
header_auth (aws_encryption_sdk.internal.structures.MessageHeaderAuthentication) – Deserialized header auth
raw_header (bytes) – Raw header bytes
data_key (bytes) – Data key with which to perform validation
- Raises
SerializationError – if header authorization fails
- aws_encryption_sdk.internal.formatting.deserialize.deserialize_encrypted_data_keys(stream: IO, max_encrypted_data_keys: Optional[int] = None) Set[EncryptedDataKey]
Deserialize some encrypted data keys from a stream.
- Parameters
stream – Stream from which to read encrypted data keys
max_encrypted_data_keys – Maximum number of encrypted data keys to deserialize
- Returns
Loaded encrypted data keys
- Return type
set of
EncryptedDataKey
- aws_encryption_sdk.internal.formatting.deserialize.deserialize_header(stream: IO, max_encrypted_data_keys: Optional[int] = None) MessageHeader
Deserializes the header from a source stream
- Parameters
stream (io.BytesIO) – Source data stream
max_encrypted_data_keys (None or positive int) – Maximum number of encrypted keys to deserialize
- Returns
Deserialized MessageHeader object
- Return type
- Raises
NotSupportedError – if unsupported data types are found
UnknownIdentityError – if unknown data types are found
SerializationError – if IV length does not match algorithm
- aws_encryption_sdk.internal.formatting.deserialize.deserialize_header_auth(version, stream, algorithm, verifier=None)
Deserializes a MessageHeaderAuthentication object from a source stream.
- Parameters
version (int) – The serialization version of the message
stream (io.BytesIO) – Source data stream
algorithm – The AlgorithmSuite object type contained in the header
verifier (aws_encryption_sdk.internal.crypto.Verifier) – Signature verifier object (optional)
- Returns
Deserialized MessageHeaderAuthentication object
- Return type
aws_encryption_sdk.internal.structures.MessageHeaderAuthentication
- aws_encryption_sdk.internal.formatting.deserialize.deserialize_non_framed_values(stream, header, verifier=None)
Deserializes the IV and body length from a non-framed stream.
- Parameters
stream (io.BytesIO) – Source data stream
header (aws_encryption_sdk.structures.MessageHeader) – Deserialized header
verifier (aws_encryption_sdk.internal.crypto.Verifier) – Signature verifier object (optional)
- Returns
IV and Data Length values for body
- Return type
tuple of bytes and int
- aws_encryption_sdk.internal.formatting.deserialize.deserialize_tag(stream, header, verifier=None)
Deserialize the Tag value from a non-framed stream.
- Parameters
stream (io.BytesIO) – Source data stream
header (aws_encryption_sdk.structures.MessageHeader) – Deserialized header
verifier (aws_encryption_sdk.internal.crypto.Verifier) – Signature verifier object (optional)
- Returns
Tag value for body
- Return type
- aws_encryption_sdk.internal.formatting.deserialize.deserialize_frame(stream, header, verifier=None)
Deserializes a frame from a body.
- Parameters
stream (io.BytesIO) – Source data stream
header (aws_encryption_sdk.structures.MessageHeader) – Deserialized header
verifier (aws_encryption_sdk.internal.crypto.Verifier) – Signature verifier object (optional)
- Returns
Deserialized frame and a boolean stating if this is the final frame
- Return type
aws_encryption_sdk.internal.structures.MessageFrameBody
and bool
Deserializes a footer.
- Parameters
stream (io.BytesIO) – Source data stream
verifier (aws_encryption_sdk.internal.crypto.Verifier) – Signature verifier object (optional)
- Returns
Deserialized footer
- Return type
- Raises
SerializationError – if verifier supplied and no footer found
- aws_encryption_sdk.internal.formatting.deserialize.unpack_values(format_string, stream, verifier=None)
Helper function to unpack struct data from a stream and update the signature verifier.
- Parameters
format_string (str) – Struct format string
stream (io.BytesIO) – Source data stream
verifier (aws_encryption_sdk.internal.crypto.Verifier) – Signature verifier object
- Returns
Unpacked values
- Return type
- aws_encryption_sdk.internal.formatting.deserialize.deserialize_wrapped_key(wrapping_algorithm, wrapping_key_id, wrapped_encrypted_key)
Extracts and deserializes EncryptedData from a Wrapped EncryptedDataKey.
- Parameters
wrapping_algorithm (aws_encryption_sdk.identifiers.WrappingAlgorithm) – Wrapping Algorithm with which to wrap plaintext_data_key
wrapping_key_id (bytes) – Key ID of wrapping MasterKey
wrapped_encrypted_key (aws_encryption_sdk.structures.EncryptedDataKey) – Raw Wrapped EncryptedKey
- Returns
EncryptedData of deserialized Wrapped EncryptedKey
- Return type
- Raises
SerializationError – if wrapping_key_id does not match deserialized wrapping key id
SerializationError – if wrapping_algorithm IV length does not match deserialized IV length