aws_encryption_sdk.internal.utils

Helper utility functions for AWS Encryption SDK.

Functions

content_type(frame_length)

Returns the appropriate content type based on the frame length.

exactly_one_arg_is_not_none(*args)

Helper function for internal ESDK logic.

get_aad_content_string(content_type, ...)

Prepares the appropriate Body AAD Value for a message body.

message_id(size)

Generates a new message ID.

prep_stream_data(data)

Take an input and prepare it for use as a stream.

prepare_data_keys(primary_master_key, ...)

Prepares a DataKey to be used for encrypting message and list of EncryptedDataKey objects to be serialized into header.

source_data_key_length_check(...)

Validates that the supplied source_data_key's data_key is the correct length for the supplied algorithm's kdf_input_len value.

validate_frame_length(frame_length, algorithm)

Validates that frame length is within the defined limits and is compatible with the selected algorithm.

aws_encryption_sdk.internal.utils.content_type(frame_length)

Returns the appropriate content type based on the frame length.

Parameters

frame_length (int) – Message frame length

Returns

Appropriate content type based on frame length

Return type

aws_encryption_sdk.identifiers.ContentType

aws_encryption_sdk.internal.utils.validate_frame_length(frame_length, algorithm)

Validates that frame length is within the defined limits and is compatible with the selected algorithm.

Parameters
  • frame_length (int) – Frame size in bytes

  • algorithm (aws_encryption_sdk.identifiers.Algorithm) – Algorithm to use for encryption

Raises
aws_encryption_sdk.internal.utils.message_id(size)

Generates a new message ID.

Parameters

size (int) – The size of the message id to generate, in bytes

Returns

Message ID

Return type

bytes

aws_encryption_sdk.internal.utils.get_aad_content_string(content_type, is_final_frame)

Prepares the appropriate Body AAD Value for a message body.

Parameters
Returns

Appropriate AAD Content String

Return type

bytes

Raises

UnknownIdentityError – if unknown content type

aws_encryption_sdk.internal.utils.prepare_data_keys(primary_master_key, master_keys, algorithm, encryption_context)

Prepares a DataKey to be used for encrypting message and list of EncryptedDataKey objects to be serialized into header.

Parameters
Return type

tuple containing aws_encryption_sdk.structures.DataKey and set of aws_encryption_sdk.structures.EncryptedDataKey

aws_encryption_sdk.internal.utils.prep_stream_data(data)

Take an input and prepare it for use as a stream.

Parameters

data – Input data

Returns

Prepared stream

Return type

InsistentReaderBytesIO

aws_encryption_sdk.internal.utils.source_data_key_length_check(source_data_key, algorithm)

Validates that the supplied source_data_key’s data_key is the correct length for the supplied algorithm’s kdf_input_len value.

Parameters
Raises

InvalidDataKeyError – if data key length does not match required kdf input length

aws_encryption_sdk.internal.utils.exactly_one_arg_is_not_none(*args)

Helper function for internal ESDK logic. Returns True if exactly one item in the provided arguments is not None. Returns False otherwise.

Parameters

args – Input arguments to check

Returns

True if exactly one item in the provided arguments is not None; False otherwise