aws_encryption_sdk.internal.utils
Helper utility functions for AWS Encryption SDK.
Functions
|
Returns the appropriate content type based on the frame length. |
|
Helper function for internal ESDK logic. |
|
Prepares the appropriate Body AAD Value for a message body. |
|
Generates a new message ID. |
|
Take an input and prepare it for use as a stream. |
|
Prepares a DataKey to be used for encrypting message and list of EncryptedDataKey objects to be serialized into header. |
Validates that the supplied source_data_key's data_key is the correct length for the supplied algorithm's kdf_input_len value. |
|
|
Validates that frame length is within the defined limits and is compatible with the selected algorithm. |
- aws_encryption_sdk.internal.utils.content_type(frame_length)
Returns the appropriate content type based on the frame length.
- Parameters
frame_length (int) – Message frame length
- Returns
Appropriate content type based on frame length
- Return type
- aws_encryption_sdk.internal.utils.validate_frame_length(frame_length, algorithm)
Validates that frame length is within the defined limits and is compatible with the selected algorithm.
- Parameters
frame_length (int) – Frame size in bytes
algorithm (aws_encryption_sdk.identifiers.Algorithm) – Algorithm to use for encryption
- Raises
SerializationError – if frame size is negative or not a multiple of the algorithm block size
SerializationError – if frame size is larger than the maximum allowed frame size
- aws_encryption_sdk.internal.utils.message_id(size)
Generates a new message ID.
- aws_encryption_sdk.internal.utils.get_aad_content_string(content_type, is_final_frame)
Prepares the appropriate Body AAD Value for a message body.
- Parameters
content_type (aws_encryption_sdk.identifiers.ContentType) – Defines the type of content for which to prepare AAD String
is_final_frame (bool) – Boolean stating whether this is the final frame in a body
- Returns
Appropriate AAD Content String
- Return type
- Raises
UnknownIdentityError – if unknown content type
- aws_encryption_sdk.internal.utils.prepare_data_keys(primary_master_key, master_keys, algorithm, encryption_context)
Prepares a DataKey to be used for encrypting message and list of EncryptedDataKey objects to be serialized into header.
- Parameters
primary_master_key (aws_encryption_sdk.key_providers.base.MasterKey) – Master key with which to generate the encryption data key
master_keys (list of
aws_encryption_sdk.key_providers.base.MasterKey
) – All master keys with which to encrypt data keysalgorithm (aws_encryption_sdk.identifiers.Algorithm) – Algorithm to use for encryption
encryption_context (dict) – Encryption context to use when generating data key
- Return type
tuple containing
aws_encryption_sdk.structures.DataKey
and set ofaws_encryption_sdk.structures.EncryptedDataKey
- aws_encryption_sdk.internal.utils.prep_stream_data(data)
Take an input and prepare it for use as a stream.
- Parameters
data – Input data
- Returns
Prepared stream
- Return type
InsistentReaderBytesIO
- aws_encryption_sdk.internal.utils.source_data_key_length_check(source_data_key, algorithm)
Validates that the supplied source_data_key’s data_key is the correct length for the supplied algorithm’s kdf_input_len value.
- Parameters
source_data_key (
aws_encryption_sdk.structures.RawDataKey
oraws_encryption_sdk.structures.DataKey
) – Source data key object received from MasterKey decrypt or generate data_key methodsalgorithm (aws_encryption_sdk.identifiers.Algorithm) – Algorithm object which directs how this data key will be used
- Raises
InvalidDataKeyError – if data key length does not match required kdf input length
- aws_encryption_sdk.internal.utils.exactly_one_arg_is_not_none(*args)
Helper function for internal ESDK logic. Returns True if exactly one item in the provided arguments is not None. Returns False otherwise.
- Parameters
args – Input arguments to check
- Returns
True if exactly one item in the provided arguments is not None; False otherwise