aws_encryption_sdk.internal.utils

Helper utility functions for AWS Encryption SDK.

Functions

content_type(frame_length) Returns the appropriate content type based on the frame length.
get_aad_content_string(content_type, …) Prepares the appropriate Body AAD Value for a message body.
message_id(size) Generates a new message ID.
prep_stream_data(data) Take an input and prepare it for use as a stream.
prepare_data_keys(primary_master_key, …) Prepares a DataKey to be used for encrypting message and list of EncryptedDataKey objects to be serialized into header.
source_data_key_length_check(…) Validates that the supplied source_data_key’s data_key is the correct length for the supplied algorithm’s kdf_input_len value.
validate_frame_length(frame_length, algorithm) Validates that frame length is within the defined limits and is compatible with the selected algorithm.
aws_encryption_sdk.internal.utils.content_type(frame_length)

Returns the appropriate content type based on the frame length.

Parameters:frame_length (int) – Message frame length
Returns:Appropriate content type based on frame length
Return type:aws_encryption_sdk.identifiers.ContentType
aws_encryption_sdk.internal.utils.validate_frame_length(frame_length, algorithm)

Validates that frame length is within the defined limits and is compatible with the selected algorithm.

Parameters:
  • frame_length (int) – Frame size in bytes
  • algorithm (aws_encryption_sdk.identifiers.Algorithm) – Algorithm to use for encryption
Raises:
aws_encryption_sdk.internal.utils.message_id(size)

Generates a new message ID.

Parameters:size (int) – The size of the message id to generate, in bytes
Returns:Message ID
Return type:bytes
aws_encryption_sdk.internal.utils.get_aad_content_string(content_type, is_final_frame)

Prepares the appropriate Body AAD Value for a message body.

Parameters:
Returns:

Appropriate AAD Content String

Return type:

bytes

Raises:

UnknownIdentityError – if unknown content type

aws_encryption_sdk.internal.utils.prepare_data_keys(primary_master_key, master_keys, algorithm, encryption_context)

Prepares a DataKey to be used for encrypting message and list of EncryptedDataKey objects to be serialized into header.

Parameters:
Return type:

tuple containing aws_encryption_sdk.structures.DataKey and set of aws_encryption_sdk.structures.EncryptedDataKey

aws_encryption_sdk.internal.utils.prep_stream_data(data)

Take an input and prepare it for use as a stream.

Parameters:data – Input data
Returns:Prepared stream
Return type:InsistentReaderBytesIO
aws_encryption_sdk.internal.utils.source_data_key_length_check(source_data_key, algorithm)

Validates that the supplied source_data_key’s data_key is the correct length for the supplied algorithm’s kdf_input_len value.

Parameters:
Raises:

InvalidDataKeyError – if data key length does not match required kdf input length