aws_encryption_sdk.structures

Public data structures for aws_encryption_sdk.

Classes

DataKey(key_provider, data_key, …)	Holds both the encrypted and unencrypted copies of a data key.
EncryptedDataKey(key_provider, …)	Holds only the encrypted copy of a data key.
MasterKeyInfo(provider_id, key_info)	Contains information necessary to identify a Master Key.
MessageHeader(version, type, algorithm, …)	Deserialized message header object.
RawDataKey(key_provider, data_key)	Hold only the unencrypted copy of a data key.

class aws_encryption_sdk.structures.DataKey(key_provider, data_key, encrypted_data_key)

Bases: object

Holds both the encrypted and unencrypted copies of a data key.

Parameters:

• key_provider (aws_encryption_sdk.structures.MasterKeyInfo) – Key Provider information
• data_key (bytes) – Plaintext data key
• encrypted_data_key (bytes) – Encrypted data key

class aws_encryption_sdk.structures.EncryptedDataKey(key_provider, encrypted_data_key)

Bases: object

Holds only the encrypted copy of a data key.

Parameters:

• key_provider (aws_encryption_sdk.structures.MasterKeyInfo) – Key Provider information
• encrypted_data_key (bytes) – Encrypted data key

class aws_encryption_sdk.structures.MasterKeyInfo(provider_id, key_info)

Bases: object

Contains information necessary to identify a Master Key.

Parameters:

• provider_id (str) – MasterKey provider_id value
• key_info (bytes) – MasterKey key_info value

class aws_encryption_sdk.structures.MessageHeader(version, type, algorithm, message_id, encryption_context, encrypted_data_keys, content_type, content_aad_length, header_iv_length, frame_length)

Bases: object

Deserialized message header object.

Parameters:

• version (aws_encryption_sdk.identifiers.SerializationVersion) – Message format version, per spec
• type (aws_encryption_sdk.identifiers.ObjectType) – Message content type, per spec
• algorithm (aws_encryption_sdk.identifiers.Algorithm) – Algorithm to use for encryption
• message_id (bytes) – Message ID
• encryption_context (dict) – Dictionary defining encryption context
• encrypted_data_keys (set of aws_encryption_sdk.structures.EncryptedDataKey) – Encrypted data keys
• content_type (aws_encryption_sdk.identifiers.ContentType) – Message content framing type (framed/non-framed)
• content_aad_length (bytes) – empty
• header_iv_length (int) – Bytes in Initialization Vector value found in header
• frame_length (int) – Length of message frame in bytes

class aws_encryption_sdk.structures.RawDataKey(key_provider, data_key)

Bases: object

Hold only the unencrypted copy of a data key.

Parameters:

• key_provider (aws_encryption_sdk.structures.MasterKeyInfo) – Key Provider information
• data_key (bytes) – Plaintext data key