Exemplos de InvalidDataKeyError em Python

Exemplo n.º 1

Arquivo: __init__.py Projeto: villalabs/aws-encryption-sdk-python

    def _validate_data_encryption_key(self, data_encryption_key, keyring_trace, required_flags):
        # type: (Union[DataKey, RawDataKey], KeyringTrace, Iterable[KeyringTraceFlag]) -> None
        """Validate that the provided data encryption key and keyring trace match for each other and the materials.

        .. versionadded:: 1.5.0

        :param RawDataKey data_encryption_key: Data encryption key
        :param KeyringTrace keyring_trace: Keyring trace corresponding to data_encryption_key
        :param required_flags: Iterable of required flags
        :type required_flags: iterable of :class:`KeyringTraceFlag`
        :raises AttributeError: if data encryption key is already set
        :raises InvalidKeyringTraceError: if keyring trace does not match decrypt action
        :raises InvalidKeyringTraceError: if keyring trace does not match data key provider
        :raises InvalidDataKeyError: if data key length does not match algorithm suite
        """
        if self.data_encryption_key is not None:
            raise AttributeError("Data encryption key is already set.")

        for flag in required_flags:
            if flag not in keyring_trace.flags:
                raise InvalidKeyringTraceError("Keyring flags do not match action.")

        if keyring_trace.wrapping_key != data_encryption_key.key_provider:
            raise InvalidKeyringTraceError("Keyring trace does not match data key provider.")

        if len(data_encryption_key.data_key) != self.algorithm.kdf_input_len:
            raise InvalidDataKeyError(
                "Invalid data key length {actual} must be {expected}.".format(
                    actual=len(data_encryption_key.data_key), expected=self.algorithm.kdf_input_len
                )
            )

Exemplo n.º 2

Arquivo: __init__.py Projeto: nbommu1/aws-encryption-sdk-python

def source_data_key_length_check(source_data_key, algorithm):
    """Validates that the supplied source_data_key's data_key is the
    correct length for the supplied algorithm's kdf_input_len value.

    :param source_data_key: Source data key object received from MasterKey decrypt or generate data_key methods
    :type source_data_key: :class:`aws_encryption_sdk.structures.RawDataKey`
        or :class:`aws_encryption_sdk.structures.DataKey`
    :param algorithm: Algorithm object which directs how this data key will be used
    :type algorithm: aws_encryption_sdk.identifiers.Algorithm
    :raises InvalidDataKeyError: if data key length does not match required kdf input length
    """
    if len(source_data_key.data_key) != algorithm.kdf_input_len:
        raise InvalidDataKeyError(
            'Invalid Source Data Key length {actual} for algorithm required: {required}'
            .format(actual=len(source_data_key.data_key),
                    required=algorithm.kdf_input_len))

Exemplo n.º 3

 def __init__(self,
              wrapping_algorithm,
              wrapping_key,
              wrapping_key_type,
              password=None):
     self.wrapping_algorithm = wrapping_algorithm
     self.wrapping_key_type = wrapping_key_type
     if wrapping_key_type is EncryptionKeyType.PRIVATE:
         self._wrapping_key = serialization.load_pem_private_key(
             data=wrapping_key,
             password=password,
             backend=default_backend())
     elif wrapping_key_type is EncryptionKeyType.PUBLIC:
         self._wrapping_key = serialization.load_pem_public_key(
             data=wrapping_key, backend=default_backend())
     elif wrapping_key_type is EncryptionKeyType.SYMMETRIC:
         self._wrapping_key = wrapping_key
     else:
         raise InvalidDataKeyError(
             'Invalid wrapping_key_type: {}'.format(wrapping_key_type))