Wrapped Provider
Cryptographic materials provider to use ephemeral content encryption keys wrapped by delegated keys.
- class dynamodb_encryption_sdk.material_providers.wrapped.WrappedCryptographicMaterialsProvider(signing_key: dynamodb_encryption_sdk.delegated_keys.DelegatedKey, wrapping_key: Optional[dynamodb_encryption_sdk.delegated_keys.DelegatedKey] = None, unwrapping_key: Optional[dynamodb_encryption_sdk.delegated_keys.DelegatedKey] = None, material_description: Optional[Dict[str, str]] = None)[source]
Bases:
dynamodb_encryption_sdk.material_providers.CryptographicMaterialsProvider
Cryptographic materials provider to use ephemeral content encryption keys wrapped by delegated keys.
- Parameters
signing_key (DelegatedKey) – Delegated key used as signing and verification key
wrapping_key (DelegatedKey) – Delegated key used to wrap content key
Note
wrapping_key
must be provided if providing encryption materials- Parameters
unwrapping_key (DelegatedKey) – Delegated key used to unwrap content key
Note
unwrapping_key
must be provided if providing decryption materials or loading materials from material description- encryption_materials(encryption_context: dynamodb_encryption_sdk.structures.EncryptionContext) dynamodb_encryption_sdk.materials.wrapped.WrappedCryptographicMaterials [source]
Provide encryption materials.
- Parameters
encryption_context (EncryptionContext) – Encryption context for request
- Returns
Encryption materials
- Return type
- Raises
WrappingError – if no wrapping key is available
- decryption_materials(encryption_context: dynamodb_encryption_sdk.structures.EncryptionContext) dynamodb_encryption_sdk.materials.wrapped.WrappedCryptographicMaterials [source]
Provide decryption materials.
- Parameters
encryption_context (EncryptionContext) – Encryption context for request
- Returns
Decryption materials
- Return type
- Raises
UnwrappingError – if no unwrapping key is available