Raw Cryptographic Materials

Cryptographic materials classes for use directly with delegated keys.

Warning

Using raw cryptographic materials can be very dangerous because you are likely to be encrypting many items using the same encryption key material. This can have some unexpected and difficult to detect side effects that weaken the security of your encrypted data.

Unless you have specific reasons for using raw cryptographic materials, we highly recommend that you use wrapped cryptographic materials instead.

class dynamodb_encryption_sdk.materials.raw.RawEncryptionMaterials(signing_key: dynamodb_encryption_sdk.delegated_keys.DelegatedKey, encryption_key: Optional[dynamodb_encryption_sdk.delegated_keys.DelegatedKey] = None, material_description: Optional[Dict[str, str]] = None)[source]

Bases: dynamodb_encryption_sdk.materials.EncryptionMaterials

Encryption materials for use directly with delegated keys.

Note

Not all delegated keys allow use with raw cryptographic materials.

Parameters

  • signing_key (DelegatedKey) – Delegated key used as signing key

  • encryption_key (DelegatedKey) – Delegated key used as encryption key

  • material_description (dict) – Material description to use with these cryptographic materials

property material_description

Material description to use with these cryptographic materials.

Returns

Material description

Return type

dict

property signing_key

Delegated key used for calculating digital signatures.

Returns

Signing key

Return type

DelegatedKey

property encryption_key

Delegated key used for encrypting attributes.

Returns

Encryption key

Return type

DelegatedKey

class dynamodb_encryption_sdk.materials.raw.RawDecryptionMaterials(verification_key: dynamodb_encryption_sdk.delegated_keys.DelegatedKey, decryption_key: Optional[dynamodb_encryption_sdk.delegated_keys.DelegatedKey] = None, material_description: Optional[Dict[str, str]] = None)[source]

Bases: dynamodb_encryption_sdk.materials.DecryptionMaterials

Encryption materials for use directly with delegated keys.

Note

Not all delegated keys allow use with raw cryptographic materials.

Parameters

  • verification_key (DelegatedKey) – Delegated key used as verification key

  • decryption_key (DelegatedKey) – Delegated key used as decryption key

  • material_description (dict) – Material description to use with these cryptographic materials

property material_description

Material description to use with these cryptographic materials.

Returns

Material description

Return type

dict

property verification_key

Delegated key used for verifying digital signatures.

Returns

Verification key

Return type

DelegatedKey

property decryption_key

Delegated key used for decrypting attributes.

Returns

Decryption key

Return type

DelegatedKey