How to use the aioboto3.s3.cse.CryptoContext function in aioboto3
To help you get started, we’ve selected a few aioboto3 examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
terrycain / aioboto3 / aioboto3 / s3 / cse.py View on Github 
:param key: Base64 decoded version of x-amz-key-v2
:param material_description: JSON decoded x-amz-matdesc
:return: Raw AES key bytes
"""
raise NotImplementedError()
async def get_encryption_aes_key(self) -> Tuple[bytes, Dict[str, str], str]:
"""
Get encryption key to encrypt an S3 object
:return: Raw AES key bytes, Stringified JSON x-amz-matdesc, Base64 encoded x-amz-key-v2
"""
raise NotImplementedError()
class AsymmetricCryptoContext(CryptoContext):
"""
Crypto context which uses public-private key cryptography.
The public and private keys need to be loaded in by ``cryptography.hazmat.primitives.serialization.*``
:param public_key: Public key object
:param private_key: Private key object
:param loop: Event loop
"""
def __init__(self, public_key: Optional[_RSAPublicKey] = None,
private_key: Optional[_RSAPrivateKey] = None, loop: Optional[asyncio.AbstractEventLoop] = None):
self.public_key = public_key
self.private_key = private_key
"""
random_bytes = os.urandom(32)
padder = PKCS7(AES.block_size).padder()
padded_result = await self._loop.run_in_executor(
None, lambda: (padder.update(random_bytes) + padder.finalize()))
aesecb = self._cipher.encryptor()
encrypted_result = await self._loop.run_in_executor(
None, lambda: (aesecb.update(padded_result) + aesecb.finalize()))
return random_bytes, {}, base64.b64encode(encrypted_result).decode()
class KMSCryptoContext(CryptoContext):
"""
Crypto context which uses symmetric cryptography.
The key field should be a valid AES key.
E.g. if you wanted to set the KMS region, add kms_client_args={'region_name': 'eu-west-1'}
:param key: Key bytes
:param kms_client_args: Will be expanded when getting a KMS client
:param authenticated_encryption: Uses AES-GCM instead of AES-CBC (also allows range gets of files)
:param loop: Event loop
"""
def __init__(self, keyid: Optional[str] = None, kms_client_args: Optional[dict] = None,
authenticated_encryption: bool = True):
self.kms_key = keyid"""
return serialization.load_der_public_key(data, default_backend())
@staticmethod
def from_der_private_key(data: bytes, password: Optional[str] = None) -> _RSAPrivateKey:
"""
Convert private key in DER encoding to a Private key object
:param data: private key bytes
:param password: password the private key is encrypted with
"""
return serialization.load_der_private_key(data, password, default_backend())
class SymmetricCryptoContext(CryptoContext):
"""
Crypto context which uses symmetric cryptography.
The key field should be a valid AES key.
:param key: Key bytes
:param loop: Event loop
"""
def __init__(self, key: bytes, loop: Optional[asyncio.AbstractEventLoop] = None):
self.key = key
self._backend = default_backend()
self._cipher = Cipher(AES(self.key), ECB(), backend=self._backend)
self._loop = loop
if not loop:
Popular aioboto3 functions
- aioboto3.__version__
- aioboto3.client
- aioboto3.resource
- aioboto3.s3.cse
- aioboto3.s3.cse._adjust_iv_for_range
- aioboto3.s3.cse._compute_j0
- aioboto3.s3.cse._get_adjusted_crypto_range
- aioboto3.s3.cse._get_cipher_block_lower_bound
- aioboto3.s3.cse._get_cipher_block_upper_bound
- aioboto3.s3.cse.AsymmetricCryptoContext
- aioboto3.s3.cse.AsymmetricCryptoContext.from_der_private_key
- aioboto3.s3.cse.AsymmetricCryptoContext.from_der_public_key
- aioboto3.s3.cse.CryptoContext
- aioboto3.s3.cse.DecryptError
- aioboto3.s3.cse.KMSCryptoContext
- aioboto3.s3.cse.MockKMSCryptoContext
- aioboto3.s3.cse.S3CSE
- aioboto3.s3.cse.SymmetricCryptoContext
- aioboto3.Session
- aioboto3.session.Session