ó 9(Zc@sldZddlmZddlZddlmZddlmZmZm Z ddl m Z m Z ddl mZddlmZd Zd jeƒZd „Zd efd „ƒYZdefd„ƒYZdefd„ƒYZdefd„ƒYZdefd„ƒYZdefd„ƒYZdefd„ƒYZdefd„ƒYZdefd„ƒYZdS(s_AWS Encryption SDK native data structures for defining implementation-specific characteristics.iÿÿÿÿ(tEnumN(thashes(tectpaddingtrsa(t algorithmstmodes(thkdf(tInvalidAlgorithmErrors1.3.3s&AwsEncryptionSdkPython-KMSMasterKey/{}cCsF|dkr'||kr'tdƒ‚n||krBtdƒ‚ndS(s-Validates that data_key_len and kdf_input_len have the correct relationship. :param int data_key_len: Number of bytes in key :param kdf_type: KDF algorithm to use :param kdf_type: cryptography.io KDF object :param int kdf_input_len: Length of input data to feed into KDF function sZInvalid Algorithm definition: data_key_len must equal kdf_input_len for non-KDF algorithmssQInvalid Algorithm definition: data_key_len must not be greater than kdf_input_lenN(tNoneR(t data_key_lentkdf_typet kdf_input_len((sJ/tmp/pip-build-wDUJoH/aws-encryption-sdk/aws_encryption_sdk/identifiers.pyt_kdf_input_len_checks   t Algorithmc Bs?eZdZiZdejejddddddddddf Z dejejddddddddddf Z dejejddddddddddf Z d ejejdddde j dejdddf Zd ejejdddde j dejdddf Zd ejejdddde j dejdddf Zd ejejdddde j dejejejd f Zdejejdddde j dejejejdf Zdejejdddde j dejejejdf Zd„Zed„ƒZd„Zd„ZRS(sIDs of cryptographic algorithms this library knows about. :param int algorithm_id: KMS Encryption Algorithm ID :param encryption_algorithm: Encryption algorithm to use :type encryption_algorithm: cryptography.io ciphers algorithm object :param encryption_mode: Encryption mode in which to operate :type encryption_mode: cryptography.io ciphers modes object :param int iv_len: Number of bytes in IV :param int auth_len: Number of bytes in auth data (tag) :param int auth_key_len: Number of bytes in auth key (not currently supported by any algorithms) :param int data_key_len: Number of bytes in envelope encryption data key :param kdf_type: KDF algorithm to use :type kdf_type: cryptography.io KDF object :param int kdf_input_len: Number of bytes of input data to feed into KDF function :param kdf_hash_type: Hash algorithm to use in KDF :type kdf_hash_type: cryptography.io hashes object :param signing_algorithm_info: Information needed by signing algorithm to define behavior :type signing_algorithm_info: may vary (currently only ECC curve object) :param signature_hash_type: Hash algorithm to use in signature :type signature_hash_type: cryptography.io hashes object :param int signature_len: Number of bytes in signature ii iiiFiixi iiFixiiGiFigixcCs¯td|d|d| ƒ||_||_||_||_||_||_|_||_||_ | |_ | |_ | |_ | |_ | |_t|_||j|H(tstructtpackR(R((sJ/tmp/pip-build-wDUJoH/aws-encryption-sdk/aws_encryption_sdk/identifiers.pyt id_as_bytes’scCs |jdk S(sRDetermines whether encryption materials for this algorithm suite should be cached.N(R R (R((sJ/tmp/pip-build-wDUJoH/aws-encryption-sdk/aws_encryption_sdk/identifiers.pyt safe_to_cache–sN(t__name__t __module__t__doc__RRtAESRtGCMR tAES_128_GCM_IV12_TAG16tAES_192_GCM_IV12_TAG16tAES_256_GCM_IV12_TAG16RtHKDFRtSHA256t"AES_128_GCM_IV12_TAG16_HKDF_SHA256t"AES_192_GCM_IV12_TAG16_HKDF_SHA256t"AES_256_GCM_IV12_TAG16_HKDF_SHA256Rt SECP256R1t-AES_128_GCM_IV12_TAG16_HKDF_SHA256_ECDSA_P256tSHA384t SECP384R1t-AES_192_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384t-AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384Rt classmethodR R#R$(((sJ/tmp/pip-build-wDUJoH/aws-encryption-sdk/aws_encryption_sdk/identifiers.pyR.s333999??? ) tEncryptionTypecBseZdZdZdZRS(sgIdentifies symmetric vs asymmetric encryption. Used to identify encryption type for WrappingAlgorithm.ii(R%R&R't SYMMETRICt ASYMMETRIC(((sJ/tmp/pip-build-wDUJoH/aws-encryption-sdk/aws_encryption_sdk/identifiers.pyR9›stEncryptionKeyTypecBs eZdZdZdZdZRS(s]Identifies raw encryption key type. Used to identify key capabilities for WrappingAlgorithm.iii(R%R&R'R:tPUBLICtPRIVATE(((sJ/tmp/pip-build-wDUJoH/aws-encryption-sdk/aws_encryption_sdk/identifiers.pyR<¢stWrappingAlgorithmcBsÅeZdZejejdddfZejej dddfZ ejej dddfZ ej eejddfZej eejejejfZej eejejejfZd„ZRS(sõWrapping Algorithms for use by RawMasterKey objects. :param algorithm: Encryption algorithm to use for encryption of data keys :type algorithm: aws_encryption_sdk.identifiers.Algorithm :param padding_type: Padding type to use for encryption of data keys :type padding_type: :param padding_algorithm: Padding algorithm to use for encryption of data keys :type padding_algorithm: :param padding_mgf: Padding MGF to use for encryption of data keys :type padding_mgf: cCs|||_||_|tjkrNi|d|ƒƒd6|ƒd6dd6}ni}|dk ro||}n||_dS(sPrepares new WrappingAlgorithm.t algorithmtmgftlabelN(tencryption_typeR@RtOAEPR (RRCR@t padding_typetpadding_algorithmt padding_mgft padding_args((sJ/tmp/pip-build-wDUJoH/aws-encryption-sdk/aws_encryption_sdk/identifiers.pyR¾s      N(R%R&R'R9R:RR*R t!AES_128_GCM_IV12_TAG16_NO_PADDINGR+t!AES_192_GCM_IV12_TAG16_NO_PADDINGR,t!AES_256_GCM_IV12_TAG16_NO_PADDINGR;RRtPKCS1v15t RSA_PKCS1RDRtSHA1tMGF1tRSA_OAEP_SHA1_MGF1R.tRSA_OAEP_SHA256_MGF1R(((sJ/tmp/pip-build-wDUJoH/aws-encryption-sdk/aws_encryption_sdk/identifiers.pyR?ªs !!t ObjectTypecBseZdZdZRS(s<Valid Type values per the AWS Encryption SDK message format.i€(R%R&R'tCUSTOMER_AE_DATA(((sJ/tmp/pip-build-wDUJoH/aws-encryption-sdk/aws_encryption_sdk/identifiers.pyRRÑstSequenceIdentifiercBseZdZdZRS(s)Identifiers for specific sequence frames.Iÿÿÿÿ(R%R&R'tSEQUENCE_NUMBER_END(((sJ/tmp/pip-build-wDUJoH/aws-encryption-sdk/aws_encryption_sdk/identifiers.pyRT×stSerializationVersioncBseZdZdZRS(s4Valid Versions of AWS Encryption SDK message format.i(R%R&R'tV1(((sJ/tmp/pip-build-wDUJoH/aws-encryption-sdk/aws_encryption_sdk/identifiers.pyRVÝst ContentTypecBseZdZdZdZRS(s-Type of content framing contained in message.ii(R%R&R't NO_FRAMINGt FRAMED_DATA(((sJ/tmp/pip-build-wDUJoH/aws-encryption-sdk/aws_encryption_sdk/identifiers.pyRXãstContentAADStringcBs eZdZdZdZdZRS(sRBody Additional Authenticated Data values for building the AAD for a message body.sAWSKMSEncryptionClient Frames"AWSKMSEncryptionClient Final Frames#AWSKMSEncryptionClient Single Block(R%R&R'tFRAME_STRING_IDtFINAL_FRAME_STRING_IDtNON_FRAMED_STRING_ID(((sJ/tmp/pip-build-wDUJoH/aws-encryption-sdk/aws_encryption_sdk/identifiers.pyR[ês(R'tenumRR!tcryptography.hazmat.primitivesRt)cryptography.hazmat.primitives.asymmetricRRRt&cryptography.hazmat.primitives.ciphersRRt"cryptography.hazmat.primitives.kdfRtaws_encryption_sdk.exceptionsRt __version__tformattUSER_AGENT_SUFFIXR RR9R<R?RRRTRVRXR[(((sJ/tmp/pip-build-wDUJoH/aws-encryption-sdk/aws_encryption_sdk/identifiers.pyt s&  m'