confidant.lib package¶
Submodules¶
confidant.lib.cryptolib module¶
-
confidant.lib.cryptolib.
create_datakey
(encryption_context, keyid, client=None)¶ Create a datakey from KMS.
-
confidant.lib.cryptolib.
create_mock_datakey
()¶ Mock encryption meant to be used for testing or development. Returns a generated data key, but the encrypted version of the key is simply the unencrypted version. If this is called for anything other than testing or development purposes, it will cause unencrypted keys to be stored along with the encrypted content, rending the encryption worthless.
-
confidant.lib.cryptolib.
decrypt_datakey
(data_key, encryption_context=None, client=None)¶ Decrypt a datakey.
-
confidant.lib.cryptolib.
decrypt_mock_datakey
(data_key)¶ Mock decryption meant to be used for testing or development. Simply returns the provided data_key.
-
confidant.lib.cryptolib.
load_private_key_pem
(path, password=None)¶ Load an RSA private key from a file.
- Parameters
path (string) – The file path to an RSA private key in PEM format.
password (string) – A password encrypting the file.
- Returns
An RSA private key object.
- Return type
cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey
-
confidant.lib.cryptolib.
load_private_key_pem_as_bare_base64
(path, password=None)¶ Load an RSA private key from a file as bare base64-encoded DER.
- Parameters
path (string) – The file path to an RSA private key in PEM format.
password (string) – A password encrypting the file.
- Returns
base64-encoded DER private key data.
- Return type
string
-
confidant.lib.cryptolib.
load_x509_certificate_pem
(path)¶ Load an X.509 PEM certificate from a file.
- Parameters
path (string) – The file path to an X.509 certificate in PEM format.
- Returns
X.509 certificate object
- Return type
cryptography.x509.Certificate
-
confidant.lib.cryptolib.
load_x509_certificate_pem_as_bare_base64
(path)¶ Load an X.509 PEM certificate from a file, return as bare base64-encoded DER.
- Parameters
path (string) – The file path to an X.509 certificate in PEM format.
- Returns
base64-encoded DER X.509 data.
- Return type
string