MCPcopy Create free account
hub / github.com/mpdavis/python-jose / CryptographyAESKey

Class CryptographyAESKey

jose/backends/cryptography_backend.py:394–516  ·  view source on GitHub ↗

Source from the content-addressed store, hash-verified

392
393
394class CryptographyAESKey(Key):
395 KEY_128 = (ALGORITHMS.A128GCM, ALGORITHMS.A128GCMKW, ALGORITHMS.A128KW, ALGORITHMS.A128CBC)
396 KEY_192 = (ALGORITHMS.A192GCM, ALGORITHMS.A192GCMKW, ALGORITHMS.A192KW, ALGORITHMS.A192CBC)
397 KEY_256 = (
398 ALGORITHMS.A256GCM,
399 ALGORITHMS.A256GCMKW,
400 ALGORITHMS.A256KW,
401 ALGORITHMS.A128CBC_HS256,
402 ALGORITHMS.A256CBC,
403 )
404 KEY_384 = (ALGORITHMS.A192CBC_HS384,)
405 KEY_512 = (ALGORITHMS.A256CBC_HS512,)
406
407 AES_KW_ALGS = (ALGORITHMS.A128KW, ALGORITHMS.A192KW, ALGORITHMS.A256KW)
408
409 MODES = {
410 ALGORITHMS.A128GCM: modes.GCM,
411 ALGORITHMS.A192GCM: modes.GCM,
412 ALGORITHMS.A256GCM: modes.GCM,
413 ALGORITHMS.A128CBC_HS256: modes.CBC,
414 ALGORITHMS.A192CBC_HS384: modes.CBC,
415 ALGORITHMS.A256CBC_HS512: modes.CBC,
416 ALGORITHMS.A128CBC: modes.CBC,
417 ALGORITHMS.A192CBC: modes.CBC,
418 ALGORITHMS.A256CBC: modes.CBC,
419 ALGORITHMS.A128GCMKW: modes.GCM,
420 ALGORITHMS.A192GCMKW: modes.GCM,
421 ALGORITHMS.A256GCMKW: modes.GCM,
422 ALGORITHMS.A128KW: None,
423 ALGORITHMS.A192KW: None,
424 ALGORITHMS.A256KW: None,
425 }
426
427 IV_BYTE_LENGTH_MODE_MAP = {"CBC": algorithms.AES.block_size // 8, "GCM": 96 // 8}
428
429 def __init__(self, key, algorithm):
430 if algorithm not in ALGORITHMS.AES:
431 raise JWKError("%s is not a valid AES algorithm" % algorithm)
432 if algorithm not in ALGORITHMS.SUPPORTED.union(ALGORITHMS.AES_PSEUDO):
433 raise JWKError("%s is not a supported algorithm" % algorithm)
434
435 self._algorithm = algorithm
436 self._mode = self.MODES.get(self._algorithm)
437
438 if algorithm in self.KEY_128 and len(key) != 16:
439 raise JWKError(f"Key must be 128 bit for alg {algorithm}")
440 elif algorithm in self.KEY_192 and len(key) != 24:
441 raise JWKError(f"Key must be 192 bit for alg {algorithm}")
442 elif algorithm in self.KEY_256 and len(key) != 32:
443 raise JWKError(f"Key must be 256 bit for alg {algorithm}")
444 elif algorithm in self.KEY_384 and len(key) != 48:
445 raise JWKError(f"Key must be 384 bit for alg {algorithm}")
446 elif algorithm in self.KEY_512 and len(key) != 64:
447 raise JWKError(f"Key must be 512 bit for alg {algorithm}")
448
449 self._key = key
450
451 def to_dict(self):

Callers 2

test_wrapMethod · 0.90
test_unwrapMethod · 0.90

Calls

no outgoing calls

Tested by 2

test_wrapMethod · 0.72
test_unwrapMethod · 0.72

Used in the wild real call sites across dependent graphs

searching dependent graphs…