ait.dsn.encrypt.encrypter package

Module contents

class ait.dsn.encrypt.encrypter.BaseEncrypter

Bases: object

Generic enrypter abstraction

BaseEncrypter attempts to adequately abstract encryption operations into a small set of common methods. Not all methods will be useful for every encrypter type and additional methods may need to be added for future encryption support.

Generally, the expected method functionality should be

configure
Configure the instance, loading all necessary settings and preparing for connection

connect
Connect to instance of the encryption service.

encrypt
Encrypt a payload

decrypt
Decrypt a payload

show_config
Method that displays the service configuration, useful for development/debugging.

close
Close the connection to the encryption service and handle any cleanup

is_connected
Returns True if encrypter is connected, False otherwise

is_configured
Returns True if encrypter is configured, False otherwise

cfg_client_config = 'dsn.encryption.client.config'

cfg_client_name = 'dsn.encryption.client.name'

cfg_prefix = 'dsn.encryption.'

abstract close(): Connect to a backend’s encryption instance, releases resources.

configure(**kwargs): Setup the configuration for this instance.

abstract connect(): Connect to a backend’s encryption instance.

abstract decrypt(input_bytes)

Decrypts a byte-array

Param: input_bytes Original byte-array to be decrypted
Returns: EncryptResult object with result or errors

abstract encrypt(input_bytes)

Encrypts a byte-array

Param: input_bytes Original byte-array to be encrypted
Returns: EncryptResult object with result or errors

is_configured(): Returns True if encrypter has been configured, False otherwise

abstract is_connected(): Returns True if encrypter is connected, False otherwise

prop_debug_enabled = 'debug_enabled'

prop_vcid_filter = 'vcid_filter'

abstract show_config()

Returns any configuration information as a str

Returns: Configuration info string

vcid_is_supported(vcid)

Returns True if vcid is registered to be encrypted or filter is None

Param: vcid VCID
Returns: True if vcid is supported, False otherwise

class ait.dsn.encrypt.encrypter.EncryptMode(value)

Bases: Enum

Enumeration for Encryption modes / directions

DECRYPT = 1

ENCRYPT = 0

class ait.dsn.encrypt.encrypter.EncryptResult(mode=EncryptMode.ENCRYPT, input=None, result=None, errors=None)

Bases: object

AIT Encryption result wrapper.

EncryptResult is a minimal wrapper around encryption/decryption results / errors. All AIT encryption APIs that execute a encrypt and decrypt will return their results wrapped in an EncryptResult object.

EncryptResult tracks four main attributes. Generally, an unused attribute will be None.

mode: Enumeration of EncryptMode. Value is either ENCRYPT or DECRYPT
input: The input bytearray.
result: The result of the encryption/decryption request, as bytearray.
errors: An iterator of errors encountered during transformation execution.

property errors

property has_errors

property has_result

property input

property mode

property result

class ait.dsn.encrypt.encrypter.EncrypterFactory

Bases: object

default_clazz = 'ait.dsn.encrypt.encrypter.NullEncrypter'

static get(encrypter_class_name=None)

Returns an instance of an Encrypter, based on argument or AIT configuration. If None is specified, then the AIT configuration is queried. If the config results in None, then a default implementation that performs no encryption is returned.

The returned Encrypter has not yet been configured.

Param: encrypter_class_name Optional encrypter class name
Returns: New instance of Encrypter
Except: ImportError if specified encryption client is not found
Except: AitConfigError for errors that occur during configuration

class ait.dsn.encrypt.encrypter.NullEncrypter

Bases: BaseEncrypter

Null enrypter

NullEncrypter implements the GenericEncrypter interface while providing no actual encryption or decryption. Calls to either method will result in output that is a copy of the input.

close(): No connection or cleanup required for this instance.

configure(**kwargs): Setup the configuration for this instance.

connect(): No connection is needed for this instance.

decrypt(input_bytes)

Dummy implementation of decryption

Param: input_bytes Original byte-array to be encrypted
Returns: EncryptResult object with result or errors

encrypt(input_bytes)

Dummy implementation of encryption

Param: input_bytes Original byte-array to be encrypted
Returns: EncryptResult object with result or errors

is_connected()

Returns True if this instance is connected, False otherwise

Returns: Conencted state

show_config()

Returns config info for this instance

Returns: Config info as string