Danger
This is a “Hazardous Materials” module. You should ONLY use it if you’re 100% absolutely sure that you know what you’re doing because this module is full of land mines, dragons, and dinosaurs with laser guns.
Key wrapping¶
Key wrapping is a cryptographic construct that uses symmetric encryption to encapsulate key material. Key wrapping algorithms are occasionally utilized to protect keys at rest or transmit them over insecure networks. Many of the protections offered by key wrapping are also offered by using authenticated symmetric encryption.
- cryptography.hazmat.primitives.keywrap.aes_key_wrap(wrapping_key, key_to_wrap)[source]¶
New in version 1.1.
This function performs AES key wrap (without padding) as specified in RFC 3394.
- cryptography.hazmat.primitives.keywrap.aes_key_unwrap(wrapping_key, wrapped_key)[source]¶
New in version 1.1.
This function performs AES key unwrap (without padding) as specified in RFC 3394.
- Parameters:
- Return bytes:
The unwrapped key as bytes.
- Raises:
cryptography.hazmat.primitives.keywrap.InvalidUnwrap – This is raised if the key is not successfully unwrapped.
- cryptography.hazmat.primitives.keywrap.aes_key_wrap_with_padding(wrapping_key, key_to_wrap)[source]¶
New in version 2.2.
This function performs AES key wrap with padding as specified in RFC 5649.
- cryptography.hazmat.primitives.keywrap.aes_key_unwrap_with_padding(wrapping_key, wrapped_key)[source]¶
New in version 2.2.
This function performs AES key unwrap with padding as specified in RFC 5649.
- Parameters:
- Return bytes:
The unwrapped key as bytes.
- Raises:
cryptography.hazmat.primitives.keywrap.InvalidUnwrap – This is raised if the key is not successfully unwrapped.