in src/dynamodb_encryption_sdk/internal/crypto/jce_bridge/primitives.py [0:0]
def load_rsa_key(key, key_type, key_encoding):
# (bytes, EncryptionKeyType, KeyEncodingType) -> Any
# narrow down the output type
# https://github.com/aws/aws-dynamodb-encryption-python/issues/66
"""Load an RSA key object from the provided raw key bytes.
:param bytes key: Raw key bytes to load
:param EncryptionKeyType key_type: Type of key to load
:param KeyEncodingType key_encoding: Encoding used to serialize ``key``
:returns: Loaded key
:raises ValueError: if ``key_type`` and ``key_encoding`` are not a valid pairing
"""
try:
loader = _RSA_KEY_LOADING[key_type][key_encoding]
except KeyError:
raise ValueError("Invalid key type and encoding: {} and {}".format(key_type, key_encoding))
kwargs = dict(data=key, backend=default_backend())
if key_type is EncryptionKeyType.PRIVATE:
kwargs["password"] = None
loaded_key = loader(**kwargs)
if loaded_key.key_size < MinimumKeySizes.RSA.value:
_LOGGER.warning("RSA keys smaller than %d bits are unsafe", MinimumKeySizes.RSA.value)
return loaded_key