in src/dynamodb_encryption_sdk/material_providers/aws_kms.py [0:0]
def _kms_encryption_context(self, encryption_context, encryption_description, signing_description):
# type: (EncryptionContext, Text, Text) -> Dict[Text, Text]
"""Build the KMS encryption context from the encryption context and key descriptions.
:param EncryptionContext encryption_context: Encryption context providing information about request
:param str encryption_description: Description value from encryption KeyInfo
:param str signing_description: Description value from signing KeyInfo
:returns: KMS encryption context for use in request
:rtype: dict
"""
kms_encryption_context = {
EncryptionContextKeys.CONTENT_ENCRYPTION_ALGORITHM.value: encryption_description,
EncryptionContextKeys.SIGNATURE_ALGORITHM.value: signing_description,
}
if encryption_context.partition_key_name is not None:
try:
partition_key_attribute = encryption_context.attributes[encryption_context.partition_key_name]
except KeyError:
pass
else:
kms_encryption_context[encryption_context.partition_key_name] = self._attribute_to_value(
partition_key_attribute
)
if encryption_context.sort_key_name is not None:
try:
sort_key_attribute = encryption_context.attributes[encryption_context.sort_key_name]
except KeyError:
pass
else:
kms_encryption_context[encryption_context.sort_key_name] = self._attribute_to_value(sort_key_attribute)
if encryption_context.table_name is not None:
kms_encryption_context[_TABLE_NAME_EC_KEY] = encryption_context.table_name
return kms_encryption_context