def decrypt()

in src/aws_encryption_sdk/internal/crypto/wrapping_keys.py [0:0]

• 17 lines of code
• 4 McCabe index (conditional complexity)

    def decrypt(self, encrypted_wrapped_data_key, encryption_context):
        """Decrypts a wrapped, encrypted, data key.

        :param encrypted_wrapped_data_key: Encrypted, wrapped, data key
        :type encrypted_wrapped_data_key: aws_encryption_sdk.internal.structures.EncryptedData
        :param dict encryption_context: Encryption context to use in decryption
        :returns: Plaintext of data key
        :rtype: bytes
        """
        if self.wrapping_key_type is EncryptionKeyType.PUBLIC:
            raise IncorrectMasterKeyError("Public key cannot decrypt")
        if self.wrapping_key_type is EncryptionKeyType.PRIVATE:
            try:
                return self._wrapping_key.decrypt(
                    ciphertext=encrypted_wrapped_data_key.ciphertext, padding=self.wrapping_algorithm.padding
                )
            except ValueError:
                raise IncorrectMasterKeyError("_wrapping_key cannot decrypt provided ciphertext")
        serialized_encryption_context = serialize_encryption_context(encryption_context=encryption_context)
        return decrypt(
            algorithm=self.wrapping_algorithm.algorithm,
            key=self._derived_wrapping_key,
            encrypted_data=encrypted_wrapped_data_key,
            associated_data=serialized_encryption_context,
        )