4gatepylon
diff --git a/‎src/aws_encryption_sdk/__init__.py
Lines changed: 4 additions & 16 deletions b/‎src/aws_encryption_sdk/__init__.py
Lines changed: 4 additions & 16 deletions
diff --git a/‎src/aws_encryption_sdk/identifiers.py
Lines changed: 9 additions & 55 deletions b/‎src/aws_encryption_sdk/identifiers.py
Lines changed: 9 additions & 55 deletions
diff --git a/‎src/aws_encryption_sdk/internal/crypto/authentication.py
Lines changed: 6 additions & 17 deletions b/‎src/aws_encryption_sdk/internal/crypto/authentication.py
Lines changed: 6 additions & 17 deletions
diff --git a/‎src/aws_encryption_sdk/internal/crypto/elliptic_curve.py
Lines changed: 6 additions & 23 deletions b/‎src/aws_encryption_sdk/internal/crypto/elliptic_curve.py
Lines changed: 6 additions & 23 deletions
diff --git a/‎src/aws_encryption_sdk/internal/crypto/encryption.py
Lines changed: 3 additions & 9 deletions b/‎src/aws_encryption_sdk/internal/crypto/encryption.py
Lines changed: 3 additions & 9 deletions
diff --git a/‎src/aws_encryption_sdk/internal/defaults.py
Lines changed: 1 addition & 3 deletions b/‎src/aws_encryption_sdk/internal/defaults.py
Lines changed: 1 addition & 3 deletions
@@ -15,16 +15,9 @@
 from aws_encryption_sdk.caches.local import LocalCryptoMaterialsCache  # noqa
 from aws_encryption_sdk.caches.null import NullCryptoMaterialsCache  # noqa
 from aws_encryption_sdk.identifiers import AlgorithmSuite, __version__  # noqa
-from aws_encryption_sdk.key_providers.kms import (
-    KMSMasterKeyProvider,
-    KMSMasterKeyProviderConfig,
-)  # noqa
-from aws_encryption_sdk.materials_managers.caching import (
-    CachingCryptoMaterialsManager,
-)  # noqa
-from aws_encryption_sdk.materials_managers.default import (
-    DefaultCryptoMaterialsManager,
-)  # noqa
+from aws_encryption_sdk.key_providers.kms import KMSMasterKeyProvider, KMSMasterKeyProviderConfig  # noqa
+from aws_encryption_sdk.materials_managers.caching import CachingCryptoMaterialsManager  # noqa
+from aws_encryption_sdk.materials_managers.default import DefaultCryptoMaterialsManager  # noqa
 from aws_encryption_sdk.streaming_client import (  # noqa
     DecryptorConfig,
     EncryptorConfig,
@@ -184,12 +177,7 @@ def stream(**kwargs):
     :raises ValueError: if supplied with an unsupported mode value
     """
     mode = kwargs.pop("mode")
-    _stream_map = {
-        "e": StreamEncryptor,
-        "encrypt": StreamEncryptor,
-        "d": StreamDecryptor,
-        "decrypt": StreamDecryptor,
-    }
+    _stream_map = {"e": StreamEncryptor, "encrypt": StreamEncryptor, "d": StreamDecryptor, "decrypt": StreamDecryptor}
     try:
         return _stream_map[mode.lower()](**kwargs)
     except KeyError:
 
@@ -50,15 +50,7 @@ class EncryptionSuite(Enum):
     AES_192_GCM_IV12_TAG16 = (algorithms.AES, modes.GCM, 24, 12, 16)
     AES_256_GCM_IV12_TAG16 = (algorithms.AES, modes.GCM, 32, 12, 16)
 
-    def __init__(
-        self,
-        algorithm,
-        mode,
-        data_key_length,
-        iv_length,
-        auth_length,
-        auth_key_length=0,
-    ):
+    def __init__(self, algorithm, mode, data_key_length, iv_length, auth_length, auth_key_length=0):
         """Prepare a new EncryptionSuite."""
         self.algorithm = algorithm
         self.mode = mode
@@ -165,21 +157,9 @@ class AlgorithmSuite(Enum):  # pylint: disable=too-many-instance-attributes
     AES_128_GCM_IV12_TAG16 = (0x0014, EncryptionSuite.AES_128_GCM_IV12_TAG16)
     AES_192_GCM_IV12_TAG16 = (0x0046, EncryptionSuite.AES_192_GCM_IV12_TAG16)
     AES_256_GCM_IV12_TAG16 = (0x0078, EncryptionSuite.AES_256_GCM_IV12_TAG16)
-    AES_128_GCM_IV12_TAG16_HKDF_SHA256 = (
-        0x0114,
-        EncryptionSuite.AES_128_GCM_IV12_TAG16,
-        KDFSuite.HKDF_SHA256,
-    )
-    AES_192_GCM_IV12_TAG16_HKDF_SHA256 = (
-        0x0146,
-        EncryptionSuite.AES_192_GCM_IV12_TAG16,
-        KDFSuite.HKDF_SHA256,
-    )
-    AES_256_GCM_IV12_TAG16_HKDF_SHA256 = (
-        0x0178,
-        EncryptionSuite.AES_256_GCM_IV12_TAG16,
-        KDFSuite.HKDF_SHA256,
-    )
+    AES_128_GCM_IV12_TAG16_HKDF_SHA256 = (0x0114, EncryptionSuite.AES_128_GCM_IV12_TAG16, KDFSuite.HKDF_SHA256)
+    AES_192_GCM_IV12_TAG16_HKDF_SHA256 = (0x0146, EncryptionSuite.AES_192_GCM_IV12_TAG16, KDFSuite.HKDF_SHA256)
+    AES_256_GCM_IV12_TAG16_HKDF_SHA256 = (0x0178, EncryptionSuite.AES_256_GCM_IV12_TAG16, KDFSuite.HKDF_SHA256)
     AES_128_GCM_IV12_TAG16_HKDF_SHA256_ECDSA_P256 = (
         0x0214,
         EncryptionSuite.AES_128_GCM_IV12_TAG16,
@@ -315,38 +295,12 @@ class WrappingAlgorithm(Enum):
         None,
     )
     RSA_PKCS1 = (EncryptionType.ASYMMETRIC, rsa, padding.PKCS1v15, None, None)
-    RSA_OAEP_SHA1_MGF1 = (
-        EncryptionType.ASYMMETRIC,
-        rsa,
-        padding.OAEP,
-        hashes.SHA1,
-        padding.MGF1,
-    )
-    RSA_OAEP_SHA256_MGF1 = (
-        EncryptionType.ASYMMETRIC,
-        rsa,
-        padding.OAEP,
-        hashes.SHA256,
-        padding.MGF1,
-    )
-    RSA_OAEP_SHA384_MGF1 = (
-        EncryptionType.ASYMMETRIC,
-        rsa,
-        padding.OAEP,
-        hashes.SHA384,
-        padding.MGF1,
-    )
-    RSA_OAEP_SHA512_MGF1 = (
-        EncryptionType.ASYMMETRIC,
-        rsa,
-        padding.OAEP,
-        hashes.SHA512,
-        padding.MGF1,
-    )
+    RSA_OAEP_SHA1_MGF1 = (EncryptionType.ASYMMETRIC, rsa, padding.OAEP, hashes.SHA1, padding.MGF1)
+    RSA_OAEP_SHA256_MGF1 = (EncryptionType.ASYMMETRIC, rsa, padding.OAEP, hashes.SHA256, padding.MGF1)
+    RSA_OAEP_SHA384_MGF1 = (EncryptionType.ASYMMETRIC, rsa, padding.OAEP, hashes.SHA384, padding.MGF1)
+    RSA_OAEP_SHA512_MGF1 = (EncryptionType.ASYMMETRIC, rsa, padding.OAEP, hashes.SHA512, padding.MGF1)
 
-    def __init__(
-        self, encryption_type, algorithm, padding_type, padding_algorithm, padding_mgf
-    ):
+    def __init__(self, encryption_type, algorithm, padding_type, padding_algorithm, padding_mgf):
         """Prepares new WrappingAlgorithm."""
         self.encryption_type = encryption_type
         self.algorithm = algorithm
 
@@ -58,9 +58,7 @@ def _build_hasher(self):
 
         :returns: Hasher object
         """
-        return hashes.Hash(
-            self.algorithm.signing_hash_type(), backend=default_backend()
-        )
+        return hashes.Hash(self.algorithm.signing_hash_type(), backend=default_backend())
 
 
 class Signer(_PrehashingAuthenticator):
@@ -81,9 +79,7 @@ def from_key_bytes(cls, algorithm, key_bytes):
         :param bytes key_bytes: Raw signing key
         :rtype: aws_encryption_sdk.internal.crypto.Signer
         """
-        key = serialization.load_der_private_key(
-            data=key_bytes, password=None, backend=default_backend()
-        )
+        key = serialization.load_der_private_key(data=key_bytes, password=None, backend=default_backend())
         return cls(algorithm, key)
 
     def key_bytes(self):
@@ -122,9 +118,7 @@ def finalize(self):
         :rtype: bytes
         """
         prehashed_digest = self._hasher.finalize()
-        return _ecc_static_length_signature(
-            key=self.key, algorithm=self.algorithm, digest=prehashed_digest
-        )
+        return _ecc_static_length_signature(key=self.key, algorithm=self.algorithm, digest=prehashed_digest)
 
 
 class Verifier(_PrehashingAuthenticator):
@@ -152,8 +146,7 @@ def from_encoded_point(cls, algorithm, encoded_point):
         return cls(
             algorithm=algorithm,
             key=_ecc_public_numbers_from_compressed_point(
-                curve=algorithm.signing_algorithm_info(),
-                compressed_point=base64.b64decode(encoded_point),
+                curve=algorithm.signing_algorithm_info(), compressed_point=base64.b64decode(encoded_point)
             ).public_key(default_backend()),
         )
 
@@ -168,10 +161,7 @@ def from_key_bytes(cls, algorithm, key_bytes):
         :rtype: aws_encryption_sdk.internal.crypto.Verifier
         """
         return cls(
-            algorithm=algorithm,
-            key=serialization.load_der_public_key(
-                data=key_bytes, backend=default_backend()
-            ),
+            algorithm=algorithm, key=serialization.load_der_public_key(data=key_bytes, backend=default_backend())
         )
 
     def key_bytes(self):
@@ -180,8 +170,7 @@ def key_bytes(self):
         :rtype: bytes
         """
         return self.key.public_bytes(
-            encoding=serialization.Encoding.DER,
-            format=serialization.PublicFormat.SubjectPublicKeyInfo,
+            encoding=serialization.Encoding.DER, format=serialization.PublicFormat.SubjectPublicKeyInfo
         )
 
     def update(self, data):
 
@@ -17,17 +17,8 @@
 import six
 from cryptography.hazmat.backends import default_backend
 from cryptography.hazmat.primitives.asymmetric import ec
-from cryptography.hazmat.primitives.asymmetric.utils import (
-    Prehashed,
-    decode_dss_signature,
-    encode_dss_signature,
-)
-from cryptography.utils import (
-    InterfaceNotImplemented,
-    int_from_bytes,
-    int_to_bytes,
-    verify_interface,
-)
+from cryptography.hazmat.primitives.asymmetric.utils import Prehashed, decode_dss_signature, encode_dss_signature
+from cryptography.utils import InterfaceNotImplemented, int_from_bytes, int_to_bytes, verify_interface
 
 from ...exceptions import NotSupportedError
 from ..str_ops import to_bytes
@@ -76,18 +67,14 @@ def _ecc_static_length_signature(key, algorithm, digest):
     signature = b""
     while len(signature) != algorithm.signature_len:
         _LOGGER.debug(
-            "Signature length %d is not desired length %d.  Recalculating.",
-            len(signature),
-            algorithm.signature_len,
+            "Signature length %d is not desired length %d.  Recalculating.", len(signature), algorithm.signature_len
         )
         signature = key.sign(digest, pre_hashed_algorithm)
         if len(signature) != algorithm.signature_len:
             # Most of the time, a signature of the wrong length can be fixed
             # by negating s in the signature relative to the group order.
             _LOGGER.debug(
-                "Signature length %d is not desired length %d.  Negating s.",
-                len(signature),
-                algorithm.signature_len,
+                "Signature length %d is not desired length %d.  Negating s.", len(signature), algorithm.signature_len
             )
             r, s = decode_dss_signature(signature)
             s = _ECC_CURVE_PARAMETERS[algorithm.signing_algorithm_info.name].order - s
@@ -149,9 +136,7 @@ def _ecc_decode_compressed_point(curve, compressed_point):
         try:
             params = _ECC_CURVE_PARAMETERS[curve.name]
         except KeyError:
-            raise NotSupportedError(
-                "Curve {name} is not supported at this time".format(name=curve.name)
-            )
+            raise NotSupportedError("Curve {name} is not supported at this time".format(name=curve.name))
         alpha = (pow(x, 3, params.p) + (params.a * x % params.p) + params.b) % params.p
         # Only works for p % 4 == 3 at this time.
         # This is the case for all currently supported algorithms.
@@ -199,8 +184,6 @@ def generate_ecc_signing_key(algorithm):
     """
     try:
         verify_interface(ec.EllipticCurve, algorithm.signing_algorithm_info)
-        return ec.generate_private_key(
-            curve=algorithm.signing_algorithm_info(), backend=default_backend()
-        )
+        return ec.generate_private_key(curve=algorithm.signing_algorithm_info(), backend=default_backend())
     except InterfaceNotImplemented:
         raise NotSupportedError("Unsupported signing algorithm info")
@@ -39,9 +39,7 @@ def __init__(self, algorithm, key, associated_data, iv):
         # This is intentionally generic to leave an option for non-Cipher encryptor types in the future.
         self.iv = iv
         self._encryptor = Cipher(
-            algorithm.encryption_algorithm(key),
-            algorithm.encryption_mode(self.iv),
-            backend=default_backend(),
+            algorithm.encryption_algorithm(key), algorithm.encryption_mode(self.iv), backend=default_backend()
         ).encryptor()
 
         # associated_data will be authenticated but not encrypted,
@@ -110,9 +108,7 @@ def __init__(self, algorithm, key, associated_data, iv, tag):
         # Construct a decryptor object with the given key and a provided IV.
         # This is intentionally generic to leave an option for non-Cipher decryptor types in the future.
         self._decryptor = Cipher(
-            algorithm.encryption_algorithm(key),
-            algorithm.encryption_mode(iv, tag),
-            backend=default_backend(),
+            algorithm.encryption_algorithm(key), algorithm.encryption_mode(iv, tag), backend=default_backend()
         ).decryptor()
 
         # Put associated_data back in or the tag will fail to verify when the _decryptor is finalized.
@@ -151,7 +147,5 @@ def decrypt(algorithm, key, encrypted_data, associated_data):
     :returns: Plaintext of body
     :rtype: bytes
     """
-    decryptor = Decryptor(
-        algorithm, key, associated_data, encrypted_data.iv, encrypted_data.tag
-    )
+    decryptor = Decryptor(algorithm, key, associated_data, encrypted_data.iv, encrypted_data.tag)
     return decryptor.update(encrypted_data.ciphertext) + decryptor.finalize()
@@ -29,9 +29,7 @@
 #: Default message structure Type as defined in specification
 TYPE = aws_encryption_sdk.identifiers.ObjectType.CUSTOMER_AE_DATA
 #: Default algorithm as defined in specification
-ALGORITHM = (
-    aws_encryption_sdk.identifiers.AlgorithmSuite.AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384
-)
+ALGORITHM = aws_encryption_sdk.identifiers.AlgorithmSuite.AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384
 
 #: Key to add encoded signing key to encryption context dictionary as defined in specification
 ENCODED_SIGNER_KEY = "aws-crypto-public-key"