otdf-python 0.3.4__py3-none-any.whl → 0.4.0__py3-none-any.whl

otdf_python/policy_info.py

@@ -2,14 +2,10 @@ class PolicyInfo:
     def __init__(
         self,
         policy_type: int = 0,
-        has_ecdsa_binding: bool = False,
         body: bytes | None = None,
-        binding: bytes | None = None,
     ):
         self.policy_type = policy_type
-        self.has_ecdsa_binding = has_ecdsa_binding
         self.body = body
-        self.binding = binding
 
     def set_embedded_plain_text_policy(self, body: bytes):
         self.body = body
@@ -19,21 +15,13 @@ class PolicyInfo:
         self.body = body
         self.policy_type = 2  # Placeholder for EMBEDDED_POLICY_ENCRYPTED
 
-    def set_policy_binding(self, binding: bytes):
-        self.binding = binding
-
     def get_body(self) -> bytes | None:
         return self.body
 
-    def get_binding(self) -> bytes | None:
-        return self.binding
-
     def get_total_size(self) -> int:
         size = 1  # policy_type
         size += 2  # body_len
         size += len(self.body) if self.body else 0
-        size += 1  # binding_len
-        size += len(self.binding) if self.binding else 0
         return size
 
     def write_into_buffer(self, buffer: bytearray, offset: int = 0) -> int:
@@ -46,33 +34,22 @@ class PolicyInfo:
         if self.body:
             buffer[offset : offset + body_len] = self.body
             offset += body_len
-        binding_len = len(self.binding) if self.binding else 0
-        buffer[offset] = binding_len
-        offset += 1
-        if self.binding:
-            buffer[offset : offset + binding_len] = self.binding
-            offset += binding_len
         return offset - start
 
     @staticmethod
     def from_bytes_with_size(buffer: bytes, ecc_mode):
-        # Based on Java implementation: parse policy_type (1 byte), body_len (2 bytes), body, binding_len (1 byte), binding
+        # Parse policy_type (1 byte), body_len (2 bytes), body
+        # Note: binding is NOT part of PolicyInfo - it's read separately in Header
         offset = 0
-        if len(buffer) < 4:
+        if len(buffer) < 3:
             raise ValueError("Buffer too short for PolicyInfo header")
         policy_type = buffer[offset]
         offset += 1
         body_len = int.from_bytes(buffer[offset : offset + 2], "big")
         offset += 2
-        if len(buffer) < offset + body_len + 1:
+        if len(buffer) < offset + body_len:
             raise ValueError("Buffer too short for PolicyInfo body")
         body = buffer[offset : offset + body_len]
         offset += body_len
-        binding_len = buffer[offset]
-        offset += 1
-        if len(buffer) < offset + binding_len:
-            raise ValueError("Buffer too short for PolicyInfo binding")
-        binding = buffer[offset : offset + binding_len]
-        offset += binding_len
-        pi = PolicyInfo(policy_type=policy_type, body=body, binding=binding)
+        pi = PolicyInfo(policy_type=policy_type, body=body)
         return pi, offset

otdf_python/resource_locator.py

@@ -1,7 +1,31 @@
 class ResourceLocator:
+    """
+    NanoTDF Resource Locator per the spec:
+    https://github.com/opentdf/spec/blob/main/schema/nanotdf/README.md
+
+    Format:
+    - Byte 0: Protocol Enum (bits 0-3) + Identifier Length (bits 4-7)
+      - Protocol: 0x0=HTTP, 0x1=HTTPS, 0xF=Shared Resource Directory
+      - Identifier: 0x0=None, 0x1=2 bytes, 0x2=8 bytes, 0x3=32 bytes
+    - Byte 1: Body Length (1-255 bytes)
+    - Bytes 2-N: Body (URL path)
+    - Bytes N+1-M: Identifier (optional, 0/2/8/32 bytes)
+    """
+
+    # Protocol enum values
+    PROTOCOL_HTTP = 0x0
+    PROTOCOL_HTTPS = 0x1
+    PROTOCOL_SHARED_RESOURCE_DIR = 0xF
+
+    # Identifier length enum values (in bits 4-7)
+    IDENTIFIER_NONE = 0x0
+    IDENTIFIER_2_BYTES = 0x1
+    IDENTIFIER_8_BYTES = 0x2
+    IDENTIFIER_32_BYTES = 0x3
+
     def __init__(self, resource_url: str | None = None, identifier: str | None = None):
-        self.resource_url = resource_url
-        self.identifier = identifier
+        self.resource_url = resource_url or ""
+        self.identifier = identifier or ""
 
     def get_resource_url(self):
         return self.resource_url
@@ -9,13 +33,68 @@ class ResourceLocator:
     def get_identifier(self):
         return self.identifier
 
+    def _parse_url(self):
+        """Parse URL to extract protocol and body (path)."""
+        url = self.resource_url
+        if url.startswith("https://"):
+            protocol = self.PROTOCOL_HTTPS
+            body = url[8:]  # Remove "https://"
+        elif url.startswith("http://"):
+            protocol = self.PROTOCOL_HTTP
+            body = url[7:]  # Remove "http://"
+        else:
+            # Default to HTTP
+            protocol = self.PROTOCOL_HTTP
+            body = url
+        return protocol, body.encode()
+
+    def _get_identifier_bytes(self):
+        """Get identifier bytes and determine identifier length enum."""
+        if not self.identifier:
+            return self.IDENTIFIER_NONE, b""
+
+        id_bytes = self.identifier.encode()
+        id_len = len(id_bytes)
+
+        if id_len == 0:
+            return self.IDENTIFIER_NONE, b""
+        elif id_len <= 2:
+            # Pad to 2 bytes
+            return self.IDENTIFIER_2_BYTES, id_bytes.ljust(2, b"\x00")
+        elif id_len <= 8:
+            # Pad to 8 bytes
+            return self.IDENTIFIER_8_BYTES, id_bytes.ljust(8, b"\x00")
+        elif id_len <= 32:
+            # Pad to 32 bytes
+            return self.IDENTIFIER_32_BYTES, id_bytes.ljust(32, b"\x00")
+        else:
+            raise ValueError(f"Identifier too long: {id_len} bytes (max 32)")
+
     def to_bytes(self):
-        # Based on Java implementation: [url_len][url_bytes][id_len][id_bytes], each len is 1 byte
-        url_bytes = (self.resource_url or "").encode()
-        id_bytes = (self.identifier or "").encode()
-        if len(url_bytes) > 255 or len(id_bytes) > 255:
-            raise ValueError("ResourceLocator fields too long for 1-byte length prefix")
-        return bytes([len(url_bytes)]) + url_bytes + bytes([len(id_bytes)]) + id_bytes
+        """
+        Convert to NanoTDF Resource Locator format per spec.
+
+        Format:
+        - Byte 0: Protocol Enum (bits 0-3) + Identifier Length (bits 4-7)
+        - Byte 1: Body Length
+        - Bytes 2-N: Body (URL path)
+        - Bytes N+1-M: Identifier (0/2/8/32 bytes)
+        """
+        protocol, body_bytes = self._parse_url()
+        identifier_enum, identifier_bytes = self._get_identifier_bytes()
+
+        if len(body_bytes) > 255:
+            raise ValueError(
+                f"Resource Locator body too long: {len(body_bytes)} bytes (max 255)"
+            )
+
+        # Byte 0: protocol in bits 0-3, identifier length in bits 4-7
+        protocol_and_id = (identifier_enum << 4) | protocol
+
+        # Byte 1: body length
+        body_len = len(body_bytes)
+
+        return bytes([protocol_and_id, body_len]) + body_bytes + identifier_bytes
 
     def get_total_size(self) -> int:
         return len(self.to_bytes())
@@ -26,19 +105,68 @@ class ResourceLocator:
         return len(data)
 
     @staticmethod
-    def from_bytes_with_size(buffer: bytes):
-        # Based on Java implementation: [url_len][url_bytes][id_len][id_bytes]
+    def from_bytes_with_size(buffer: bytes):  # noqa: C901
+        """
+        Parse NanoTDF Resource Locator from bytes per spec.
+
+        Format:
+        - Byte 0: Protocol Enum (bits 0-3) + Identifier Length (bits 4-7)
+        - Byte 1: Body Length
+        - Bytes 2-N: Body (URL path)
+        - Bytes N+1-M: Identifier (0/2/8/32 bytes)
+        """
         if len(buffer) < 2:
             raise ValueError("Buffer too short for ResourceLocator")
-        url_len = buffer[0]
-        if len(buffer) < 1 + url_len + 1:
-            raise ValueError("Buffer too short for ResourceLocator url")
-        url_bytes = buffer[1 : 1 + url_len]
-        id_len = buffer[1 + url_len]
-        if len(buffer) < 1 + url_len + 1 + id_len:
-            raise ValueError("Buffer too short for ResourceLocator id")
-        id_bytes = buffer[1 + url_len + 1 : 1 + url_len + 1 + id_len]
-        resource_url = url_bytes.decode()
-        identifier = id_bytes.decode()
-        size = 1 + url_len + 1 + id_len
+
+        # Parse byte 0: protocol and identifier length
+        protocol_and_id = buffer[0]
+        protocol = protocol_and_id & 0x0F  # Bits 0-3
+        identifier_enum = (protocol_and_id >> 4) & 0x0F  # Bits 4-7
+
+        # Parse byte 1: body length
+        body_len = buffer[1]
+
+        if len(buffer) < 2 + body_len:
+            raise ValueError(
+                f"Buffer too short for ResourceLocator body (need {2 + body_len}, have {len(buffer)})"
+            )
+
+        # Parse body (URL path)
+        body_bytes = buffer[2 : 2 + body_len]
+        body = body_bytes.decode()
+
+        # Reconstruct full URL with protocol
+        if protocol == ResourceLocator.PROTOCOL_HTTPS:
+            resource_url = f"https://{body}"
+        elif protocol == ResourceLocator.PROTOCOL_HTTP:
+            resource_url = f"http://{body}"
+        else:
+            resource_url = body
+
+        # Parse identifier based on identifier_enum
+        offset = 2 + body_len
+        if identifier_enum == ResourceLocator.IDENTIFIER_NONE:
+            identifier_len = 0
+        elif identifier_enum == ResourceLocator.IDENTIFIER_2_BYTES:
+            identifier_len = 2
+        elif identifier_enum == ResourceLocator.IDENTIFIER_8_BYTES:
+            identifier_len = 8
+        elif identifier_enum == ResourceLocator.IDENTIFIER_32_BYTES:
+            identifier_len = 32
+        else:
+            raise ValueError(f"Invalid identifier length enum: {identifier_enum}")
+
+        if len(buffer) < offset + identifier_len:
+            raise ValueError(
+                f"Buffer too short for ResourceLocator identifier (need {offset + identifier_len}, have {len(buffer)})"
+            )
+
+        if identifier_len > 0:
+            identifier_bytes = buffer[offset : offset + identifier_len]
+            # Remove padding
+            identifier = identifier_bytes.rstrip(b"\x00").decode()
+        else:
+            identifier = ""
+
+        size = 2 + body_len + identifier_len
         return ResourceLocator(resource_url, identifier), size

otdf_python/sdk.py

@@ -119,7 +119,7 @@ class KAS(AbstractContextManager):
             Unwrapped key as bytes
         """
         if mock and wrapped_key and kas_private_key:
-            from .asym_decryption import AsymDecryption
+            from .asym_crypto import AsymDecryption
 
             asym = AsymDecryption(private_key_pem=kas_private_key)
             return asym.decrypt(wrapped_key)

otdf_python/tdf.py

@@ -87,7 +87,7 @@ class TDF:
         import hashlib
         import hmac
 
-        from otdf_python.asym_crypto import AsymEncryption
+        from .asym_crypto import AsymEncryption
 
         key_access_objs = []
         for kas in kas_infos:
@@ -188,7 +188,7 @@ class TDF:
         """
         Unwraps the key locally using a provided private key (used for testing)
         """
-        from otdf_python.asym_decryption import AsymDecryption
+        from .asym_crypto import AsymDecryption
 
         key = None
         for ka in key_access_objs:
@@ -430,7 +430,8 @@ class TDF:
         import zipfile
 
         from otdf_python.aesgcm import AesGcm
-        from otdf_python.asym_crypto import AsymDecryption
+
+        from .asym_crypto import AsymDecryption
 
         with zipfile.ZipFile(io.BytesIO(tdf_bytes), "r") as z:
             manifest_json = z.read("0.manifest.json").decode()

{otdf_python-0.3.4.dist-info → otdf_python-0.4.0.dist-info}/METADATA

@@ -1,11 +1,28 @@
 Metadata-Version: 2.4
 Name: otdf-python
-Version: 0.3.4
+Version: 0.4.0
 Summary: Unofficial OpenTDF SDK for Python
+Project-URL: Homepage, https://github.com/b-long/opentdf-python-sdk
+Project-URL: Repository, https://github.com/b-long/opentdf-python-sdk
+Project-URL: Issues, https://github.com/b-long/opentdf-python-sdk/issues
 Author-email: b-long <b-long@users.noreply.github.com>
 License-File: LICENSE
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3 :: Only
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Programming Language :: Python :: 3.14
+Classifier: Topic :: Security :: Cryptography
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
+Classifier: Typing :: Typed
 Requires-Python: >=3.10
-Requires-Dist: connect-python[compiler]>=0.4.2
+Requires-Dist: connect-python[compiler]<0.5,>=0.4.2
 Requires-Dist: cryptography>=45.0.4
 Requires-Dist: grpcio-status>=1.74.0
 Requires-Dist: grpcio-tools>=1.74.0

{otdf_python-0.3.4.dist-info → otdf_python-0.4.0.dist-info}/RECORD

@@ -3,12 +3,10 @@ otdf_python/__main__.py,sha256=V9cmvhX9Ht2wpPOHGrw_onBogStJnuWTx9eyiezEDsQ,276
 otdf_python/address_normalizer.py,sha256=pv7RoG4Dwac6so7NK1zCsVZBNFCcQK3cj_4iW6FPnRw,2815
 otdf_python/aesgcm.py,sha256=KhMabIUYxxp1gUwdwNLiwD-SvmJPqW2PunbgeguMEh8,1666
 otdf_python/assertion_config.py,sha256=P2Pc1OxMk9Ln6bvp1ZI8j66Q7uoZoYB7oMB6WLG38Y8,1763
-otdf_python/asym_crypto.py,sha256=GzijIWYhWeazEwXYw-s8fRHVS7JLxDqHVcl7oRSOx_A,3008
-otdf_python/asym_decryption.py,sha256=eVfgfzFHMK4ni3g-u8fBe3sdF02eo_msZouo19UBlh4,1981
-otdf_python/asym_encryption.py,sha256=ex-S_PvBnWKSSvbocTjJ_p5VQjjeiThcc9bMRZqvifw,2932
+otdf_python/asym_crypto.py,sha256=dwx3lUxUt3e8JA9z2lQrpsOBA3x36DN07bQbcVGZBvI,7251
 otdf_python/auth_headers.py,sha256=a0TQD36QKXO1G4swume2wx3Sk9zQsSWEAQJnST2DlH0,966
 otdf_python/autoconfigure_utils.py,sha256=NiNtbapBoIO-6kM59HRvX3Kj_Z0IRMrTkFlXjwuNfPc,3236
-otdf_python/cli.py,sha256=XotWLHHEhxwIB9vnwkR2leEV0Q_hhcdceSvcWXyAMrE,19460
+otdf_python/cli.py,sha256=0wXan-QrKQllIlSCnXDsFAT1EQpH7gv7g6TZKIVGI8E,19883
 otdf_python/collection_store.py,sha256=MH1RxlevRVFj5lBS_6DN3zz5ZgOhBjD0P7AYBLBqS0o,1004
 otdf_python/collection_store_impl.py,sha256=g3YeSwMeXr1BNmwmFr75fv9ptPjieC36Bhct-Jf1trw,613
 otdf_python/config.py,sha256=uGYVByTWl7pWcKRER41ef-ay5VevIbOyUAEd6BIArVg,2185
@@ -16,30 +14,32 @@ otdf_python/connect_client.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU
 otdf_python/constants.py,sha256=SFGjrzB1GK4CkSZgNlEUIAZMY37MelTxgc8ajXIAhoc,53
 otdf_python/crypto_utils.py,sha256=KsNss9EC-wHs1nCiKivDnxJSMv0uxGlWLDcCowadcV8,2837
 otdf_python/dpop.py,sha256=ssKXTGydJS--rBTCqX9Y8qy-c5Um4pIZPG3DZcj0rWU,2301
-otdf_python/ecc_mode.py,sha256=PUJJ6n0jk0IKKNVZ1_tWGPPujGR4fny4m5JBkUhPimo,1085
+otdf_python/ecc_constants.py,sha256=uZkYeuhSnqCLjnrINOsaQQhdCKUTKLwL0t2Cswou4BA,5892
+otdf_python/ecc_mode.py,sha256=8q-R_XR9WWmuzwI0gI6RQpsEzK8PD8Hi8uuDCvSsGXY,3077
+otdf_python/ecdh.py,sha256=D8jHIZHYeQwCGCtjd3FJLXqIXnnYeEqSRLiWoiHZm1k,10233
 otdf_python/eckeypair.py,sha256=4uZfdJaqSxW605FhU58Gko06mixSNoDOGBgVpP5VlSQ,2324
-otdf_python/header.py,sha256=QGxqo5yfuJIFrEntLGoETYC8ihc9tszXc2IjtETCVmg,5379
+otdf_python/header.py,sha256=0p259_GNO9aumUg0KOBZkiawKZTdFzoYVcyHaMCMVC8,7045
 otdf_python/invalid_zip_exception.py,sha256=YEU20hM5_yE-RWJncPZobcqj4a90RAuahB54VjAS2SU,213
-otdf_python/kas_client.py,sha256=vjOP3o7ip2cWqfE4FB1sHWqXWWY-aXPI-PnaKsPPEF4,22464
+otdf_python/kas_client.py,sha256=NP8T6G5SWuciJbYnX0QNrGGlpMhqTYbcjED2tfiTr8U,25938
 otdf_python/kas_connect_rpc_client.py,sha256=LRhdFF6d8qz_BDFN4WMu0Kn-ZynvKMEWmuHYPj09A6Q,7862
 otdf_python/kas_info.py,sha256=STnyPo-Vu_rzVQRdQl8mUGPK8eZE2vY4oPkI-PqrZJM,687
 otdf_python/kas_key_cache.py,sha256=Ems2NyKC_3yh_xs8k4_n2gA3Jb-9nCeRRjIdz1LRC9I,1472
 otdf_python/key_type.py,sha256=cwhlh6DOFG5C8JlCxFqXYi0SJDlOLUkxceg7L8arFNk,816
 otdf_python/key_type_constants.py,sha256=ghridYdhFMLKDa_9Q5cplrl8DqdEgApd--20bJ-MBtA,1001
 otdf_python/manifest.py,sha256=Uv-Hvo9hOPLrSPTeKQpDvNeHzq7qSmJ5HYtkgGwVppE,6419
-otdf_python/nanotdf.py,sha256=zklLXXEbX5uHO11ebnI4pgo_bVp94I2deXKjN0tjExs,20214
+otdf_python/nanotdf.py,sha256=3pQ5Lip_pExhdfj2wqm58RS1Tb7A9f7dcxGIzVXSDuQ,33828
 otdf_python/nanotdf_ecdsa_struct.py,sha256=nRScIJLeNcbxBBE9DlG15I7EXGTkH0ITib1ra-C1-uQ,4100
 otdf_python/nanotdf_type.py,sha256=40PyDd62iDwcfmS7rhUeQE2B0W6FYIeCpi5cDmMO7d4,819
 otdf_python/policy_binding_serializer.py,sha256=8d9MizhLTdy14ghdAvhXRBA8KzKt6Nf9kmmU9hoWhrQ,1169
-otdf_python/policy_info.py,sha256=n9hgdQrTRqPO7O1R90EUtIyoWNlaABAF7mRfbjIzaX8,2861
+otdf_python/policy_info.py,sha256=HGAOkxyB1I0N8_nHpnFkJXYJaycYsetqvWFNTxwwPi0,1951
 otdf_python/policy_object.py,sha256=zzwHk6jhZwpiX2BWxTJ1kDl3cgFijQfQrKJP3OqI35Q,380
 otdf_python/policy_stub.py,sha256=BQn06Ye5MwCu9feJZFPmO_UTfhugtiQa539iBkSQwhQ,117
-otdf_python/resource_locator.py,sha256=zYN5yd9cGwN9SRQO2tUD1UXj2zkPl2apd-X4E1MrnDg,1879
-otdf_python/sdk.py,sha256=rihHwRwMzS1xu6eiJZ79Y2biDwPEZvqiQoFw97ma9-Q,14211
+otdf_python/resource_locator.py,sha256=vrTWtkIh82Ba4KRS6k6Pm92lQG5KazIQ18xX4VoX86Y,6050
+otdf_python/sdk.py,sha256=7KKsjlUXL8_rUFVKoHFW37jvzS9Pi8Cww86NPyp3Kjw,14207
 otdf_python/sdk_builder.py,sha256=jgswTxnAfKXDGqEOIQwEiE3S0Jh0w5HMtPxHwUFIu-U,14655
 otdf_python/sdk_exceptions.py,sha256=L_bYkkyF-hnEBFXfjT5C41i5lM-t8OJB5mU_1zYvfP8,479
 otdf_python/symmetric_and_payload_config.py,sha256=D_LArhk1gA5-tpUiaUZTTM90ZKdc3DCq1a6X8etCir8,992
-otdf_python/tdf.py,sha256=T4Wr7cc-QcQ607F4RfqWieTpQdaeOndGnLqx4Di9B_M,19648
+otdf_python/tdf.py,sha256=WYfCVn7BAEBKTVEPT0SSYuCI0S6S_TgYB3C3FbHProU,19612
 otdf_python/tdf_reader.py,sha256=XQ3CuIXSOVRuBMYv2YIYlyaY-tHQA85HHHqNBoXNH9o,5267
 otdf_python/tdf_writer.py,sha256=DVEGEl8pyBm1JK2K-9BJKmT2TqvQXokPkthAQMwgCkk,645
 otdf_python/token_source.py,sha256=tfHWcIpPQ3FR45DUDiKz6q_vBaHH_HNifnnIpDVbMD8,923
@@ -131,7 +131,7 @@ otdf_python_proto/wellknownconfiguration/__init__.py,sha256=X3GeZJ1mG_N1MViryjkq
 otdf_python_proto/wellknownconfiguration/wellknown_configuration_pb2.py,sha256=g9xSm9TxX0IPMqiFCaridJvI2TrL8PrXVFPgu8tX9VM,3863
 otdf_python_proto/wellknownconfiguration/wellknown_configuration_pb2.pyi,sha256=Zw4vROvTgomnFqsalJrYda632ojXH0FVXSzTXxerybw,1490
 otdf_python_proto/wellknownconfiguration/wellknown_configuration_pb2_connect.py,sha256=i9rGG2mgQZfk6xGCp1ywu4QqKWSiwpuLoNKGUwl43t8,5346
-otdf_python-0.3.4.dist-info/METADATA,sha256=3mt22hjKkKrXHv1GFyqQUO1JQTKdvDe4CsazN6x5pYY,4225
-otdf_python-0.3.4.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-otdf_python-0.3.4.dist-info/licenses/LICENSE,sha256=DPrPHdI6tfZcqk9kzQ37vh1Ftk7LJYdMrUtwKl7L3Pw,1074
-otdf_python-0.3.4.dist-info/RECORD,,
+otdf_python-0.4.0.dist-info/METADATA,sha256=Hpm2WiRbzRfr38wswo45o8X-p-R2Nlt8AAap09WxKiQ,5132
+otdf_python-0.4.0.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+otdf_python-0.4.0.dist-info/licenses/LICENSE,sha256=DPrPHdI6tfZcqk9kzQ37vh1Ftk7LJYdMrUtwKl7L3Pw,1074
+otdf_python-0.4.0.dist-info/RECORD,,

otdf_python/asym_decryption.py

@@ -1,53 +0,0 @@
-import base64
-
-from cryptography.hazmat.backends import default_backend
-from cryptography.hazmat.primitives import hashes, serialization
-from cryptography.hazmat.primitives.asymmetric import padding
-
-from .sdk_exceptions import SDKException
-
-
-class AsymDecryption:
-    """
-    Class providing functionality for asymmetric decryption using an RSA private key.
-    """
-
-    CIPHER_TRANSFORM = "RSA/ECB/OAEPWithSHA-1AndMGF1Padding"
-    PRIVATE_KEY_HEADER = "-----BEGIN PRIVATE KEY-----"
-    PRIVATE_KEY_FOOTER = "-----END PRIVATE KEY-----"
-
-    def __init__(self, private_key_pem: str | None = None, private_key_obj=None):
-        if private_key_obj is not None:
-            self.private_key = private_key_obj
-        elif private_key_pem is not None:
-            try:
-                private_key_pem = (
-                    private_key_pem.replace(self.PRIVATE_KEY_HEADER, "")
-                    .replace(self.PRIVATE_KEY_FOOTER, "")
-                    .replace("\n", "")
-                    .replace("\r", "")
-                    .replace(" ", "")
-                )
-                decoded = base64.b64decode(private_key_pem)
-                self.private_key = serialization.load_der_private_key(
-                    decoded, password=None, backend=default_backend()
-                )
-            except Exception as e:
-                raise SDKException(f"Failed to load private key: {e}")
-        else:
-            self.private_key = None
-
-    def decrypt(self, data: bytes) -> bytes:
-        if self.private_key is None:
-            raise SDKException("Failed to decrypt, private key is empty")
-        try:
-            return self.private_key.decrypt(
-                data,
-                padding.OAEP(
-                    mgf=padding.MGF1(algorithm=hashes.SHA1()),
-                    algorithm=hashes.SHA1(),
-                    label=None,
-                ),
-            )
-        except Exception as e:
-            raise SDKException(f"Error performing decryption: {e}")

otdf_python/asym_encryption.py

@@ -1,75 +0,0 @@
-import base64
-import re
-
-from cryptography.hazmat.backends import default_backend
-from cryptography.hazmat.primitives import hashes, serialization
-from cryptography.hazmat.primitives.asymmetric import padding
-from cryptography.x509 import load_pem_x509_certificate
-
-from .sdk_exceptions import SDKException
-
-
-class AsymEncryption:
-    """
-    Provides methods for asymmetric encryption and handling public keys in PEM format.
-    """
-
-    PUBLIC_KEY_HEADER = "-----BEGIN PUBLIC KEY-----"
-    PUBLIC_KEY_FOOTER = "-----END PUBLIC KEY-----"
-    CIPHER_TRANSFORM = "RSA/ECB/OAEPWithSHA-1AndMGF1Padding"
-
-    def __init__(self, public_key_pem: str | None = None, public_key_obj=None):
-        if public_key_obj is not None:
-            self.public_key = public_key_obj
-        elif public_key_pem is not None:
-            try:
-                if "BEGIN CERTIFICATE" in public_key_pem:
-                    cert = load_pem_x509_certificate(
-                        public_key_pem.encode(), default_backend()
-                    )
-                    self.public_key = cert.public_key()
-                else:
-                    # Remove PEM headers/footers and whitespace
-                    pem_body = re.sub(r"-----BEGIN (.*)-----", "", public_key_pem)
-                    pem_body = re.sub(r"-----END (.*)-----", "", pem_body)
-                    pem_body = re.sub(r"\s", "", pem_body)
-                    decoded = base64.b64decode(pem_body)
-                    self.public_key = serialization.load_der_public_key(
-                        decoded, backend=default_backend()
-                    )
-            except Exception as e:
-                raise SDKException(f"Failed to load public key: {e}")
-        else:
-            self.public_key = None
-
-        from cryptography.hazmat.primitives.asymmetric.rsa import RSAPublicKey
-
-        if self.public_key is not None and not isinstance(
-            self.public_key, RSAPublicKey
-        ):
-            raise SDKException("Not an RSA PEM formatted public key")
-
-    def encrypt(self, data: bytes) -> bytes:
-        if self.public_key is None:
-            raise SDKException("Failed to encrypt, public key is empty")
-        try:
-            return self.public_key.encrypt(
-                data,
-                padding.OAEP(
-                    mgf=padding.MGF1(algorithm=hashes.SHA1()),
-                    algorithm=hashes.SHA1(),
-                    label=None,
-                ),
-            )
-        except Exception as e:
-            raise SDKException(f"Error performing encryption: {e}")
-
-    def public_key_in_pem_format(self) -> str:
-        try:
-            pem = self.public_key.public_bytes(
-                encoding=serialization.Encoding.PEM,
-                format=serialization.PublicFormat.SubjectPublicKeyInfo,
-            )
-            return pem.decode()
-        except Exception as e:
-            raise SDKException(f"Error exporting public key to PEM: {e}")