pangea-sdk 1.3.0__py3-none-any.whl → 1.5.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pangea/__init__.py +1 -1
- pangea/deep_verify.py +2 -2
- pangea/dump_audit.py +3 -9
- pangea/exceptions.py +40 -2
- pangea/request.py +40 -7
- pangea/response.py +8 -0
- pangea/services/__init__.py +1 -0
- pangea/services/audit/audit.py +28 -7
- pangea/services/audit/models.py +12 -0
- pangea/services/audit/util.py +6 -1
- pangea/services/intel.py +270 -82
- pangea/services/vault/models/asymmetric.py +67 -0
- pangea/services/vault/models/common.py +337 -0
- pangea/services/vault/models/secret.py +24 -0
- pangea/services/vault/models/symmetric.py +61 -0
- pangea/services/vault/vault.py +458 -0
- pangea/{tools_util.py → tools.py} +7 -9
- pangea/utils.py +22 -0
- {pangea_sdk-1.3.0.dist-info → pangea_sdk-1.5.0.dist-info}/METADATA +4 -3
- pangea_sdk-1.5.0.dist-info/RECORD +30 -0
- {pangea_sdk-1.3.0.dist-info → pangea_sdk-1.5.0.dist-info}/WHEEL +1 -1
- pangea_sdk-1.3.0.dist-info/RECORD +0 -24
@@ -0,0 +1,337 @@
|
|
1
|
+
# Copyright 2022 Pangea Cyber Corporation
|
2
|
+
# Author: Pangea Cyber Corporation
|
3
|
+
import datetime
|
4
|
+
import enum
|
5
|
+
from typing import Any, Dict, List, NewType, Optional, Union
|
6
|
+
|
7
|
+
from pangea.response import APIRequestModel, PangeaResponseResult
|
8
|
+
|
9
|
+
# EncodedPublicKey is a PEM public key, with no further encoding (i.e. no base64)
|
10
|
+
# It may be used for example in openssh with no further processing
|
11
|
+
EncodedPublicKey = NewType("EncodedPublicKey", str)
|
12
|
+
|
13
|
+
# EncodedPrivateKey is a PEM private key, with no further encoding (i.e. no base64).
|
14
|
+
# It may be used for example in openssh with no further processing
|
15
|
+
EncodedPrivateKey = NewType("EncodedPrivateKey", str)
|
16
|
+
|
17
|
+
# EncodedSymmetricKey is a base64 encoded key
|
18
|
+
EncodedSymmetricKey = NewType("EncodedSymmetricKey", str)
|
19
|
+
|
20
|
+
|
21
|
+
class KeyPurpose(str, enum.Enum):
|
22
|
+
SIGNING = "signing"
|
23
|
+
ENCRYPTION = "encryption"
|
24
|
+
JWT = "jwt"
|
25
|
+
|
26
|
+
def __str__(self):
|
27
|
+
return str(self.value)
|
28
|
+
|
29
|
+
def __repr__(self):
|
30
|
+
return str(self.value)
|
31
|
+
|
32
|
+
|
33
|
+
class AsymmetricAlgorithm(str, enum.Enum):
|
34
|
+
Ed25519 = "ed25519"
|
35
|
+
RSA = "rsa"
|
36
|
+
ES256 = "es256"
|
37
|
+
ES384 = "es384"
|
38
|
+
ES512 = "es512"
|
39
|
+
|
40
|
+
def __str__(self):
|
41
|
+
return str(self.value)
|
42
|
+
|
43
|
+
def __repr__(self):
|
44
|
+
return str(self.value)
|
45
|
+
|
46
|
+
|
47
|
+
class SymmetricAlgorithm(str, enum.Enum):
|
48
|
+
AES = "aes"
|
49
|
+
HS256 = "hs256"
|
50
|
+
HS384 = "hs384"
|
51
|
+
HS512 = "hs512"
|
52
|
+
|
53
|
+
def __str__(self):
|
54
|
+
return str(self.value)
|
55
|
+
|
56
|
+
def __repr__(self):
|
57
|
+
return str(self.value)
|
58
|
+
|
59
|
+
|
60
|
+
Metadata = NewType("Metadata", Dict[str, str])
|
61
|
+
Tags = NewType("Tags", List[str])
|
62
|
+
|
63
|
+
|
64
|
+
class ItemOrder(str, enum.Enum):
|
65
|
+
ASC = "asc"
|
66
|
+
DESC = "desc"
|
67
|
+
|
68
|
+
def __str__(self):
|
69
|
+
return str(self.value)
|
70
|
+
|
71
|
+
def __repr__(self):
|
72
|
+
return str(self.value)
|
73
|
+
|
74
|
+
|
75
|
+
class ItemOrderBy(str, enum.Enum):
|
76
|
+
TYPE = "type"
|
77
|
+
CREATED_AT = "created_at"
|
78
|
+
DESTROYED_AT = "destroyed_at"
|
79
|
+
IDENTITY = "identity"
|
80
|
+
PURPOSE = "purpose"
|
81
|
+
EXPIRATION = "expiration"
|
82
|
+
LAST_ROTATED = "last_rotated"
|
83
|
+
NEXT_ROTATION = "next_rotation"
|
84
|
+
NAME = "name"
|
85
|
+
FOLDER = "folder"
|
86
|
+
VERSION = "version"
|
87
|
+
|
88
|
+
def __str__(self):
|
89
|
+
return str(self.value)
|
90
|
+
|
91
|
+
def __repr__(self):
|
92
|
+
return str(self.value)
|
93
|
+
|
94
|
+
|
95
|
+
class ItemType(str, enum.Enum):
|
96
|
+
ASYMMETRIC_KEY = "asymmetric_key"
|
97
|
+
SYMMETRIC_KEY = "symmetric_key"
|
98
|
+
SECRET = "secret"
|
99
|
+
PANGEA_TOKEN = "pangea_token"
|
100
|
+
|
101
|
+
def __str__(self):
|
102
|
+
return str(self.value)
|
103
|
+
|
104
|
+
def __repr__(self):
|
105
|
+
return str(self.value)
|
106
|
+
|
107
|
+
|
108
|
+
class ItemVersionState(str, enum.Enum):
|
109
|
+
ACTIVE = "active"
|
110
|
+
DEACTIVATED = "deactivated"
|
111
|
+
SUSPENDED = "suspended"
|
112
|
+
COMPROMISED = "compromised"
|
113
|
+
DESTROYED = "destroyed"
|
114
|
+
|
115
|
+
def __str__(self):
|
116
|
+
return str(self.value)
|
117
|
+
|
118
|
+
def __repr__(self):
|
119
|
+
return str(self.value)
|
120
|
+
|
121
|
+
|
122
|
+
class ItemState(str, enum.Enum):
|
123
|
+
ENABLED = "enabled"
|
124
|
+
DISABLED = "disabled"
|
125
|
+
|
126
|
+
def __str__(self):
|
127
|
+
return str(self.value)
|
128
|
+
|
129
|
+
def __repr__(self):
|
130
|
+
return str(self.value)
|
131
|
+
|
132
|
+
|
133
|
+
class CommonStoreRequest(APIRequestModel):
|
134
|
+
type: ItemType
|
135
|
+
name: str
|
136
|
+
folder: Optional[str] = None
|
137
|
+
metadata: Optional[Metadata] = None
|
138
|
+
tags: Optional[Tags] = None
|
139
|
+
rotation_frequency: Optional[str] = None
|
140
|
+
rotation_state: Optional[ItemVersionState] = None
|
141
|
+
expiration: Optional[datetime.datetime] = None
|
142
|
+
|
143
|
+
|
144
|
+
class CommonStoreResult(PangeaResponseResult):
|
145
|
+
id: str
|
146
|
+
type: str
|
147
|
+
version: int
|
148
|
+
|
149
|
+
|
150
|
+
class CommonGenerateRequest(APIRequestModel):
|
151
|
+
type: ItemType
|
152
|
+
name: str
|
153
|
+
folder: Optional[str] = None
|
154
|
+
metadata: Optional[Metadata] = None
|
155
|
+
tags: Optional[Tags] = None
|
156
|
+
rotation_frequency: Optional[str] = None
|
157
|
+
rotation_state: Optional[ItemVersionState] = None
|
158
|
+
expiration: Optional[datetime.datetime] = None
|
159
|
+
|
160
|
+
|
161
|
+
class CommonGenerateResult(PangeaResponseResult):
|
162
|
+
type: str
|
163
|
+
version: int
|
164
|
+
id: str
|
165
|
+
|
166
|
+
|
167
|
+
class GetRequest(APIRequestModel):
|
168
|
+
id: str
|
169
|
+
version: Optional[Union[str, int]] = None
|
170
|
+
verbose: Optional[bool] = None
|
171
|
+
version_state: Optional[ItemVersionState] = None
|
172
|
+
|
173
|
+
|
174
|
+
class ItemVersionData(PangeaResponseResult):
|
175
|
+
version: int
|
176
|
+
state: str
|
177
|
+
created_at: str
|
178
|
+
destroy_at: Optional[str] = None
|
179
|
+
public_key: Optional[EncodedPublicKey] = None
|
180
|
+
secret: Optional[str] = None
|
181
|
+
|
182
|
+
|
183
|
+
class ItemData(PangeaResponseResult):
|
184
|
+
type: str
|
185
|
+
id: Optional[str] = None
|
186
|
+
item_state: Optional[str] = None
|
187
|
+
current_version: Optional[ItemVersionData] = None
|
188
|
+
name: Optional[str] = None
|
189
|
+
folder: Optional[str] = None
|
190
|
+
metadata: Optional[Metadata] = None
|
191
|
+
tags: Optional[Tags] = None
|
192
|
+
rotation_frequency: Optional[str] = None
|
193
|
+
rotation_state: Optional[str] = None
|
194
|
+
last_rotated: Optional[str] = None
|
195
|
+
next_rotation: Optional[str] = None
|
196
|
+
expiration: Optional[str] = None
|
197
|
+
created_at: Optional[str] = None
|
198
|
+
algorithm: Optional[str] = None
|
199
|
+
purpose: Optional[str] = None
|
200
|
+
|
201
|
+
|
202
|
+
class GetResult(ItemData):
|
203
|
+
versions: List[ItemVersionData] = []
|
204
|
+
rotation_grace_period: Optional[str] = None
|
205
|
+
|
206
|
+
|
207
|
+
class ListItemData(ItemData):
|
208
|
+
compromised_versions: Optional[List[ItemVersionData]] = None
|
209
|
+
|
210
|
+
|
211
|
+
class ListResult(PangeaResponseResult):
|
212
|
+
items: List[ListItemData] = []
|
213
|
+
count: int
|
214
|
+
last: Optional[str]
|
215
|
+
|
216
|
+
|
217
|
+
class ListRequest(APIRequestModel):
|
218
|
+
filter: Optional[Dict[str, str]] = None
|
219
|
+
size: Optional[int] = None
|
220
|
+
order: Optional[ItemOrder] = None
|
221
|
+
order_by: Optional[ItemOrderBy] = None
|
222
|
+
last: Optional[str] = None
|
223
|
+
|
224
|
+
|
225
|
+
class CommonRotateRequest(APIRequestModel):
|
226
|
+
id: str
|
227
|
+
rotation_state: Optional[ItemVersionState] = None
|
228
|
+
|
229
|
+
|
230
|
+
class CommonRotateResult(PangeaResponseResult):
|
231
|
+
id: str
|
232
|
+
version: int
|
233
|
+
type: str
|
234
|
+
|
235
|
+
|
236
|
+
class KeyRotateRequest(CommonRotateRequest):
|
237
|
+
key: Optional[str] = None
|
238
|
+
public_key: Optional[EncodedPublicKey] = None
|
239
|
+
private_key: Optional[EncodedPrivateKey] = None
|
240
|
+
|
241
|
+
|
242
|
+
class KeyRotateResult(CommonRotateResult):
|
243
|
+
public_key: Optional[EncodedPublicKey] = None
|
244
|
+
algorithm: str
|
245
|
+
purpose: str
|
246
|
+
|
247
|
+
|
248
|
+
class DeleteRequest(APIRequestModel):
|
249
|
+
id: str
|
250
|
+
|
251
|
+
|
252
|
+
class DeleteResult(PangeaResponseResult):
|
253
|
+
id: str
|
254
|
+
|
255
|
+
|
256
|
+
class UpdateRequest(APIRequestModel):
|
257
|
+
id: str
|
258
|
+
name: Optional[str] = None
|
259
|
+
folder: Optional[str] = None
|
260
|
+
metadata: Optional[Metadata] = None
|
261
|
+
tags: Optional[Tags] = None
|
262
|
+
rotation_frequency: Optional[str] = None
|
263
|
+
rotation_state: Optional[ItemVersionState] = None
|
264
|
+
rotation_grace_period: Optional[str] = None
|
265
|
+
expiration: Optional[datetime.datetime] = None
|
266
|
+
item_state: Optional[ItemState] = None
|
267
|
+
|
268
|
+
|
269
|
+
class UpdateResult(APIRequestModel):
|
270
|
+
id: str
|
271
|
+
|
272
|
+
|
273
|
+
class JWKGetRequest(APIRequestModel):
|
274
|
+
id: str
|
275
|
+
version: Optional[str] = None
|
276
|
+
|
277
|
+
|
278
|
+
class JWKHeader(PangeaResponseResult):
|
279
|
+
alg: str
|
280
|
+
kid: Optional[str] = None
|
281
|
+
kty: str
|
282
|
+
use: Optional[str] = None
|
283
|
+
|
284
|
+
|
285
|
+
class JWK(JWKHeader):
|
286
|
+
# Generic JWK
|
287
|
+
pass
|
288
|
+
|
289
|
+
|
290
|
+
class JWKec(JWKHeader):
|
291
|
+
# Eliptyc curve JWK
|
292
|
+
crv: str
|
293
|
+
d: Optional[str] = None
|
294
|
+
x: str
|
295
|
+
y: str
|
296
|
+
|
297
|
+
|
298
|
+
class JWKrsa(JWKHeader):
|
299
|
+
# RSA JWK
|
300
|
+
n: str
|
301
|
+
e: str
|
302
|
+
d: Optional[str] = None
|
303
|
+
|
304
|
+
|
305
|
+
class JWKGetResult(PangeaResponseResult):
|
306
|
+
keys: List[Union[JWKec, JWKrsa, JWK]]
|
307
|
+
|
308
|
+
|
309
|
+
class JWTVerifyRequest(APIRequestModel):
|
310
|
+
jws: str
|
311
|
+
|
312
|
+
|
313
|
+
class JWTVerifyResult(PangeaResponseResult):
|
314
|
+
valid_signature: bool
|
315
|
+
|
316
|
+
|
317
|
+
class JWTSignRequest(APIRequestModel):
|
318
|
+
id: str
|
319
|
+
payload: str
|
320
|
+
|
321
|
+
|
322
|
+
class JWTSignResult(PangeaResponseResult):
|
323
|
+
jws: str
|
324
|
+
|
325
|
+
|
326
|
+
class StateChangeRequest(APIRequestModel):
|
327
|
+
id: str
|
328
|
+
state: ItemVersionState
|
329
|
+
version: Optional[int] = None
|
330
|
+
destroy_period: Optional[str] = None
|
331
|
+
|
332
|
+
|
333
|
+
class StateChangeResult(PangeaResponseResult):
|
334
|
+
id: str
|
335
|
+
version: int
|
336
|
+
state: str
|
337
|
+
destroy_at: Optional[str] = None
|
@@ -0,0 +1,24 @@
|
|
1
|
+
# Copyright 2022 Pangea Cyber Corporation
|
2
|
+
# Author: Pangea Cyber Corporation
|
3
|
+
from pangea.services.vault.models.common import (
|
4
|
+
CommonRotateRequest,
|
5
|
+
CommonRotateResult,
|
6
|
+
CommonStoreRequest,
|
7
|
+
CommonStoreResult,
|
8
|
+
)
|
9
|
+
|
10
|
+
|
11
|
+
class SecretStoreRequest(CommonStoreRequest):
|
12
|
+
secret: str
|
13
|
+
|
14
|
+
|
15
|
+
class SecretStoreResult(CommonStoreResult):
|
16
|
+
secret: str
|
17
|
+
|
18
|
+
|
19
|
+
class SecretRotateRequest(CommonRotateRequest):
|
20
|
+
secret: str
|
21
|
+
|
22
|
+
|
23
|
+
class SecretRotateResult(CommonRotateResult):
|
24
|
+
secret: str
|
@@ -0,0 +1,61 @@
|
|
1
|
+
# Copyright 2022 Pangea Cyber Corporation
|
2
|
+
# Author: Pangea Cyber Corporation
|
3
|
+
from typing import Optional
|
4
|
+
|
5
|
+
from pangea.response import APIRequestModel, PangeaResponseResult
|
6
|
+
from pangea.services.vault.models.common import (
|
7
|
+
CommonGenerateRequest,
|
8
|
+
CommonGenerateResult,
|
9
|
+
CommonStoreRequest,
|
10
|
+
CommonStoreResult,
|
11
|
+
EncodedSymmetricKey,
|
12
|
+
KeyPurpose,
|
13
|
+
SymmetricAlgorithm,
|
14
|
+
)
|
15
|
+
|
16
|
+
|
17
|
+
class SymmetricStoreRequest(CommonStoreRequest):
|
18
|
+
key: EncodedSymmetricKey
|
19
|
+
algorithm: SymmetricAlgorithm
|
20
|
+
purpose: KeyPurpose
|
21
|
+
|
22
|
+
|
23
|
+
class SymmetricStoreResult(CommonStoreResult):
|
24
|
+
algorithm: str
|
25
|
+
purpose: str
|
26
|
+
|
27
|
+
|
28
|
+
class SymmetricGenerateRequest(CommonGenerateRequest):
|
29
|
+
algorithm: SymmetricAlgorithm
|
30
|
+
purpose: KeyPurpose
|
31
|
+
|
32
|
+
|
33
|
+
class SymmetricGenerateResult(CommonGenerateResult):
|
34
|
+
algorithm: str
|
35
|
+
purpose: str
|
36
|
+
|
37
|
+
|
38
|
+
class EncryptRequest(APIRequestModel):
|
39
|
+
id: str
|
40
|
+
plain_text: str
|
41
|
+
version: Optional[int] = None
|
42
|
+
|
43
|
+
|
44
|
+
class EncryptResult(PangeaResponseResult):
|
45
|
+
id: str
|
46
|
+
version: int
|
47
|
+
algorithm: str
|
48
|
+
cipher_text: str
|
49
|
+
|
50
|
+
|
51
|
+
class DecryptRequest(APIRequestModel):
|
52
|
+
id: str
|
53
|
+
cipher_text: str
|
54
|
+
version: Optional[int] = None
|
55
|
+
|
56
|
+
|
57
|
+
class DecryptResult(PangeaResponseResult):
|
58
|
+
id: str
|
59
|
+
version: int
|
60
|
+
algorithm: str
|
61
|
+
plain_text: str
|