pangea-sdk 3.8.0b1__py3-none-any.whl → 5.4.0b1__py3-none-any.whl
Sign up to get free protection for your applications and to get access to all the features.
- pangea/__init__.py +1 -1
- pangea/asyncio/file_uploader.py +1 -1
- pangea/asyncio/request.py +56 -34
- pangea/asyncio/services/__init__.py +4 -0
- pangea/asyncio/services/ai_guard.py +75 -0
- pangea/asyncio/services/audit.py +192 -31
- pangea/asyncio/services/authn.py +187 -109
- pangea/asyncio/services/authz.py +285 -0
- pangea/asyncio/services/base.py +21 -2
- pangea/asyncio/services/embargo.py +2 -2
- pangea/asyncio/services/file_scan.py +24 -9
- pangea/asyncio/services/intel.py +108 -34
- pangea/asyncio/services/prompt_guard.py +73 -0
- pangea/asyncio/services/redact.py +72 -4
- pangea/asyncio/services/sanitize.py +217 -0
- pangea/asyncio/services/share.py +246 -73
- pangea/asyncio/services/vault.py +1710 -750
- pangea/crypto/rsa.py +135 -0
- pangea/deep_verify.py +7 -1
- pangea/dump_audit.py +9 -8
- pangea/request.py +87 -59
- pangea/response.py +49 -31
- pangea/services/__init__.py +4 -0
- pangea/services/ai_guard.py +128 -0
- pangea/services/audit/audit.py +205 -42
- pangea/services/audit/models.py +56 -8
- pangea/services/audit/signing.py +6 -5
- pangea/services/audit/util.py +3 -3
- pangea/services/authn/authn.py +140 -70
- pangea/services/authn/models.py +167 -11
- pangea/services/authz.py +400 -0
- pangea/services/base.py +39 -8
- pangea/services/embargo.py +2 -2
- pangea/services/file_scan.py +32 -15
- pangea/services/intel.py +157 -32
- pangea/services/prompt_guard.py +83 -0
- pangea/services/redact.py +152 -4
- pangea/services/sanitize.py +371 -0
- pangea/services/share/share.py +683 -107
- pangea/services/vault/models/asymmetric.py +120 -18
- pangea/services/vault/models/common.py +439 -141
- pangea/services/vault/models/keys.py +94 -0
- pangea/services/vault/models/secret.py +27 -3
- pangea/services/vault/models/symmetric.py +68 -22
- pangea/services/vault/vault.py +1690 -749
- pangea/tools.py +6 -7
- pangea/utils.py +16 -27
- pangea/verify_audit.py +270 -83
- {pangea_sdk-3.8.0b1.dist-info → pangea_sdk-5.4.0b1.dist-info}/METADATA +43 -35
- pangea_sdk-5.4.0b1.dist-info/RECORD +60 -0
- {pangea_sdk-3.8.0b1.dist-info → pangea_sdk-5.4.0b1.dist-info}/WHEEL +1 -1
- pangea_sdk-3.8.0b1.dist-info/RECORD +0 -50
|
@@ -0,0 +1,94 @@
|
|
|
1
|
+
from __future__ import annotations
|
|
2
|
+
|
|
3
|
+
from typing import Literal, Optional, Union
|
|
4
|
+
|
|
5
|
+
from pangea.response import APIRequestModel, PangeaDateTime
|
|
6
|
+
from pangea.services.vault.models.asymmetric import (
|
|
7
|
+
AsymmetricKeyEncryptionAlgorithm,
|
|
8
|
+
AsymmetricKeyJwtAlgorithm,
|
|
9
|
+
AsymmetricKeyPkiAlgorithm,
|
|
10
|
+
AsymmetricKeyPurpose,
|
|
11
|
+
AsymmetricKeySigningAlgorithm,
|
|
12
|
+
)
|
|
13
|
+
from pangea.services.vault.models.common import (
|
|
14
|
+
ItemType,
|
|
15
|
+
Metadata,
|
|
16
|
+
RequestManualRotationState,
|
|
17
|
+
RequestRotationState,
|
|
18
|
+
Tags,
|
|
19
|
+
)
|
|
20
|
+
from pangea.services.vault.models.symmetric import (
|
|
21
|
+
SymmetricKeyEncryptionAlgorithm,
|
|
22
|
+
SymmetricKeyFpeAlgorithm,
|
|
23
|
+
SymmetricKeyJwtAlgorithm,
|
|
24
|
+
SymmetricKeyPurpose,
|
|
25
|
+
)
|
|
26
|
+
|
|
27
|
+
|
|
28
|
+
class CommonGenerateRequest(APIRequestModel):
|
|
29
|
+
type: Literal[ItemType.ASYMMETRIC_KEY, ItemType.SYMMETRIC_KEY]
|
|
30
|
+
purpose: Union[AsymmetricKeyPurpose, SymmetricKeyPurpose]
|
|
31
|
+
algorithm: Union[
|
|
32
|
+
AsymmetricKeySigningAlgorithm,
|
|
33
|
+
AsymmetricKeyEncryptionAlgorithm,
|
|
34
|
+
AsymmetricKeyJwtAlgorithm,
|
|
35
|
+
AsymmetricKeyPkiAlgorithm,
|
|
36
|
+
SymmetricKeyEncryptionAlgorithm,
|
|
37
|
+
SymmetricKeyJwtAlgorithm,
|
|
38
|
+
SymmetricKeyFpeAlgorithm,
|
|
39
|
+
]
|
|
40
|
+
name: Optional[str] = None
|
|
41
|
+
folder: Optional[str] = None
|
|
42
|
+
metadata: Optional[Metadata] = None
|
|
43
|
+
tags: Optional[Tags] = None
|
|
44
|
+
rotation_frequency: Optional[str] = None
|
|
45
|
+
rotation_state: Optional[RequestRotationState] = RequestRotationState.INHERITED
|
|
46
|
+
disabled_at: Optional[PangeaDateTime] = None
|
|
47
|
+
exportable: bool = False
|
|
48
|
+
|
|
49
|
+
|
|
50
|
+
class KeyStoreRequest(APIRequestModel):
|
|
51
|
+
# Required.
|
|
52
|
+
type: Literal[ItemType.ASYMMETRIC_KEY, ItemType.SYMMETRIC_KEY]
|
|
53
|
+
purpose: Union[AsymmetricKeyPurpose, SymmetricKeyPurpose]
|
|
54
|
+
algorithm: Union[
|
|
55
|
+
AsymmetricKeySigningAlgorithm,
|
|
56
|
+
AsymmetricKeyEncryptionAlgorithm,
|
|
57
|
+
AsymmetricKeyJwtAlgorithm,
|
|
58
|
+
AsymmetricKeyPkiAlgorithm,
|
|
59
|
+
SymmetricKeyEncryptionAlgorithm,
|
|
60
|
+
SymmetricKeyJwtAlgorithm,
|
|
61
|
+
SymmetricKeyFpeAlgorithm,
|
|
62
|
+
]
|
|
63
|
+
|
|
64
|
+
# Asymmetric.
|
|
65
|
+
public_key: Optional[str] = None
|
|
66
|
+
private_key: Optional[str] = None
|
|
67
|
+
|
|
68
|
+
# Symmetric.
|
|
69
|
+
key: Optional[str] = None
|
|
70
|
+
|
|
71
|
+
# Optional.
|
|
72
|
+
name: Optional[str] = None
|
|
73
|
+
folder: Optional[str] = None
|
|
74
|
+
metadata: Optional[Metadata] = None
|
|
75
|
+
tags: Optional[Tags] = None
|
|
76
|
+
rotation_frequency: Optional[str] = None
|
|
77
|
+
rotation_state: Optional[RequestRotationState] = RequestRotationState.INHERITED
|
|
78
|
+
disabled_at: Optional[PangeaDateTime] = None
|
|
79
|
+
exportable: bool = False
|
|
80
|
+
|
|
81
|
+
|
|
82
|
+
class KeyRotateRequest(APIRequestModel):
|
|
83
|
+
# Required.
|
|
84
|
+
id: str
|
|
85
|
+
|
|
86
|
+
# Asymmetric.
|
|
87
|
+
public_key: Optional[str] = None
|
|
88
|
+
private_key: Optional[str] = None
|
|
89
|
+
|
|
90
|
+
# Symmetric.
|
|
91
|
+
key: Optional[str] = None
|
|
92
|
+
|
|
93
|
+
# Optional.
|
|
94
|
+
rotation_state: RequestManualRotationState = RequestManualRotationState.DEACTIVATED
|
|
@@ -1,15 +1,39 @@
|
|
|
1
1
|
# Copyright 2022 Pangea Cyber Corporation
|
|
2
2
|
# Author: Pangea Cyber Corporation
|
|
3
|
+
from typing import Optional
|
|
4
|
+
|
|
5
|
+
from typing_extensions import Literal
|
|
6
|
+
|
|
7
|
+
from pangea.response import APIRequestModel, PangeaDateTime
|
|
3
8
|
from pangea.services.vault.models.common import (
|
|
4
9
|
CommonRotateRequest,
|
|
5
10
|
CommonRotateResult,
|
|
6
|
-
CommonStoreRequest,
|
|
7
11
|
CommonStoreResult,
|
|
12
|
+
Metadata,
|
|
13
|
+
Tags,
|
|
8
14
|
)
|
|
9
15
|
|
|
10
16
|
|
|
11
|
-
class SecretStoreRequest(
|
|
12
|
-
|
|
17
|
+
class SecretStoreRequest(APIRequestModel):
|
|
18
|
+
type: Literal["secret", "pangea_token", "pangea_client_secret", "pangea_platform_client_secret"]
|
|
19
|
+
|
|
20
|
+
# Secret.
|
|
21
|
+
secret: Optional[str] = None
|
|
22
|
+
|
|
23
|
+
# Pangea token.
|
|
24
|
+
token: Optional[str] = None
|
|
25
|
+
|
|
26
|
+
# Pangea client secret.
|
|
27
|
+
client_secret: Optional[str] = None
|
|
28
|
+
client_id: Optional[str] = None
|
|
29
|
+
client_secret_id: Optional[str] = None
|
|
30
|
+
|
|
31
|
+
# Optional.
|
|
32
|
+
name: Optional[str] = None
|
|
33
|
+
folder: Optional[str] = None
|
|
34
|
+
metadata: Optional[Metadata] = None
|
|
35
|
+
tags: Optional[Tags] = None
|
|
36
|
+
disabled_at: Optional[PangeaDateTime] = None
|
|
13
37
|
|
|
14
38
|
|
|
15
39
|
class SecretStoreResult(CommonStoreResult):
|
|
@@ -1,23 +1,14 @@
|
|
|
1
1
|
# Copyright 2022 Pangea Cyber Corporation
|
|
2
2
|
# Author: Pangea Cyber Corporation
|
|
3
|
-
from
|
|
3
|
+
from __future__ import annotations
|
|
4
4
|
|
|
5
|
-
from
|
|
6
|
-
from
|
|
7
|
-
CommonGenerateRequest,
|
|
8
|
-
CommonGenerateResult,
|
|
9
|
-
CommonStoreRequest,
|
|
10
|
-
CommonStoreResult,
|
|
11
|
-
EncodedSymmetricKey,
|
|
12
|
-
KeyPurpose,
|
|
13
|
-
SymmetricAlgorithm,
|
|
14
|
-
)
|
|
5
|
+
from enum import Enum
|
|
6
|
+
from typing import List, Optional, Union
|
|
15
7
|
|
|
8
|
+
from typing_extensions import Literal
|
|
16
9
|
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
algorithm: SymmetricAlgorithm
|
|
20
|
-
purpose: KeyPurpose
|
|
10
|
+
from pangea.response import APIRequestModel, PangeaResponseResult
|
|
11
|
+
from pangea.services.vault.models.common import CommonGenerateResult, CommonStoreResult, ItemType, ItemVersion, Key
|
|
21
12
|
|
|
22
13
|
|
|
23
14
|
class SymmetricStoreResult(CommonStoreResult):
|
|
@@ -25,11 +16,6 @@ class SymmetricStoreResult(CommonStoreResult):
|
|
|
25
16
|
purpose: str
|
|
26
17
|
|
|
27
18
|
|
|
28
|
-
class SymmetricGenerateRequest(CommonGenerateRequest):
|
|
29
|
-
algorithm: SymmetricAlgorithm
|
|
30
|
-
purpose: KeyPurpose
|
|
31
|
-
|
|
32
|
-
|
|
33
19
|
class SymmetricGenerateResult(CommonGenerateResult):
|
|
34
20
|
algorithm: str
|
|
35
21
|
purpose: str
|
|
@@ -39,25 +25,85 @@ class EncryptRequest(APIRequestModel):
|
|
|
39
25
|
id: str
|
|
40
26
|
plain_text: str
|
|
41
27
|
version: Optional[int] = None
|
|
42
|
-
additional_data: Optional[str]
|
|
28
|
+
additional_data: Optional[str] = None
|
|
43
29
|
|
|
44
30
|
|
|
45
31
|
class EncryptResult(PangeaResponseResult):
|
|
46
32
|
id: str
|
|
33
|
+
"""The ID of the item."""
|
|
34
|
+
|
|
47
35
|
version: int
|
|
36
|
+
"""The item version."""
|
|
37
|
+
|
|
48
38
|
algorithm: str
|
|
39
|
+
"""The algorithm of the key."""
|
|
40
|
+
|
|
49
41
|
cipher_text: str
|
|
42
|
+
"""The encrypted message (Base64 encoded)."""
|
|
50
43
|
|
|
51
44
|
|
|
52
45
|
class DecryptRequest(APIRequestModel):
|
|
53
46
|
id: str
|
|
54
47
|
cipher_text: str
|
|
55
48
|
version: Optional[int] = None
|
|
56
|
-
additional_data: Optional[str]
|
|
49
|
+
additional_data: Optional[str] = None
|
|
57
50
|
|
|
58
51
|
|
|
59
52
|
class DecryptResult(PangeaResponseResult):
|
|
60
53
|
id: str
|
|
54
|
+
"""The ID of the item."""
|
|
55
|
+
|
|
61
56
|
version: int
|
|
57
|
+
"""The item version."""
|
|
58
|
+
|
|
62
59
|
algorithm: str
|
|
60
|
+
"""The algorithm of the key."""
|
|
61
|
+
|
|
63
62
|
plain_text: str
|
|
63
|
+
"""The decrypted message."""
|
|
64
|
+
|
|
65
|
+
|
|
66
|
+
class SymmetricKeyPurpose(str, Enum):
|
|
67
|
+
"""The purpose of a symmetric key."""
|
|
68
|
+
|
|
69
|
+
ENCRYPTION = "encryption"
|
|
70
|
+
JWT = "jwt"
|
|
71
|
+
FPE = "fpe"
|
|
72
|
+
"""Format-preserving encryption."""
|
|
73
|
+
|
|
74
|
+
|
|
75
|
+
class SymmetricKeyEncryptionAlgorithm(str, Enum):
|
|
76
|
+
AES_CFB_128 = "AES-CFB-128"
|
|
77
|
+
AES_CFB_256 = "AES-CFB-256"
|
|
78
|
+
AES_GCM_256 = "AES-GCM-256"
|
|
79
|
+
AES_CBC_128 = "AES-CBC-128"
|
|
80
|
+
AES_CBC_256 = "AES-CBC-256"
|
|
81
|
+
|
|
82
|
+
|
|
83
|
+
class SymmetricKeyJwtAlgorithm(str, Enum):
|
|
84
|
+
HS256 = "HS256"
|
|
85
|
+
HS384 = "HS384"
|
|
86
|
+
HS512 = "HS512"
|
|
87
|
+
|
|
88
|
+
|
|
89
|
+
class SymmetricKeyFpeAlgorithm(str, Enum):
|
|
90
|
+
"""The algorithm of the key for purpose=`fpe` (Format Preserving Encryption)."""
|
|
91
|
+
|
|
92
|
+
AES_FF3_1_128_BETA = "AES-FF3-1-128-BETA"
|
|
93
|
+
"""128-bit encryption using the FF3-1 algorithm."""
|
|
94
|
+
|
|
95
|
+
AES_FF3_1_256_BETA = "AES-FF3-1-256-BETA"
|
|
96
|
+
"""256-bit encryption using the FF3-1 algorithm."""
|
|
97
|
+
|
|
98
|
+
|
|
99
|
+
SymmetricKeyAlgorithm = Union[SymmetricKeyEncryptionAlgorithm, SymmetricKeyJwtAlgorithm, SymmetricKeyFpeAlgorithm]
|
|
100
|
+
"""The algorithm of a symmetric key."""
|
|
101
|
+
|
|
102
|
+
|
|
103
|
+
class SymmetricKeyVersion(ItemVersion):
|
|
104
|
+
pass
|
|
105
|
+
|
|
106
|
+
|
|
107
|
+
class SymmetricKey(Key):
|
|
108
|
+
type: Literal[ItemType.SYMMETRIC_KEY] = ItemType.SYMMETRIC_KEY
|
|
109
|
+
item_versions: List[SymmetricKeyVersion]
|