PyPI - pangea-sdk - Versions diffs - 3.8.0b4__py3-none-any.whl → 4.0.0__py3-none-any.whl - Mend

pangea-sdk 3.8.0b4py3-none-any.whl → 4.0.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (43) hide show

pangea/__init__.py +1 -2
pangea/asyncio/request.py +17 -22
pangea/asyncio/services/__init__.py +0 -2
pangea/asyncio/services/audit.py +188 -23
pangea/asyncio/services/authn.py +167 -108
pangea/asyncio/services/authz.py +36 -45
pangea/asyncio/services/embargo.py +2 -2
pangea/asyncio/services/file_scan.py +3 -3
pangea/asyncio/services/intel.py +44 -26
pangea/asyncio/services/redact.py +60 -4
pangea/asyncio/services/vault.py +145 -30
pangea/dump_audit.py +1 -1
pangea/request.py +30 -24
pangea/response.py +34 -42
pangea/services/__init__.py +0 -2
pangea/services/audit/audit.py +202 -34
pangea/services/audit/models.py +56 -8
pangea/services/audit/util.py +3 -3
pangea/services/authn/authn.py +116 -65
pangea/services/authn/models.py +88 -4
pangea/services/authz.py +51 -56
pangea/services/base.py +23 -6
pangea/services/embargo.py +2 -2
pangea/services/file_scan.py +3 -2
pangea/services/intel.py +25 -23
pangea/services/redact.py +124 -4
pangea/services/vault/models/common.py +121 -6
pangea/services/vault/models/symmetric.py +2 -2
pangea/services/vault/vault.py +143 -32
pangea/utils.py +20 -109
pangea/verify_audit.py +267 -83
{pangea_sdk-3.8.0b4.dist-info → pangea_sdk-4.0.0.dist-info}/METADATA +12 -20
pangea_sdk-4.0.0.dist-info/RECORD +46 -0
{pangea_sdk-3.8.0b4.dist-info → pangea_sdk-4.0.0.dist-info}/WHEEL +1 -1
pangea/asyncio/__init__.py +0 -1
pangea/asyncio/file_uploader.py +0 -39
pangea/asyncio/services/sanitize.py +0 -185
pangea/asyncio/services/share.py +0 -573
pangea/file_uploader.py +0 -35
pangea/services/sanitize.py +0 -275
pangea/services/share/file_format.py +0 -170
pangea/services/share/share.py +0 -877
pangea_sdk-3.8.0b4.dist-info/RECORD +0 -54

pangea/services/vault/vault.py CHANGED Viewed

@@ -1,8 +1,11 @@
 # Copyright 2022 Pangea Cyber Corporation
 # Author: Pangea Cyber Corporation
+from __future__ import annotations
 import datetime
 from typing import Dict, Optional, Union
+from pangea.config import PangeaConfig
 from pangea.response import PangeaResponse
 from pangea.services.base import ServiceBase
 from pangea.services.vault.models.asymmetric import (
@@ -17,6 +20,8 @@ from pangea.services.vault.models.asymmetric import (
 )
 from pangea.services.vault.models.common import (
     AsymmetricAlgorithm,
+    DecryptTransformRequest,
+    DecryptTransformResult,
     DeleteRequest,
     DeleteResult,
     EncodedPrivateKey,
@@ -24,6 +29,8 @@ from pangea.services.vault.models.common import (
     EncodedSymmetricKey,
     EncryptStructuredRequest,
     EncryptStructuredResult,
+    EncryptTransformRequest,
+    EncryptTransformResult,
     FolderCreateRequest,
     FolderCreateResult,
     GetRequest,
@@ -50,6 +57,7 @@ from pangea.services.vault.models.common import (
     SymmetricAlgorithm,
     Tags,
     TDict,
+    TransformAlphabet,
     UpdateRequest,
     UpdateResult,
 )
@@ -98,10 +106,24 @@ class Vault(ServiceBase):
     def __init__(
         self,
-        token,
-        config=None,
-        logger_name="pangea",
-    ):
+        token: str,
+        config: PangeaConfig | None = None,
+        logger_name: str = "pangea",
+    ) -> None:
+        """
+        Vault client
+        Initializes a new Vault client.
+        Args:
+            token: Pangea API token.
+            config: Configuration.
+            logger_name: Logger name.
+        Examples:
+             config = PangeaConfig(domain="pangea_domain")
+             vault = Vault(token="pangea_token", config=config)
+        """
         super().__init__(token, config, logger_name)
     # Delete endpoint
@@ -129,7 +151,7 @@ class Vault(ServiceBase):
         input = DeleteRequest(
             id=id,
         )
-        return self.request.post("v1/delete", DeleteResult, data=input.dict(exclude_none=True))
+        return self.request.post("v1/delete", DeleteResult, data=input.model_dump(exclude_none=True))
     # Get endpoint
     def get(
@@ -176,7 +198,7 @@ class Vault(ServiceBase):
             verbose=verbose,
             version_state=version_state,
         )
-        return self.request.post("v1/get", GetResult, data=input.dict(exclude_none=True))
+        return self.request.post("v1/get", GetResult, data=input.model_dump(exclude_none=True))
     # List endpoint
     def list(
@@ -232,7 +254,7 @@ class Vault(ServiceBase):
             )
         """
         input = ListRequest(filter=filter, last=last, order=order, order_by=order_by, size=size)
-        return self.request.post("v1/list", ListResult, data=input.dict(exclude_none=True))
+        return self.request.post("v1/list", ListResult, data=input.model_dump(exclude_none=True))
     # Update endpoint
     def update(
@@ -313,7 +335,7 @@ class Vault(ServiceBase):
             expiration=expiration,
             item_state=item_state,
         )
-        return self.request.post("v1/update", UpdateResult, data=input.dict(exclude_none=True))
+        return self.request.post("v1/update", UpdateResult, data=input.model_dump(exclude_none=True))
     def secret_store(
         self,
@@ -383,7 +405,7 @@ class Vault(ServiceBase):
             rotation_state=rotation_state,
             expiration=expiration,
         )
-        return self.request.post("v1/secret/store", SecretStoreResult, data=input.dict(exclude_none=True))
+        return self.request.post("v1/secret/store", SecretStoreResult, data=input.model_dump(exclude_none=True))
     def pangea_token_store(
         self,
@@ -453,7 +475,7 @@ class Vault(ServiceBase):
             rotation_state=rotation_state,
             expiration=expiration,
         )
-        return self.request.post("v1/secret/store", SecretStoreResult, data=input.dict(exclude_none=True))
+        return self.request.post("v1/secret/store", SecretStoreResult, data=input.model_dump(exclude_none=True))
     # Rotate endpoint
     def secret_rotate(
@@ -493,7 +515,7 @@ class Vault(ServiceBase):
             )
         """
         input = SecretRotateRequest(id=id, secret=secret, rotation_state=rotation_state)
-        return self.request.post("v1/secret/rotate", SecretRotateResult, data=input.dict(exclude_none=True))
+        return self.request.post("v1/secret/rotate", SecretRotateResult, data=input.model_dump(exclude_none=True))
     # Rotate endpoint
     def pangea_token_rotate(self, id: str) -> PangeaResponse[SecretRotateResult]:
@@ -521,7 +543,7 @@ class Vault(ServiceBase):
             )
         """
         input = SecretRotateRequest(id=id)  # type: ignore[call-arg]
-        return self.request.post("v1/secret/rotate", SecretRotateResult, data=input.dict(exclude_none=True))
+        return self.request.post("v1/secret/rotate", SecretRotateResult, data=input.model_dump(exclude_none=True))
     def symmetric_generate(
         self,
@@ -598,7 +620,7 @@ class Vault(ServiceBase):
         return self.request.post(
             "v1/key/generate",
             SymmetricGenerateResult,
-            data=input.dict(exclude_none=True),
+            data=input.model_dump(exclude_none=True),
         )
     def asymmetric_generate(
@@ -676,7 +698,7 @@ class Vault(ServiceBase):
         return self.request.post(
             "v1/key/generate",
             AsymmetricGenerateResult,
-            data=input.dict(exclude_none=True),
+            data=input.model_dump(exclude_none=True),
         )
     # Store endpoints
@@ -760,7 +782,7 @@ class Vault(ServiceBase):
             rotation_state=rotation_state,
             expiration=expiration,
         )
-        return self.request.post("v1/key/store", AsymmetricStoreResult, data=input.dict(exclude_none=True))
+        return self.request.post("v1/key/store", AsymmetricStoreResult, data=input.model_dump(exclude_none=True))
     def symmetric_store(
         self,
@@ -838,7 +860,7 @@ class Vault(ServiceBase):
             rotation_state=rotation_state,
             expiration=expiration,
         )
-        return self.request.post("v1/key/store", SymmetricStoreResult, data=input.dict(exclude_none=True))
+        return self.request.post("v1/key/store", SymmetricStoreResult, data=input.model_dump(exclude_none=True))
     # Rotate endpoint
     def key_rotate(
@@ -891,7 +913,7 @@ class Vault(ServiceBase):
             key=key,
             rotation_state=rotation_state,
         )
-        return self.request.post("v1/key/rotate", KeyRotateResult, data=input.dict(exclude_none=True))
+        return self.request.post("v1/key/rotate", KeyRotateResult, data=input.model_dump(exclude_none=True))
     # Encrypt
     def encrypt(self, id: str, plain_text: str, version: Optional[int] = None) -> PangeaResponse[EncryptResult]:
@@ -922,8 +944,8 @@ class Vault(ServiceBase):
                 version=1,
             )
         """
-        input = EncryptRequest(id=id, plain_text=plain_text, version=version)  # type: ignore[call-arg]
-        return self.request.post("v1/key/encrypt", EncryptResult, data=input.dict(exclude_none=True))
+        input = EncryptRequest(id=id, plain_text=plain_text, version=version)
+        return self.request.post("v1/key/encrypt", EncryptResult, data=input.model_dump(exclude_none=True))
     # Decrypt
     def decrypt(self, id: str, cipher_text: str, version: Optional[int] = None) -> PangeaResponse[DecryptResult]:
@@ -954,8 +976,8 @@ class Vault(ServiceBase):
                 version=1,
             )
         """
-        input = DecryptRequest(id=id, cipher_text=cipher_text, version=version)  # type: ignore[call-arg]
-        return self.request.post("v1/key/decrypt", DecryptResult, data=input.dict(exclude_none=True))
+        input = DecryptRequest(id=id, cipher_text=cipher_text, version=version)
+        return self.request.post("v1/key/decrypt", DecryptResult, data=input.model_dump(exclude_none=True))
     # Sign
     def sign(self, id: str, message: str, version: Optional[int] = None) -> PangeaResponse[SignResult]:
@@ -987,7 +1009,7 @@ class Vault(ServiceBase):
             )
         """
         input = SignRequest(id=id, message=message, version=version)
-        return self.request.post("v1/key/sign", SignResult, data=input.dict(exclude_none=True))
+        return self.request.post("v1/key/sign", SignResult, data=input.model_dump(exclude_none=True))
     # Verify
     def verify(
@@ -1028,7 +1050,7 @@ class Vault(ServiceBase):
             signature=signature,
             version=version,
         )
-        return self.request.post("v1/key/verify", VerifyResult, data=input.dict(exclude_none=True))
+        return self.request.post("v1/key/verify", VerifyResult, data=input.model_dump(exclude_none=True))
     def jwt_verify(self, jws: str) -> PangeaResponse[JWTVerifyResult]:
         """
@@ -1055,7 +1077,7 @@ class Vault(ServiceBase):
             )
         """
         input = JWTVerifyRequest(jws=jws)
-        return self.request.post("v1/key/verify/jwt", JWTVerifyResult, data=input.dict(exclude_none=True))
+        return self.request.post("v1/key/verify/jwt", JWTVerifyResult, data=input.model_dump(exclude_none=True))
     def jwt_sign(self, id: str, payload: str) -> PangeaResponse[JWTSignResult]:
         """
@@ -1084,7 +1106,7 @@ class Vault(ServiceBase):
             )
         """
         input = JWTSignRequest(id=id, payload=payload)
-        return self.request.post("v1/key/sign/jwt", JWTSignResult, data=input.dict(exclude_none=True))
+        return self.request.post("v1/key/sign/jwt", JWTSignResult, data=input.model_dump(exclude_none=True))
     # Get endpoint
     def jwk_get(self, id: str, version: Optional[str] = None) -> PangeaResponse[JWKGetResult]:
@@ -1115,7 +1137,7 @@ class Vault(ServiceBase):
             )
         """
         input = JWKGetRequest(id=id, version=version)
-        return self.request.post("v1/get/jwk", JWKGetResult, data=input.dict(exclude_none=True))
+        return self.request.post("v1/get/jwk", JWKGetResult, data=input.model_dump(exclude_none=True))
     # State change
     def state_change(
@@ -1158,7 +1180,7 @@ class Vault(ServiceBase):
             )
         """
         input = StateChangeRequest(id=id, state=state, version=version, destroy_period=destroy_period)
-        return self.request.post("v1/state/change", StateChangeResult, data=input.dict(exclude_none=True))
+        return self.request.post("v1/state/change", StateChangeResult, data=input.model_dump(exclude_none=True))
     # Folder create
     def folder_create(
@@ -1195,7 +1217,7 @@ class Vault(ServiceBase):
             )
         """
         input = FolderCreateRequest(name=name, folder=folder, metadata=metadata, tags=tags)
-        return self.request.post("v1/folder/create", FolderCreateResult, data=input.dict(exclude_none=True))
+        return self.request.post("v1/folder/create", FolderCreateResult, data=input.model_dump(exclude_none=True))
     # Encrypt structured
     def encrypt_structured(
@@ -1216,7 +1238,7 @@ class Vault(ServiceBase):
         Args:
             id (str): The item ID.
             structured_data (dict): Structured data for applying bulk operations.
-            filter (str, optional): A filter expression for applying bulk operations to the data field.
+            filter (str): A filter expression for applying bulk operations to the data field.
             version (int, optional): The item version. Defaults to the current version.
             additional_data (str, optional): User provided authentication data.
@@ -1243,7 +1265,7 @@ class Vault(ServiceBase):
         return self.request.post(
             "v1/key/encrypt/structured",
             EncryptStructuredResult,
-            data=input.dict(exclude_none=True),
+            data=input.model_dump(exclude_none=True),
         )
     # Decrypt structured
@@ -1265,7 +1287,7 @@ class Vault(ServiceBase):
         Args:
             id (str): The item ID.
             structured_data (dict): Structured data to decrypt.
-            filter (str, optional): A filter expression for applying bulk operations to the data field.
+            filter (str): A filter expression for applying bulk operations to the data field.
             version (int, optional): The item version. Defaults to the current version.
             additional_data (str, optional): User provided authentication data.
@@ -1292,5 +1314,94 @@ class Vault(ServiceBase):
         return self.request.post(
             "v1/key/decrypt/structured",
             EncryptStructuredResult,
-            data=input.dict(exclude_none=True),
+            data=input.model_dump(exclude_none=True),
+        )
+    def encrypt_transform(
+        self,
+        id: str,
+        plain_text: str,
+        alphabet: TransformAlphabet,
+        tweak: str | None = None,
+        version: int | None = None,
+    ) -> PangeaResponse[EncryptTransformResult]:
+        """
+        Encrypt transform
+        Encrypt using a format-preserving algorithm (FPE).
+        OperationId: vault_post_v1_key_encrypt_transform
+        Args:
+            id: The item ID.
+            plain_text: A message to be encrypted.
+            alphabet: Set of characters to use for format-preserving encryption (FPE).
+            tweak: User provided tweak string. If not provided, a random string will be generated and returned.
+            version: The item version. Defaults to the current version.
+        Raises:
+            PangeaAPIException: If an API error happens.
+        Returns:
+            A `PangeaResponse` containing the encrypted message.
+        Examples:
+            vault.encrypt_transform(
+                id="pvi_[...]",
+                plain_text="message to encrypt",
+                alphabet=TransformAlphabet.ALPHANUMERIC,
+                tweak="MTIzMTIzMT==",
+            )
+        """
+        input = EncryptTransformRequest(
+            id=id,
+            plain_text=plain_text,
+            tweak=tweak,
+            alphabet=alphabet,
+            version=version,
+        )
+        return self.request.post(
+            "v1/key/encrypt/transform",
+            EncryptTransformResult,
+            data=input.model_dump(exclude_none=True),
+        )
+    def decrypt_transform(
+        self, id: str, cipher_text: str, tweak: str, alphabet: TransformAlphabet, version: int | None = None
+    ) -> PangeaResponse[DecryptTransformResult]:
+        """
+        Decrypt transform
+        Decrypt using a format-preserving algorithm (FPE).
+        OperationId: vault_post_v1_key_decrypt_transform
+        Args:
+            id: The item ID.
+            cipher_text: A message encrypted by Vault.
+            tweak: User provided tweak string.
+            alphabet: Set of characters to use for format-preserving encryption (FPE).
+            version: The item version. Defaults to the current version.
+        Raises:
+            PangeaAPIException: If an API error happens.
+        Returns:
+            A `PangeaResponse` containing the decrypted message.
+        Examples:
+            vault.decrypt_transform(
+                id="pvi_[...]",
+                cipher_text="encrypted message",
+                tweak="MTIzMTIzMT==",
+                alphabet=TransformAlphabet.ALPHANUMERIC,
+            )
+        """
+        input = DecryptTransformRequest(id=id, cipher_text=cipher_text, tweak=tweak, alphabet=alphabet, version=version)
+        return self.request.post(
+            "v1/key/decrypt/transform",
+            DecryptTransformResult,
+            data=input.model_dump(exclude_none=True),
         )

pangea/utils.py CHANGED Viewed

@@ -3,11 +3,9 @@ import copy
 import datetime
 import io
 import json
-from collections import OrderedDict
-from hashlib import md5, new, sha1, sha256, sha512
-from typing import Union
+from hashlib import new, sha1, sha256, sha512
-from google_crc32c import Checksum as CRC32C  # type: ignore[import]
+from google_crc32c import Checksum as CRC32C  # type: ignore[import-untyped]
 from pydantic import BaseModel
@@ -31,24 +29,8 @@ def default_encoder(obj) -> str:
         return str(obj)
-def str2str_b64(data: str):
-    return base64.b64encode(data.encode("ascii")).decode("ascii")
-def dict_order_keys(data: dict) -> OrderedDict:
-    if isinstance(data, dict):
-        return OrderedDict(sorted(data.items()))
-    else:
-        return data
-def dict_order_keys_recursive(data: dict) -> OrderedDict:
-    if isinstance(data, dict):
-        for k, v in data.items():
-            if type(v) is dict:
-                data[k] = dict_order_keys_recursive(v)
-    return data  # type: ignore[return-value]
+def str2str_b64(data: str, encoding: str = "utf-8") -> str:
+    return base64.b64encode(data.encode(encoding)).decode("ascii")
 def canonicalize_nested_json(data: dict) -> dict:
@@ -77,97 +59,33 @@ def canonicalize(data: dict) -> str:
         return str(data)
-def hash_sha256(input: Union[str, io.BufferedReader]) -> str:
-    # Return SHA256 hash in hex format
-    hash = sha256()
-    if isinstance(input, io.BufferedReader):
-        input.seek(0)  # restart reading
-        while True:
-            chunk = input.read(1024 * 1024)
-            if not chunk:
-                break
-            hash.update(chunk)
-        input.seek(0)  # restart reading
-    else:
-        hash.update(input)  # type: ignore
-    return hash.hexdigest()
+def hash_sha256(data: str) -> str:
+    # Return sha256 hash in hex format
+    return sha256(data.encode("ascii")).hexdigest()
-def hash_sha1(input: Union[str, io.BufferedReader]) -> str:
-    # Return SHA1 hash in hex format
-    hash = sha1()
-    if isinstance(input, io.BufferedReader):
-        input.seek(0)  # restart reading
-        while True:
-            chunk = input.read(1024 * 1024)
-            if not chunk:
-                break
-            hash.update(chunk)
-        input.seek(0)  # restart reading
-    else:
-        hash.update(input)  # type: ignore
-    return hash.hexdigest()
+def hash_256_filepath(filepath: str) -> str:
+    data = open(filepath, "rb")
+    hash = sha256(data.read()).hexdigest()
+    data.close()
+    return hash
-def hash_sha512(input: Union[str, io.BufferedReader]) -> str:
-    # Return SHA512 hash in hex format
-    hash = sha512()
-    if isinstance(input, io.BufferedReader):
-        input.seek(0)  # restart reading
-        while True:
-            chunk = input.read(1024 * 1024)
-            if not chunk:
-                break
-            hash.update(chunk)
+def hash_sha1(data: str) -> str:
+    # Return sha1 hash in hex format
+    return sha1(data.encode("ascii")).hexdigest()
-        input.seek(0)  # restart reading
-    else:
-        hash.update(input)  # type: ignore
-    return hash.hexdigest()
+def hash_sha512(data: str) -> str:
+    # Return sha512 hash in hex format
+    return sha512(data.encode("ascii")).hexdigest()
-def hash_ntlm(data: str) -> str:
-    # Return NTLM hash in hex format
+def hash_ntlm(data: str):
+    # Calculate the NTLM hash
     return new("md4", data.encode("utf-16le")).hexdigest()
-def hash_md5(input: Union[str, io.BufferedReader]) -> str:
-    # Return MD5 hash in hex format
-    hash = md5()
-    if isinstance(input, io.BufferedReader):
-        input.seek(0)  # restart reading
-        while True:
-            chunk = input.read(1024 * 1024)
-            if not chunk:
-                break
-            hash.update(chunk)
-        input.seek(0)  # restart reading
-    else:
-        hash.update(input)  # type: ignore
-    return hash.hexdigest()
-def get_crc32c(data: str) -> str:
-    crc = CRC32C()
-    crc.update(data)
-    return crc.hexdigest().decode("utf-8")
-def hash_256_filepath(filepath: str) -> str:
-    data = open(filepath, "rb")
-    hash = sha256(data.read()).hexdigest()
-    data.close()
-    return hash
 def get_prefix(hash: str, len: int = 5):
     return hash[0:len]
@@ -197,10 +115,3 @@ def get_file_upload_params(file: io.BufferedReader) -> FileUploadParams:
     file.seek(0)  # restart reading
     return FileUploadParams(crc_hex=crc.hexdigest().decode("utf-8"), sha256_hex=sha.hexdigest(), size=size)
-def get_file_size(file: io.BufferedReader) -> int:
-    file.seek(0, io.SEEK_END)
-    size = file.tell()
-    file.seek(0)  # restart reading
-    return size

pangea-sdk 3.8.0b4__py3-none-any.whl → 4.0.0__py3-none-any.whl

pangea-sdk 3.8.0b4py3-none-any.whl → 4.0.0py3-none-any.whl