PyPI - pangea-sdk - Versions diffs - 3.9.0__py3-none-any.whl → 4.1.0__py3-none-any.whl - Mend

pangea-sdk 3.9.0py3-none-any.whl → 4.1.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (34) hide show

pangea/__init__.py +1 -1
pangea/asyncio/request.py +4 -4
pangea/asyncio/services/audit.py +30 -11
pangea/asyncio/services/authn.py +49 -29
pangea/asyncio/services/authz.py +13 -7
pangea/asyncio/services/embargo.py +2 -2
pangea/asyncio/services/file_scan.py +3 -3
pangea/asyncio/services/intel.py +40 -22
pangea/asyncio/services/redact.py +5 -3
pangea/asyncio/services/vault.py +93 -28
pangea/crypto/rsa.py +47 -0
pangea/dump_audit.py +1 -1
pangea/request.py +8 -5
pangea/response.py +9 -16
pangea/services/audit/audit.py +43 -20
pangea/services/audit/models.py +3 -3
pangea/services/audit/util.py +3 -3
pangea/services/authn/authn.py +39 -29
pangea/services/authn/models.py +9 -4
pangea/services/authz.py +10 -8
pangea/services/embargo.py +2 -2
pangea/services/file_scan.py +2 -2
pangea/services/intel.py +23 -21
pangea/services/redact.py +3 -3
pangea/services/vault/models/asymmetric.py +2 -0
pangea/services/vault/models/common.py +67 -6
pangea/services/vault/models/symmetric.py +6 -2
pangea/services/vault/vault.py +89 -28
pangea/utils.py +4 -16
pangea/verify_audit.py +270 -83
{pangea_sdk-3.9.0.dist-info → pangea_sdk-4.1.0.dist-info}/METADATA +10 -9
pangea_sdk-4.1.0.dist-info/RECORD +47 -0
{pangea_sdk-3.9.0.dist-info → pangea_sdk-4.1.0.dist-info}/WHEEL +1 -1
pangea_sdk-3.9.0.dist-info/RECORD +0 -46

pangea/asyncio/services/intel.py CHANGED Viewed

@@ -67,7 +67,9 @@ class FileIntelAsync(ServiceBaseAsync):
         """
         input = m.FileReputationRequest(hash=hash, hash_type=hash_type, verbose=verbose, raw=raw, provider=provider)
-        return await self.request.post("v1/reputation", m.FileReputationResult, data=input.dict(exclude_none=True))
+        return await self.request.post(
+            "v1/reputation", m.FileReputationResult, data=input.model_dump(exclude_none=True)
+        )
     async def hash_reputation_bulk(
         self,
@@ -103,7 +105,9 @@ class FileIntelAsync(ServiceBaseAsync):
         input = m.FileReputationBulkRequest(  # type: ignore[call-arg]
             hashes=hashes, hash_type=hash_type, verbose=verbose, raw=raw, provider=provider
         )
-        return await self.request.post("v2/reputation", m.FileReputationBulkResult, data=input.dict(exclude_none=True))
+        return await self.request.post(
+            "v2/reputation", m.FileReputationBulkResult, data=input.model_dump(exclude_none=True)
+        )
     async def filepath_reputation(
         self,
@@ -144,7 +148,9 @@ class FileIntelAsync(ServiceBaseAsync):
         hash = hashlib.sha256(data.read()).hexdigest()
         input = m.FileReputationRequest(hash=hash, hash_type="sha256", verbose=verbose, raw=raw, provider=provider)
-        return await self.request.post("v1/reputation", m.FileReputationResult, data=input.dict(exclude_none=True))
+        return await self.request.post(
+            "v1/reputation", m.FileReputationResult, data=input.model_dump(exclude_none=True)
+        )
     async def filepath_reputation_bulk(
         self,
@@ -243,7 +249,9 @@ class DomainIntelAsync(ServiceBaseAsync):
             )
         """
         input = m.DomainReputationRequest(domain=domain, verbose=verbose, provider=provider, raw=raw)
-        return await self.request.post("v1/reputation", m.DomainReputationResult, data=input.dict(exclude_none=True))
+        return await self.request.post(
+            "v1/reputation", m.DomainReputationResult, data=input.model_dump(exclude_none=True)
+        )
     async def reputation_bulk(
         self,
@@ -277,7 +285,7 @@ class DomainIntelAsync(ServiceBaseAsync):
         """
         input = m.DomainReputationBulkRequest(domains=domains, verbose=verbose, provider=provider, raw=raw)
         return await self.request.post(
-            "v2/reputation", m.DomainReputationBulkResult, data=input.dict(exclude_none=True)
+            "v2/reputation", m.DomainReputationBulkResult, data=input.model_dump(exclude_none=True)
         )
     async def who_is(
@@ -310,7 +318,7 @@ class DomainIntelAsync(ServiceBaseAsync):
             )
         """
         input = m.DomainWhoIsRequest(domain=domain, verbose=verbose, provider=provider, raw=raw)  # type: ignore[call-arg]
-        return await self.request.post("v1/whois", m.DomainWhoIsResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/whois", m.DomainWhoIsResult, data=input.model_dump(exclude_none=True))
 class IpIntelAsync(ServiceBaseAsync):
@@ -369,7 +377,7 @@ class IpIntelAsync(ServiceBaseAsync):
             )
         """
         input = m.IPReputationRequest(ip=ip, verbose=verbose, raw=raw, provider=provider)
-        return await self.request.post("v1/reputation", m.IPReputationResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/reputation", m.IPReputationResult, data=input.model_dump(exclude_none=True))
     async def reputation_bulk(
         self, ips: List[str], verbose: Optional[bool] = None, raw: Optional[bool] = None, provider: Optional[str] = None
@@ -398,7 +406,9 @@ class IpIntelAsync(ServiceBaseAsync):
             FIXME:
         """
         input = m.IPReputationBulkRequest(ips=ips, verbose=verbose, raw=raw, provider=provider)
-        return await self.request.post("v2/reputation", m.IPReputationBulkResult, data=input.dict(exclude_none=True))
+        return await self.request.post(
+            "v2/reputation", m.IPReputationBulkResult, data=input.model_dump(exclude_none=True)
+        )
     async def geolocate(
         self, ip: str, verbose: Optional[bool] = None, raw: Optional[bool] = None, provider: Optional[str] = None
@@ -430,7 +440,7 @@ class IpIntelAsync(ServiceBaseAsync):
             )
         """
         input = m.IPGeolocateRequest(ip=ip, verbose=verbose, raw=raw, provider=provider)
-        return await self.request.post("v1/geolocate", m.IPGeolocateResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/geolocate", m.IPGeolocateResult, data=input.model_dump(exclude_none=True))
     async def geolocate_bulk(
         self, ips: List[str], verbose: Optional[bool] = None, raw: Optional[bool] = None, provider: Optional[str] = None
@@ -459,7 +469,9 @@ class IpIntelAsync(ServiceBaseAsync):
             FIXME:
         """
         input = m.IPGeolocateBulkRequest(ips=ips, verbose=verbose, raw=raw, provider=provider)
-        return await self.request.post("v2/geolocate", m.IPGeolocateBulkResult, data=input.dict(exclude_none=True))
+        return await self.request.post(
+            "v2/geolocate", m.IPGeolocateBulkResult, data=input.model_dump(exclude_none=True)
+        )
     async def get_domain(
         self, ip: str, verbose: Optional[bool] = None, raw: Optional[bool] = None, provider: Optional[str] = None
@@ -491,7 +503,7 @@ class IpIntelAsync(ServiceBaseAsync):
             )
         """
         input = m.IPDomainRequest(ip=ip, verbose=verbose, raw=raw, provider=provider)
-        return await self.request.post("v1/domain", m.IPDomainResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/domain", m.IPDomainResult, data=input.model_dump(exclude_none=True))
     async def get_domain_bulk(
         self, ips: List[str], verbose: Optional[bool] = None, raw: Optional[bool] = None, provider: Optional[str] = None
@@ -520,7 +532,7 @@ class IpIntelAsync(ServiceBaseAsync):
             FIXME:
         """
         input = m.IPDomainBulkRequest(ips=ips, verbose=verbose, raw=raw, provider=provider)
-        return await self.request.post("v2/domain", m.IPDomainBulkResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v2/domain", m.IPDomainBulkResult, data=input.model_dump(exclude_none=True))
     async def is_vpn(
         self, ip: str, verbose: Optional[bool] = None, raw: Optional[bool] = None, provider: Optional[str] = None
@@ -552,7 +564,7 @@ class IpIntelAsync(ServiceBaseAsync):
             )
         """
         input = m.IPVPNRequest(ip=ip, verbose=verbose, raw=raw, provider=provider)
-        return await self.request.post("v1/vpn", m.IPVPNResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/vpn", m.IPVPNResult, data=input.model_dump(exclude_none=True))
     async def is_vpn_bulk(
         self, ips: List[str], verbose: Optional[bool] = None, raw: Optional[bool] = None, provider: Optional[str] = None
@@ -581,7 +593,7 @@ class IpIntelAsync(ServiceBaseAsync):
             FIXME:
         """
         input = m.IPVPNBulkRequest(ips=ips, verbose=verbose, raw=raw, provider=provider)
-        return await self.request.post("v2/vpn", m.IPVPNBulkResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v2/vpn", m.IPVPNBulkResult, data=input.model_dump(exclude_none=True))
     async def is_proxy(
         self, ip: str, verbose: Optional[bool] = None, raw: Optional[bool] = None, provider: Optional[str] = None
@@ -613,7 +625,7 @@ class IpIntelAsync(ServiceBaseAsync):
             )
         """
         input = m.IPProxyRequest(ip=ip, verbose=verbose, raw=raw, provider=provider)
-        return await self.request.post("v1/proxy", m.IPProxyResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/proxy", m.IPProxyResult, data=input.model_dump(exclude_none=True))
     async def is_proxy_bulk(
         self, ips: List[str], verbose: Optional[bool] = None, raw: Optional[bool] = None, provider: Optional[str] = None
@@ -642,7 +654,7 @@ class IpIntelAsync(ServiceBaseAsync):
             FIXME:
         """
         input = m.IPProxyBulkRequest(ips=ips, verbose=verbose, raw=raw, provider=provider)
-        return await self.request.post("v2/proxy", m.IPProxyBulkResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v2/proxy", m.IPProxyBulkResult, data=input.model_dump(exclude_none=True))
 class UrlIntelAsync(ServiceBaseAsync):
@@ -702,7 +714,7 @@ class UrlIntelAsync(ServiceBaseAsync):
         """
         input = m.URLReputationRequest(url=url, provider=provider, verbose=verbose, raw=raw)
-        return await self.request.post("v1/reputation", m.URLReputationResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/reputation", m.URLReputationResult, data=input.model_dump(exclude_none=True))
     async def reputation_bulk(
         self,
@@ -736,7 +748,9 @@ class UrlIntelAsync(ServiceBaseAsync):
         """
         input = m.URLReputationBulkRequest(urls=urls, provider=provider, verbose=verbose, raw=raw)
-        return await self.request.post("v2/reputation", m.URLReputationBulkResult, data=input.dict(exclude_none=True))
+        return await self.request.post(
+            "v2/reputation", m.URLReputationBulkResult, data=input.model_dump(exclude_none=True)
+        )
 class UserIntelAsync(ServiceBaseAsync):
@@ -822,7 +836,9 @@ class UserIntelAsync(ServiceBaseAsync):
             verbose=verbose,
             raw=raw,
         )
-        return await self.request.post("v1/user/breached", m.UserBreachedResult, data=input.dict(exclude_none=True))
+        return await self.request.post(
+            "v1/user/breached", m.UserBreachedResult, data=input.model_dump(exclude_none=True)
+        )
     async def user_breached_bulk(
         self,
@@ -876,7 +892,9 @@ class UserIntelAsync(ServiceBaseAsync):
             verbose=verbose,
             raw=raw,
         )
-        return await self.request.post("v2/user/breached", m.UserBreachedBulkResult, data=input.dict(exclude_none=True))
+        return await self.request.post(
+            "v2/user/breached", m.UserBreachedBulkResult, data=input.model_dump(exclude_none=True)
+        )
     async def password_breached(
         self,
@@ -919,7 +937,7 @@ class UserIntelAsync(ServiceBaseAsync):
             hash_type=hash_type, hash_prefix=hash_prefix, provider=provider, verbose=verbose, raw=raw
         )
         return await self.request.post(
-            "v1/password/breached", m.UserPasswordBreachedResult, data=input.dict(exclude_none=True)
+            "v1/password/breached", m.UserPasswordBreachedResult, data=input.model_dump(exclude_none=True)
         )
     async def password_breached_bulk(
@@ -959,5 +977,5 @@ class UserIntelAsync(ServiceBaseAsync):
             hash_type=hash_type, hash_prefixes=hash_prefixes, provider=provider, verbose=verbose, raw=raw
         )
         return await self.request.post(
-            "v2/password/breached", m.UserPasswordBreachedBulkResult, data=input.dict(exclude_none=True)
+            "v2/password/breached", m.UserPasswordBreachedBulkResult, data=input.model_dump(exclude_none=True)
         )

pangea/asyncio/services/redact.py CHANGED Viewed

@@ -102,7 +102,7 @@ class RedactAsync(ServiceBaseAsync):
             return_result=return_result,
             redaction_method_overrides=redaction_method_overrides,
         )
-        return await self.request.post("v1/redact", m.RedactResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/redact", m.RedactResult, data=input.model_dump(exclude_none=True))
     async def redact_structured(
         self,
@@ -162,7 +162,9 @@ class RedactAsync(ServiceBaseAsync):
             return_result=return_result,
             redaction_method_overrides=redaction_method_overrides,
         )
-        return await self.request.post("v1/redact_structured", m.StructuredResult, data=input.dict(exclude_none=True))
+        return await self.request.post(
+            "v1/redact_structured", m.StructuredResult, data=input.model_dump(exclude_none=True)
+        )
     async def unredact(self, redacted_data: m.RedactedData, fpe_context: str) -> PangeaResponse[m.UnredactResult]:
         """
@@ -185,4 +187,4 @@ class RedactAsync(ServiceBaseAsync):
                 [API Documentation](https://pangea.cloud/docs/api/redact#unredact)
         """
         input = m.UnredactRequest(redacted_data=redacted_data, fpe_context=fpe_context)
-        return await self.request.post("v1/unredact", m.UnredactResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/unredact", m.UnredactResult, data=input.model_dump(exclude_none=True))

pangea/asyncio/services/vault.py CHANGED Viewed

@@ -31,6 +31,9 @@ from pangea.services.vault.models.common import (
     EncryptStructuredResult,
     EncryptTransformRequest,
     EncryptTransformResult,
+    ExportEncryptionAlgorithm,
+    ExportRequest,
+    ExportResult,
     FolderCreateRequest,
     FolderCreateResult,
     GetRequest,
@@ -151,7 +154,7 @@ class VaultAsync(ServiceBaseAsync):
         input = DeleteRequest(
             id=id,
         )
-        return await self.request.post("v1/delete", DeleteResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/delete", DeleteResult, data=input.model_dump(exclude_none=True))
     # Get endpoint
     async def get(
@@ -198,7 +201,7 @@ class VaultAsync(ServiceBaseAsync):
             verbose=verbose,
             version_state=version_state,
         )
-        return await self.request.post("v1/get", GetResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/get", GetResult, data=input.model_dump(exclude_none=True))
     # List endpoint
     async def list(
@@ -254,7 +257,7 @@ class VaultAsync(ServiceBaseAsync):
             )
         """
         input = ListRequest(filter=filter, last=last, order=order, order_by=order_by, size=size)
-        return await self.request.post("v1/list", ListResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/list", ListResult, data=input.model_dump(exclude_none=True))
     # Update endpoint
     async def update(
@@ -335,7 +338,7 @@ class VaultAsync(ServiceBaseAsync):
             expiration=expiration,
             item_state=item_state,
         )
-        return await self.request.post("v1/update", UpdateResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/update", UpdateResult, data=input.model_dump(exclude_none=True))
     async def secret_store(
         self,
@@ -405,7 +408,7 @@ class VaultAsync(ServiceBaseAsync):
             rotation_state=rotation_state,
             expiration=expiration,
         )
-        return await self.request.post("v1/secret/store", SecretStoreResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/secret/store", SecretStoreResult, data=input.model_dump(exclude_none=True))
     async def pangea_token_store(
         self,
@@ -475,7 +478,7 @@ class VaultAsync(ServiceBaseAsync):
             rotation_state=rotation_state,
             expiration=expiration,
         )
-        return await self.request.post("v1/secret/store", SecretStoreResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/secret/store", SecretStoreResult, data=input.model_dump(exclude_none=True))
     # Rotate endpoint
     async def secret_rotate(
@@ -515,7 +518,7 @@ class VaultAsync(ServiceBaseAsync):
             )
         """
         input = SecretRotateRequest(id=id, secret=secret, rotation_state=rotation_state)
-        return await self.request.post("v1/secret/rotate", SecretRotateResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/secret/rotate", SecretRotateResult, data=input.model_dump(exclude_none=True))
     # Rotate endpoint
     async def pangea_token_rotate(self, id: str) -> PangeaResponse[SecretRotateResult]:
@@ -543,7 +546,7 @@ class VaultAsync(ServiceBaseAsync):
             )
         """
         input = SecretRotateRequest(id=id)  # type: ignore[call-arg]
-        return await self.request.post("v1/secret/rotate", SecretRotateResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/secret/rotate", SecretRotateResult, data=input.model_dump(exclude_none=True))
     async def symmetric_generate(
         self,
@@ -556,6 +559,7 @@ class VaultAsync(ServiceBaseAsync):
         rotation_frequency: Optional[str] = None,
         rotation_state: Optional[ItemVersionState] = None,
         expiration: Optional[datetime.datetime] = None,
+        exportable: Optional[bool] = None,
     ) -> PangeaResponse[SymmetricGenerateResult]:
         """
         Symmetric generate
@@ -577,6 +581,7 @@ class VaultAsync(ServiceBaseAsync):
                 - `deactivated`
                 - `destroyed`
             expiration (str, optional): Expiration timestamp
+            exportable (bool, optional): Whether the key is exportable or not
         Raises:
             PangeaAPIException: If an API Error happens
@@ -616,8 +621,11 @@ class VaultAsync(ServiceBaseAsync):
             rotation_frequency=rotation_frequency,
             rotation_state=rotation_state,
             expiration=expiration,
+            exportable=exportable,
+        )
+        return await self.request.post(
+            "v1/key/generate", SymmetricGenerateResult, data=input.model_dump(exclude_none=True)
         )
-        return await self.request.post("v1/key/generate", SymmetricGenerateResult, data=input.dict(exclude_none=True))
     async def asymmetric_generate(
         self,
@@ -630,6 +638,7 @@ class VaultAsync(ServiceBaseAsync):
         rotation_frequency: Optional[str] = None,
         rotation_state: Optional[ItemVersionState] = None,
         expiration: Optional[datetime.datetime] = None,
+        exportable: Optional[bool] = None,
     ) -> PangeaResponse[AsymmetricGenerateResult]:
         """
         Asymmetric generate
@@ -651,6 +660,7 @@ class VaultAsync(ServiceBaseAsync):
                 - `deactivated`
                 - `destroyed`
             expiration (str, optional): Expiration timestamp
+            exportable (bool, optional): Whether the key is exportable or not
         Raises:
             PangeaAPIException: If an API Error happens
@@ -690,8 +700,11 @@ class VaultAsync(ServiceBaseAsync):
             rotation_frequency=rotation_frequency,
             rotation_state=rotation_state,
             expiration=expiration,
+            exportable=exportable,
+        )
+        return await self.request.post(
+            "v1/key/generate", AsymmetricGenerateResult, data=input.model_dump(exclude_none=True)
         )
-        return await self.request.post("v1/key/generate", AsymmetricGenerateResult, data=input.dict(exclude_none=True))
     # Store endpoints
     async def asymmetric_store(
@@ -707,6 +720,7 @@ class VaultAsync(ServiceBaseAsync):
         rotation_frequency: Optional[str] = None,
         rotation_state: Optional[ItemVersionState] = None,
         expiration: Optional[datetime.datetime] = None,
+        exportable: Optional[bool] = None,
     ) -> PangeaResponse[AsymmetricStoreResult]:
         """
         Asymmetric store
@@ -730,6 +744,7 @@ class VaultAsync(ServiceBaseAsync):
                 - `deactivated`
                 - `destroyed`
             expiration (str, optional): Expiration timestamp
+            exportable (bool, optional): Whether the key is exportable or not
         Raises:
             PangeaAPIException: If an API Error happens
@@ -773,8 +788,9 @@ class VaultAsync(ServiceBaseAsync):
             rotation_frequency=rotation_frequency,
             rotation_state=rotation_state,
             expiration=expiration,
+            exportable=exportable,
         )
-        return await self.request.post("v1/key/store", AsymmetricStoreResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/key/store", AsymmetricStoreResult, data=input.model_dump(exclude_none=True))
     async def symmetric_store(
         self,
@@ -788,6 +804,7 @@ class VaultAsync(ServiceBaseAsync):
         rotation_frequency: Optional[str] = None,
         rotation_state: Optional[ItemVersionState] = None,
         expiration: Optional[datetime.datetime] = None,
+        exportable: Optional[bool] = None,
     ) -> PangeaResponse[SymmetricStoreResult]:
         """
         Symmetric store
@@ -810,6 +827,7 @@ class VaultAsync(ServiceBaseAsync):
                 - `deactivated`
                 - `destroyed`
             expiration (str, optional): Expiration timestamp
+            exportable (bool, optional): Whether the key is exportable or not
         Raises:
             PangeaAPIException: If an API Error happens
@@ -851,8 +869,9 @@ class VaultAsync(ServiceBaseAsync):
             rotation_frequency=rotation_frequency,
             rotation_state=rotation_state,
             expiration=expiration,
+            exportable=exportable,
         )
-        return await self.request.post("v1/key/store", SymmetricStoreResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/key/store", SymmetricStoreResult, data=input.model_dump(exclude_none=True))
     # Rotate endpoint
     async def key_rotate(
@@ -901,7 +920,7 @@ class VaultAsync(ServiceBaseAsync):
         input = KeyRotateRequest(
             id=id, public_key=public_key, private_key=private_key, key=key, rotation_state=rotation_state
         )
-        return await self.request.post("v1/key/rotate", KeyRotateResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/key/rotate", KeyRotateResult, data=input.model_dump(exclude_none=True))
     # Encrypt
     async def encrypt(self, id: str, plain_text: str, version: Optional[int] = None) -> PangeaResponse[EncryptResult]:
@@ -932,8 +951,8 @@ class VaultAsync(ServiceBaseAsync):
                 version=1,
             )
         """
-        input = EncryptRequest(id=id, plain_text=plain_text, version=version)  # type: ignore[call-arg]
-        return await self.request.post("v1/key/encrypt", EncryptResult, data=input.dict(exclude_none=True))
+        input = EncryptRequest(id=id, plain_text=plain_text, version=version)
+        return await self.request.post("v1/key/encrypt", EncryptResult, data=input.model_dump(exclude_none=True))
     # Decrypt
     async def decrypt(self, id: str, cipher_text: str, version: Optional[int] = None) -> PangeaResponse[DecryptResult]:
@@ -964,8 +983,8 @@ class VaultAsync(ServiceBaseAsync):
                 version=1,
             )
         """
-        input = DecryptRequest(id=id, cipher_text=cipher_text, version=version)  # type: ignore[call-arg]
-        return await self.request.post("v1/key/decrypt", DecryptResult, data=input.dict(exclude_none=True))
+        input = DecryptRequest(id=id, cipher_text=cipher_text, version=version)
+        return await self.request.post("v1/key/decrypt", DecryptResult, data=input.model_dump(exclude_none=True))
     # Sign
     async def sign(self, id: str, message: str, version: Optional[int] = None) -> PangeaResponse[SignResult]:
@@ -997,7 +1016,7 @@ class VaultAsync(ServiceBaseAsync):
             )
         """
         input = SignRequest(id=id, message=message, version=version)
-        return await self.request.post("v1/key/sign", SignResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/key/sign", SignResult, data=input.model_dump(exclude_none=True))
     # Verify
     async def verify(
@@ -1038,7 +1057,7 @@ class VaultAsync(ServiceBaseAsync):
             signature=signature,
             version=version,
         )
-        return await self.request.post("v1/key/verify", VerifyResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/key/verify", VerifyResult, data=input.model_dump(exclude_none=True))
     async def jwt_verify(self, jws: str) -> PangeaResponse[JWTVerifyResult]:
         """
@@ -1065,7 +1084,7 @@ class VaultAsync(ServiceBaseAsync):
             )
         """
         input = JWTVerifyRequest(jws=jws)
-        return await self.request.post("v1/key/verify/jwt", JWTVerifyResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/key/verify/jwt", JWTVerifyResult, data=input.model_dump(exclude_none=True))
     async def jwt_sign(self, id: str, payload: str) -> PangeaResponse[JWTSignResult]:
         """
@@ -1094,7 +1113,7 @@ class VaultAsync(ServiceBaseAsync):
             )
         """
         input = JWTSignRequest(id=id, payload=payload)
-        return await self.request.post("v1/key/sign/jwt", JWTSignResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/key/sign/jwt", JWTSignResult, data=input.model_dump(exclude_none=True))
     # Get endpoint
     async def jwk_get(self, id: str, version: Optional[str] = None) -> PangeaResponse[JWKGetResult]:
@@ -1125,7 +1144,7 @@ class VaultAsync(ServiceBaseAsync):
             )
         """
         input = JWKGetRequest(id=id, version=version)
-        return await self.request.post("v1/get/jwk", JWKGetResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/get/jwk", JWKGetResult, data=input.model_dump(exclude_none=True))
     # State change
     async def state_change(
@@ -1164,7 +1183,7 @@ class VaultAsync(ServiceBaseAsync):
             )
         """
         input = StateChangeRequest(id=id, state=state, version=version, destroy_period=destroy_period)
-        return await self.request.post("v1/state/change", StateChangeResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/state/change", StateChangeResult, data=input.model_dump(exclude_none=True))
     # Folder create
     async def folder_create(
@@ -1201,7 +1220,7 @@ class VaultAsync(ServiceBaseAsync):
             )
         """
         input = FolderCreateRequest(name=name, folder=folder, metadata=metadata, tags=tags)
-        return await self.request.post("v1/folder/create", FolderCreateResult, data=input.dict(exclude_none=True))
+        return await self.request.post("v1/folder/create", FolderCreateResult, data=input.model_dump(exclude_none=True))
     # Encrypt structured
     async def encrypt_structured(
@@ -1249,7 +1268,7 @@ class VaultAsync(ServiceBaseAsync):
         return await self.request.post(
             "v1/key/encrypt/structured",
             EncryptStructuredResult,
-            data=input.dict(exclude_none=True),
+            data=input.model_dump(exclude_none=True),
         )
     # Decrypt structured
@@ -1298,7 +1317,7 @@ class VaultAsync(ServiceBaseAsync):
         return await self.request.post(
             "v1/key/decrypt/structured",
             EncryptStructuredResult,
-            data=input.dict(exclude_none=True),
+            data=input.model_dump(exclude_none=True),
         )
     async def encrypt_transform(
@@ -1348,7 +1367,7 @@ class VaultAsync(ServiceBaseAsync):
         return await self.request.post(
             "v1/key/encrypt/transform",
             EncryptTransformResult,
-            data=input.dict(exclude_none=True),
+            data=input.model_dump(exclude_none=True),
         )
     async def decrypt_transform(
@@ -1387,5 +1406,51 @@ class VaultAsync(ServiceBaseAsync):
         return await self.request.post(
             "v1/key/decrypt/transform",
             DecryptTransformResult,
-            data=input.dict(exclude_none=True),
+            data=input.model_dump(exclude_none=True),
+        )
+    async def export(
+        self,
+        id: str,
+        version: int | None = None,
+        encryption_key: str | None = None,
+        encryption_algorithm: ExportEncryptionAlgorithm | None = None,
+    ) -> PangeaResponse[ExportResult]:
+        """
+        Export
+        Export a symmetric or asymmetric key.
+        OperationId: vault_post_v1_export
+        Args:
+            id: The ID of the item.
+            version: The item version.
+            encryption_key: Public key in pem format used to encrypt exported key(s).
+            encryption_algorithm: The algorithm of the public key.
+        Raises:
+            PangeaAPIException: If an API error happens.
+        Returns:
+            A `PangeaResponse` where the exported key is returned in the
+            `response.result` field. Available response fields can be found in
+            our [API documentation](https://pangea.cloud/docs/api/vault#export).
+        Examples:
+            exp_encrypted_resp = await self.vault.export(
+                id=id,
+                version=1,
+                encryption_key=rsa_pub_key_pem,
+                encryption_algorithm=ExportEncryptionAlgorithm.RSA4096_OAEP_SHA512,
+            )
+        """
+        input: ExportRequest = ExportRequest(
+            id=id, version=version, encryption_algorithm=encryption_algorithm, encryption_key=encryption_key
+        )
+        return await self.request.post(
+            "v1/export",
+            ExportResult,
+            data=input.model_dump(exclude_none=True),
         )

pangea/crypto/rsa.py ADDED Viewed

@@ -0,0 +1,47 @@
+from __future__ import annotations
+from cryptography.hazmat.primitives import hashes, serialization
+from cryptography.hazmat.primitives.asymmetric import padding, rsa
+def generate_key_pair() -> tuple[rsa.RSAPrivateKey, rsa.RSAPublicKey]:
+    # Generate a 4096-bit RSA key pair
+    private_key = rsa.generate_private_key(
+        public_exponent=65537,
+        key_size=4096,
+    )
+    # Extract the public key from the private key
+    public_key = private_key.public_key()
+    return private_key, public_key
+def decrypt_sha512(private_key: rsa.RSAPrivateKey, encrypted_message: bytes) -> bytes:
+    # Decrypt the message using the private key and OAEP padding
+    return private_key.decrypt(
+        encrypted_message,
+        padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA512()), algorithm=hashes.SHA512(), label=None),
+    )
+def encrypt_sha512(public_key: rsa.RSAPublicKey, message: bytes) -> bytes:
+    # Encrypt the message using the public key and OAEP padding
+    return public_key.encrypt(
+        message, padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA512()), algorithm=hashes.SHA512(), label=None)
+    )
+def private_key_to_pem(private_key: rsa.RSAPrivateKey) -> bytes:
+    # Serialize private key to PEM format
+    return private_key.private_bytes(
+        encoding=serialization.Encoding.PEM,
+        format=serialization.PrivateFormat.TraditionalOpenSSL,
+        encryption_algorithm=serialization.NoEncryption(),
+    )
+def public_key_to_pem(public_key: rsa.RSAPublicKey) -> bytes:
+    # Serialize public key to PEM format
+    return public_key.public_bytes(
+        encoding=serialization.Encoding.PEM, format=serialization.PublicFormat.SubjectPublicKeyInfo
+    )

pangea/dump_audit.py CHANGED Viewed

@@ -19,7 +19,7 @@ from pangea.utils import default_encoder
 def dump_event(output: io.TextIOWrapper, row: SearchEvent, resp: PangeaResponse[SearchOutput]):
-    row_data = filter_deep_none(row.dict())
+    row_data = filter_deep_none(row.model_dump())
     if resp.result and resp.result.root:
         row_data["tree_size"] = resp.result.root.size
     output.write(json.dumps(row_data, default=default_encoder) + "\n")

pangea-sdk 3.9.0__py3-none-any.whl → 4.1.0__py3-none-any.whl

pangea-sdk 3.9.0py3-none-any.whl → 4.1.0py3-none-any.whl