pangea-sdk 4.4.0__py3-none-any.whl → 5.1.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- pangea/__init__.py +1 -1
- pangea/asyncio/request.py +19 -9
- pangea/asyncio/services/__init__.py +1 -0
- pangea/asyncio/services/share.py +621 -0
- pangea/asyncio/services/vault.py +1571 -787
- pangea/crypto/rsa.py +88 -0
- pangea/request.py +46 -41
- pangea/response.py +12 -0
- pangea/services/__init__.py +1 -0
- pangea/services/audit/signing.py +5 -4
- pangea/services/share/file_format.py +170 -0
- pangea/services/share/share.py +1256 -0
- pangea/services/vault/models/asymmetric.py +120 -20
- pangea/services/vault/models/common.py +293 -171
- pangea/services/vault/models/keys.py +94 -0
- pangea/services/vault/models/secret.py +27 -3
- pangea/services/vault/models/symmetric.py +66 -24
- pangea/services/vault/vault.py +1551 -782
- pangea/tools.py +6 -7
- pangea/utils.py +92 -18
- pangea/verify_audit.py +4 -4
- {pangea_sdk-4.4.0.dist-info → pangea_sdk-5.1.0.dist-info}/METADATA +3 -4
- {pangea_sdk-4.4.0.dist-info → pangea_sdk-5.1.0.dist-info}/RECORD +24 -20
- {pangea_sdk-4.4.0.dist-info → pangea_sdk-5.1.0.dist-info}/WHEEL +0 -0
@@ -1,8 +1,9 @@
|
|
1
1
|
# Copyright 2022 Pangea Cyber Corporation
|
2
2
|
# Author: Pangea Cyber Corporation
|
3
|
+
from __future__ import annotations
|
3
4
|
|
4
5
|
import enum
|
5
|
-
from typing import Dict, Generic, List, NewType, Optional, TypeVar, Union
|
6
|
+
from typing import Dict, Generic, List, Literal, Mapping, NewType, Optional, TypeVar, Union
|
6
7
|
|
7
8
|
from pangea.response import APIRequestModel, PangeaDateTime, PangeaResponseResult
|
8
9
|
|
@@ -18,87 +19,6 @@ EncodedPrivateKey = NewType("EncodedPrivateKey", str)
|
|
18
19
|
EncodedSymmetricKey = NewType("EncodedSymmetricKey", str)
|
19
20
|
|
20
21
|
|
21
|
-
class KeyPurpose(str, enum.Enum):
|
22
|
-
SIGNING = "signing"
|
23
|
-
ENCRYPTION = "encryption"
|
24
|
-
JWT = "jwt"
|
25
|
-
FPE = "fpe"
|
26
|
-
"""Format-preserving encryption."""
|
27
|
-
|
28
|
-
def __str__(self):
|
29
|
-
return str(self.value)
|
30
|
-
|
31
|
-
def __repr__(self):
|
32
|
-
return str(self.value)
|
33
|
-
|
34
|
-
|
35
|
-
class AsymmetricAlgorithm(str, enum.Enum):
|
36
|
-
Ed25519 = "ED25519"
|
37
|
-
RSA2048_PKCS1V15_SHA256 = "RSA-PKCS1V15-2048-SHA256"
|
38
|
-
RSA2048_OAEP_SHA256 = "RSA-OAEP-2048-SHA256"
|
39
|
-
ES256 = "ES256"
|
40
|
-
ES384 = "ES384"
|
41
|
-
ES512 = "ES512"
|
42
|
-
ES256K = "ES256K"
|
43
|
-
RSA2048_OAEP_SHA1 = "RSA-OAEP-2048-SHA1"
|
44
|
-
RSA2048_OAEP_SHA512 = "RSA-OAEP-2048-SHA512"
|
45
|
-
RSA3072_OAEP_SHA1 = "RSA-OAEP-3072-SHA1"
|
46
|
-
RSA3072_OAEP_SHA256 = "RSA-OAEP-3072-SHA256"
|
47
|
-
RSA3072_OAEP_SHA512 = "RSA-OAEP-3072-SHA512"
|
48
|
-
RSA4096_OAEP_SHA1 = "RSA-OAEP-4096-SHA1"
|
49
|
-
RSA4096_OAEP_SHA256 = "RSA-OAEP-4096-SHA256"
|
50
|
-
RSA4096_OAEP_SHA512 = "RSA-OAEP-4096-SHA512"
|
51
|
-
RSA2048_PSS_SHA256 = "RSA-PSS-2048-SHA256"
|
52
|
-
RSA3072_PSS_SHA256 = "RSA-PSS-3072-SHA256"
|
53
|
-
RSA4096_PSS_SHA256 = "RSA-PSS-4096-SHA256"
|
54
|
-
RSA4096_PSS_SHA512 = "RSA-PSS-4096-SHA512"
|
55
|
-
RSA = "RSA-PKCS1V15-2048-SHA256" # deprecated, use RSA2048_PKCS1V15_SHA256 instead
|
56
|
-
Ed25519_DILITHIUM2_BETA = "ED25519-DILITHIUM2-BETA"
|
57
|
-
Ed448_DILITHIUM3_BETA = "ED448-DILITHIUM3-BETA"
|
58
|
-
SPHINCSPLUS_128F_SHAKE256_SIMPLE_BETA = "SPHINCSPLUS-128F-SHAKE256-SIMPLE-BETA"
|
59
|
-
SPHINCSPLUS_128F_SHAKE256_ROBUST_BETA = "SPHINCSPLUS-128F-SHAKE256-ROBUST-BETA"
|
60
|
-
SPHINCSPLUS_192F_SHAKE256_SIMPLE_BETA = "SPHINCSPLUS-192F-SHAKE256-SIMPLE-BETA"
|
61
|
-
SPHINCSPLUS_192F_SHAKE256_ROBUST_BETA = "SPHINCSPLUS-192F-SHAKE256-ROBUST-BETA"
|
62
|
-
SPHINCSPLUS_256F_SHAKE256_SIMPLE_BETA = "SPHINCSPLUS-256F-SHAKE256-SIMPLE-BETA"
|
63
|
-
SPHINCSPLUS_256F_SHAKE256_ROBUST_BETA = "SPHINCSPLUS-256F-SHAKE256-ROBUST-BETA"
|
64
|
-
SPHINCSPLUS_128F_SHA256_SIMPLE_BETA = "SPHINCSPLUS-128F-SHA256-SIMPLE-BETA"
|
65
|
-
SPHINCSPLUS_128F_SHA256_ROBUST_BETA = "SPHINCSPLUS-128F-SHA256-ROBUST-BETA"
|
66
|
-
SPHINCSPLUS_192F_SHA256_SIMPLE_BETA = "SPHINCSPLUS-192F-SHA256-SIMPLE-BETA"
|
67
|
-
SPHINCSPLUS_192F_SHA256_ROBUST_BETA = "SPHINCSPLUS-192F-SHA256-ROBUST-BETA"
|
68
|
-
SPHINCSPLUS_256F_SHA256_SIMPLE_BETA = "SPHINCSPLUS-256F-SHA256-SIMPLE-BETA"
|
69
|
-
SPHINCSPLUS_256F_SHA256_ROBUST_BETA = "SPHINCSPLUS-256F-SHA256-ROBUST-BETA"
|
70
|
-
FALCON_1024_BETA = "FALCON-1024-BETA"
|
71
|
-
|
72
|
-
def __str__(self):
|
73
|
-
return str(self.value)
|
74
|
-
|
75
|
-
def __repr__(self):
|
76
|
-
return str(self.value)
|
77
|
-
|
78
|
-
|
79
|
-
class SymmetricAlgorithm(str, enum.Enum):
|
80
|
-
HS256 = "HS256"
|
81
|
-
HS384 = "HS384"
|
82
|
-
HS512 = "HS512"
|
83
|
-
AES128_CFB = "AES-CFB-128"
|
84
|
-
AES256_CFB = "AES-CFB-256"
|
85
|
-
AES256_GCM = "AES-GCM-256"
|
86
|
-
AES128_CBC = "AES-CBC-128"
|
87
|
-
AES256_CBC = "AES-CBC-256"
|
88
|
-
AES = "AES-CFB-128" # deprecated, use AES128_CFB instead
|
89
|
-
AES128_FF3_1_BETA = "AES-FF3-1-128-BETA"
|
90
|
-
"""128-bit encryption using the FF3-1 algorithm."""
|
91
|
-
|
92
|
-
AES256_FF3_1_BETA = "AES-FF3-1-256-BETA"
|
93
|
-
"""256-bit encryption using the FF3-1 algorithm."""
|
94
|
-
|
95
|
-
def __str__(self):
|
96
|
-
return str(self.value)
|
97
|
-
|
98
|
-
def __repr__(self):
|
99
|
-
return str(self.value)
|
100
|
-
|
101
|
-
|
102
22
|
Metadata = NewType("Metadata", Dict[str, str])
|
103
23
|
Tags = NewType("Tags", List[str])
|
104
24
|
|
@@ -139,12 +59,11 @@ class ItemType(str, enum.Enum):
|
|
139
59
|
SYMMETRIC_KEY = "symmetric_key"
|
140
60
|
SECRET = "secret"
|
141
61
|
PANGEA_TOKEN = "pangea_token"
|
142
|
-
|
143
|
-
|
144
|
-
|
145
|
-
|
146
|
-
|
147
|
-
return str(self.value)
|
62
|
+
PANGEA_CLIENT_SECRET = "pangea_client_secret"
|
63
|
+
FOLDER = "folder"
|
64
|
+
CERTIFICATE = "certificate"
|
65
|
+
CERTIFICATE_AUTHORITY = "ca"
|
66
|
+
CERTIFICATE_REVOCATION_LIST = "crl"
|
148
67
|
|
149
68
|
|
150
69
|
class ItemVersionState(str, enum.Enum):
|
@@ -155,22 +74,36 @@ class ItemVersionState(str, enum.Enum):
|
|
155
74
|
DESTROYED = "destroyed"
|
156
75
|
INHERITED = "inherited"
|
157
76
|
|
158
|
-
def __str__(self):
|
159
|
-
return str(self.value)
|
160
77
|
|
161
|
-
|
162
|
-
|
78
|
+
class RotationState(str, enum.Enum):
|
79
|
+
DEACTIVATED = "deactivated"
|
80
|
+
DESTROYED = "destroyed"
|
81
|
+
|
82
|
+
|
83
|
+
class RequestRotationState(str, enum.Enum):
|
84
|
+
DEACTIVATED = "deactivated"
|
85
|
+
DESTROYED = "destroyed"
|
86
|
+
INHERITED = "inherited"
|
87
|
+
|
88
|
+
|
89
|
+
class RequestManualRotationState(str, enum.Enum):
|
90
|
+
DEACTIVATED = "deactivated"
|
91
|
+
SUSPENDED = "suspended"
|
92
|
+
DESTROYED = "destroyed"
|
93
|
+
INHERITED = "inherited"
|
163
94
|
|
164
95
|
|
165
96
|
class ItemState(str, enum.Enum):
|
166
97
|
ENABLED = "enabled"
|
167
98
|
DISABLED = "disabled"
|
168
99
|
|
169
|
-
|
170
|
-
return str(self.value)
|
100
|
+
value: str
|
171
101
|
|
172
|
-
|
173
|
-
|
102
|
+
|
103
|
+
class ExportEncryptionType(str, enum.Enum):
|
104
|
+
NONE = "none"
|
105
|
+
ASYMMETRIC = "asymmetric"
|
106
|
+
KEM = "kem"
|
174
107
|
|
175
108
|
|
176
109
|
class ExportEncryptionAlgorithm(str, enum.Enum):
|
@@ -179,22 +112,7 @@ class ExportEncryptionAlgorithm(str, enum.Enum):
|
|
179
112
|
RSA4096_OAEP_SHA512 = "RSA-OAEP-4096-SHA512"
|
180
113
|
"""RSA 4096-bit key, OAEP padding, SHA512 digest."""
|
181
114
|
|
182
|
-
|
183
|
-
return str(self.value)
|
184
|
-
|
185
|
-
def __repr__(self):
|
186
|
-
return str(self.value)
|
187
|
-
|
188
|
-
|
189
|
-
class CommonStoreRequest(APIRequestModel):
|
190
|
-
type: ItemType
|
191
|
-
name: str
|
192
|
-
folder: Optional[str] = None
|
193
|
-
metadata: Optional[Metadata] = None
|
194
|
-
tags: Optional[Tags] = None
|
195
|
-
rotation_frequency: Optional[str] = None
|
196
|
-
rotation_state: Optional[ItemVersionState] = None
|
197
|
-
expiration: Optional[PangeaDateTime] = None
|
115
|
+
RSA_NO_PADDING_4096_KEM = "RSA-NO-PADDING-4096-KEM"
|
198
116
|
|
199
117
|
|
200
118
|
class CommonStoreResult(PangeaResponseResult):
|
@@ -203,17 +121,6 @@ class CommonStoreResult(PangeaResponseResult):
|
|
203
121
|
version: int
|
204
122
|
|
205
123
|
|
206
|
-
class CommonGenerateRequest(APIRequestModel):
|
207
|
-
type: ItemType
|
208
|
-
name: str
|
209
|
-
folder: Optional[str] = None
|
210
|
-
metadata: Optional[Metadata] = None
|
211
|
-
tags: Optional[Tags] = None
|
212
|
-
rotation_frequency: Optional[str] = None
|
213
|
-
rotation_state: Optional[ItemVersionState] = None
|
214
|
-
expiration: Optional[PangeaDateTime] = None
|
215
|
-
|
216
|
-
|
217
124
|
class CommonGenerateResult(PangeaResponseResult):
|
218
125
|
type: str
|
219
126
|
version: int
|
@@ -222,25 +129,40 @@ class CommonGenerateResult(PangeaResponseResult):
|
|
222
129
|
|
223
130
|
class GetRequest(APIRequestModel):
|
224
131
|
id: str
|
225
|
-
version:
|
226
|
-
|
227
|
-
|
132
|
+
version: Union[Literal["all"], int, None] = None
|
133
|
+
|
134
|
+
|
135
|
+
class GetBulkRequest(APIRequestModel):
|
136
|
+
filter: Mapping[str, str]
|
137
|
+
"""Filters to customize a search."""
|
138
|
+
|
139
|
+
size: Optional[int] = None
|
140
|
+
"""Maximum number of items in the response."""
|
141
|
+
|
142
|
+
order: Optional[ItemOrder] = None
|
143
|
+
"""Direction for ordering the results."""
|
144
|
+
|
145
|
+
order_by: Optional[ItemOrderBy] = None
|
146
|
+
"""Property by which to order the results."""
|
147
|
+
|
148
|
+
last: Optional[str] = None
|
149
|
+
"""
|
150
|
+
Internal ID returned in the previous look up response. Used for pagination.
|
151
|
+
"""
|
228
152
|
|
229
153
|
|
230
|
-
class
|
154
|
+
class ItemVersion(PangeaResponseResult):
|
231
155
|
version: int
|
232
|
-
state: str
|
233
156
|
created_at: str
|
234
|
-
|
235
|
-
|
236
|
-
secret: Optional[str] = None
|
157
|
+
state: ItemVersionState
|
158
|
+
destroyed_at: Optional[str] = None
|
237
159
|
|
238
160
|
|
239
161
|
class ItemData(PangeaResponseResult):
|
240
162
|
type: str
|
241
163
|
id: Optional[str] = None
|
242
164
|
item_state: Optional[str] = None
|
243
|
-
current_version: Optional[
|
165
|
+
current_version: Optional[ItemVersion] = None
|
244
166
|
name: Optional[str] = None
|
245
167
|
folder: Optional[str] = None
|
246
168
|
metadata: Optional[Metadata] = None
|
@@ -263,24 +185,105 @@ class InheritedSettings(PangeaResponseResult):
|
|
263
185
|
rotation_grace_period: Optional[str] = None
|
264
186
|
|
265
187
|
|
266
|
-
class
|
267
|
-
|
268
|
-
|
269
|
-
|
188
|
+
class Key(PangeaResponseResult):
|
189
|
+
id: str
|
190
|
+
type: ItemType
|
191
|
+
item_state: Optional[ItemState] = None
|
192
|
+
enabled: bool
|
193
|
+
current_version: Optional[ItemVersion] = None
|
194
|
+
name: str
|
195
|
+
folder: str
|
196
|
+
metadata: Optional[Metadata] = None
|
197
|
+
tags: Optional[Tags] = None
|
198
|
+
rotation_frequency: str
|
199
|
+
rotation_state: RotationState
|
200
|
+
last_rotated: Optional[str] = None
|
201
|
+
next_rotation: str
|
202
|
+
disabled_at: Optional[str] = None
|
203
|
+
created_at: str
|
204
|
+
algorithm: str
|
205
|
+
purpose: str
|
206
|
+
encrypting_item_id: Optional[str] = None
|
207
|
+
inherited_settings: InheritedSettings
|
208
|
+
exportable: bool
|
209
|
+
"""Whether the key is exportable or not."""
|
210
|
+
|
211
|
+
|
212
|
+
class SecretVersion(ItemVersion):
|
213
|
+
secret: Optional[str] = None
|
214
|
+
|
215
|
+
|
216
|
+
class Secret(PangeaResponseResult):
|
217
|
+
id: str
|
218
|
+
type: Literal[ItemType.SECRET] = ItemType.SECRET
|
219
|
+
enabled: bool
|
220
|
+
name: str
|
221
|
+
folder: str
|
222
|
+
metadata: Optional[Metadata] = None
|
223
|
+
tags: Optional[Tags] = None
|
224
|
+
expiration: Optional[str] = None
|
225
|
+
created_at: str
|
226
|
+
encrypting_item_id: Optional[str] = None
|
227
|
+
item_versions: List[SecretVersion]
|
270
228
|
|
271
229
|
|
272
|
-
class
|
273
|
-
|
230
|
+
class ClientSecret(PangeaResponseResult):
|
231
|
+
id: str
|
232
|
+
type: Literal[ItemType.PANGEA_CLIENT_SECRET] = ItemType.PANGEA_CLIENT_SECRET
|
233
|
+
enabled: bool
|
234
|
+
name: str
|
235
|
+
folder: str
|
236
|
+
metadata: Metadata
|
237
|
+
tags: Tags
|
238
|
+
expiration: str
|
239
|
+
created_at: str
|
240
|
+
encrypting_item_id: str
|
241
|
+
rotation_frequency: str
|
242
|
+
rotation_state: RotationState
|
243
|
+
rotation_grace_period: str
|
244
|
+
inherited_settings: InheritedSettings
|
245
|
+
item_versions: List[SecretVersion]
|
246
|
+
|
247
|
+
|
248
|
+
class Folder(PangeaResponseResult):
|
249
|
+
id: str
|
250
|
+
type: Literal[ItemType.FOLDER] = ItemType.FOLDER
|
251
|
+
name: str
|
252
|
+
folder: str
|
253
|
+
metadata: Metadata
|
254
|
+
tags: Tags
|
255
|
+
created_at: str
|
256
|
+
inherited_settings: InheritedSettings
|
257
|
+
|
258
|
+
|
259
|
+
class ListItemData(PangeaResponseResult):
|
260
|
+
id: str
|
261
|
+
type: ItemType
|
262
|
+
name: str
|
263
|
+
folder: str
|
264
|
+
created_at: str
|
265
|
+
tags: Optional[Tags] = None
|
266
|
+
metadata: Optional[Metadata] = None
|
267
|
+
last_rotated: Optional[str] = None
|
268
|
+
next_rotation: Optional[str] = None
|
269
|
+
disabled_at: Optional[str] = None
|
270
|
+
rotation_frequency: Optional[str] = None
|
271
|
+
rotation_state: Optional[RotationState] = None
|
272
|
+
algorithm: Optional[str] = None
|
273
|
+
purpose: Optional[str] = None
|
274
|
+
inherited_settings: Optional[InheritedSettings] = None
|
275
|
+
compromised_versions: Optional[List[ItemVersion]] = None
|
274
276
|
|
275
277
|
|
276
278
|
class ListResult(PangeaResponseResult):
|
277
|
-
items: List[ListItemData]
|
278
|
-
|
279
|
+
items: List[ListItemData]
|
280
|
+
|
279
281
|
last: Optional[str] = None
|
282
|
+
"""Internal ID returned in the previous look up response. Used for pagination."""
|
280
283
|
|
281
284
|
|
282
285
|
class ListRequest(APIRequestModel):
|
283
|
-
filter: Optional[
|
286
|
+
filter: Optional[Mapping[str, str]] = None
|
284
287
|
size: Optional[int] = None
|
285
288
|
order: Optional[ItemOrder] = None
|
286
289
|
order_by: Optional[ItemOrderBy] = None
|
@@ -289,7 +292,7 @@ class ListRequest(APIRequestModel):
|
|
289
292
|
|
290
293
|
class CommonRotateRequest(APIRequestModel):
|
291
294
|
id: str
|
292
|
-
rotation_state:
|
295
|
+
rotation_state: RequestManualRotationState = RequestManualRotationState.DEACTIVATED
|
293
296
|
|
294
297
|
|
295
298
|
class CommonRotateResult(PangeaResponseResult):
|
@@ -298,12 +301,6 @@ class CommonRotateResult(PangeaResponseResult):
|
|
298
301
|
type: str
|
299
302
|
|
300
303
|
|
301
|
-
class KeyRotateRequest(CommonRotateRequest):
|
302
|
-
key: Optional[str] = None
|
303
|
-
public_key: Optional[EncodedPublicKey] = None
|
304
|
-
private_key: Optional[EncodedPrivateKey] = None
|
305
|
-
|
306
|
-
|
307
304
|
class KeyRotateResult(CommonRotateResult):
|
308
305
|
public_key: Optional[EncodedPublicKey] = None
|
309
306
|
algorithm: str
|
@@ -312,10 +309,12 @@ class KeyRotateResult(CommonRotateResult):
|
|
312
309
|
|
313
310
|
class DeleteRequest(APIRequestModel):
|
314
311
|
id: str
|
312
|
+
recursive: bool = False
|
315
313
|
|
316
314
|
|
317
315
|
class DeleteResult(PangeaResponseResult):
|
318
316
|
id: str
|
317
|
+
"""The ID of the item."""
|
319
318
|
|
320
319
|
|
321
320
|
class UpdateRequest(APIRequestModel):
|
@@ -324,11 +323,11 @@ class UpdateRequest(APIRequestModel):
|
|
324
323
|
folder: Optional[str] = None
|
325
324
|
metadata: Optional[Metadata] = None
|
326
325
|
tags: Optional[Tags] = None
|
326
|
+
disabled_at: Optional[str] = None
|
327
|
+
enabled: Optional[bool] = None
|
327
328
|
rotation_frequency: Optional[str] = None
|
328
|
-
rotation_state:
|
329
|
+
rotation_state: RequestRotationState = RequestRotationState.INHERITED
|
329
330
|
rotation_grace_period: Optional[str] = None
|
330
|
-
expiration: Optional[PangeaDateTime] = None
|
331
|
-
item_state: Optional[ItemState] = None
|
332
331
|
|
333
332
|
|
334
333
|
class UpdateResult(PangeaResponseResult):
|
@@ -377,6 +376,7 @@ class JWTVerifyRequest(APIRequestModel):
|
|
377
376
|
|
378
377
|
class JWTVerifyResult(PangeaResponseResult):
|
379
378
|
valid_signature: bool
|
379
|
+
"""Indicates if messages have been verified."""
|
380
380
|
|
381
381
|
|
382
382
|
class JWTSignRequest(APIRequestModel):
|
@@ -386,6 +386,7 @@ class JWTSignRequest(APIRequestModel):
|
|
386
386
|
|
387
387
|
class JWTSignResult(PangeaResponseResult):
|
388
388
|
jws: str
|
389
|
+
"""The signed JSON Web Token (JWS)."""
|
389
390
|
|
390
391
|
|
391
392
|
class StateChangeRequest(APIRequestModel):
|
@@ -408,12 +409,38 @@ class FolderCreateRequest(APIRequestModel):
|
|
408
409
|
metadata: Optional[Metadata] = None
|
409
410
|
tags: Optional[Tags] = None
|
410
411
|
rotation_frequency: Optional[str] = None
|
411
|
-
rotation_state: Optional[
|
412
|
+
rotation_state: Optional[RequestRotationState] = None
|
412
413
|
rotation_grace_period: Optional[str] = None
|
414
|
+
disabled_at: Optional[PangeaDateTime] = None
|
413
415
|
|
414
416
|
|
415
417
|
class FolderCreateResult(PangeaResponseResult):
|
416
418
|
id: str
|
419
|
+
"""The ID of the item."""
|
420
|
+
|
421
|
+
type: str
|
422
|
+
"""The type of the folder."""
|
423
|
+
|
424
|
+
name: str
|
425
|
+
"""The name of this item."""
|
426
|
+
|
427
|
+
folder: str
|
428
|
+
"""The folder where this item is stored."""
|
429
|
+
|
430
|
+
metadata: Optional[Metadata] = None
|
431
|
+
"""User-provided metadata."""
|
432
|
+
|
433
|
+
tags: Optional[Tags] = None
|
434
|
+
"""A list of user-defined tags."""
|
435
|
+
|
436
|
+
created_at: str
|
437
|
+
"""Timestamp indicating when the item was created."""
|
438
|
+
|
439
|
+
inherited_settings: InheritedSettings
|
440
|
+
"""
|
441
|
+
For settings that inherit a value from a parent folder, the full path of the
|
442
|
+
folder where the value is set.
|
443
|
+
"""
|
417
444
|
|
418
445
|
|
419
446
|
TDict = TypeVar("TDict", bound=Dict)
|
@@ -472,12 +499,6 @@ class TransformAlphabet(str, enum.Enum):
|
|
472
499
|
ALPHANUMERIC = "alphanumeric"
|
473
500
|
"""Alphanumeric (a-z, A-Z, 0-9)."""
|
474
501
|
|
475
|
-
def __str__(self) -> str:
|
476
|
-
return str(self.value)
|
477
|
-
|
478
|
-
def __repr__(self) -> str:
|
479
|
-
return str(self.value)
|
480
|
-
|
481
502
|
|
482
503
|
class EncryptTransformRequest(APIRequestModel):
|
483
504
|
id: str
|
@@ -566,29 +587,71 @@ class ExportRequest(APIRequestModel):
|
|
566
587
|
version: Optional[int] = None
|
567
588
|
"""The item version."""
|
568
589
|
|
569
|
-
|
590
|
+
kem_password: Optional[str] = None
|
591
|
+
"""
|
592
|
+
This is the password that will be used along with a salt to derive the
|
593
|
+
symmetric key that is used to encrypt the exported key material.
|
594
|
+
"""
|
595
|
+
|
596
|
+
asymmetric_public_key: Optional[str] = None
|
570
597
|
"""Public key in pem format used to encrypt exported key(s)."""
|
571
598
|
|
572
|
-
|
599
|
+
asymmetric_algorithm: Optional[ExportEncryptionAlgorithm] = None
|
573
600
|
"""The algorithm of the public key."""
|
574
601
|
|
575
602
|
|
576
603
|
class ExportResult(PangeaResponseResult):
|
577
604
|
id: str
|
578
|
-
"""The ID of the
|
605
|
+
"""The ID of the key."""
|
606
|
+
|
607
|
+
type: ItemType
|
608
|
+
"""The type of the key."""
|
579
609
|
|
580
610
|
version: int
|
581
611
|
"""The item version."""
|
582
612
|
|
583
|
-
|
584
|
-
"""
|
585
|
-
|
586
|
-
item_state: str
|
587
|
-
"""The state of the item."""
|
613
|
+
enabled: bool
|
614
|
+
"""True if the item is enabled."""
|
588
615
|
|
589
616
|
algorithm: str
|
590
617
|
"""The algorithm of the key."""
|
591
618
|
|
619
|
+
asymmetric_algorithm: Optional[ExportEncryptionAlgorithm] = None
|
620
|
+
"""The algorithm of the public key used to encrypt exported material."""
|
621
|
+
|
622
|
+
symmetric_algorithm: Optional[str] = None
|
623
|
+
|
624
|
+
encryption_type: ExportEncryptionType
|
625
|
+
"""
|
626
|
+
Encryption format of the exported key(s). It could be `none` if returned in
|
627
|
+
plain text, `asymmetric` if it is encrypted just with the public key sent in
|
628
|
+
`encryption_public_key`, or `kem` if it was encrypted using KEM protocol.
|
629
|
+
"""
|
630
|
+
|
631
|
+
kdf: Optional[str] = None
|
632
|
+
"""
|
633
|
+
Key derivation function used to derivate the symmetric key when
|
634
|
+
`encryption_type` is `kem`.
|
635
|
+
"""
|
636
|
+
|
637
|
+
hash_algorithm: Optional[str] = None
|
638
|
+
"""
|
639
|
+
Hash algorithm used to derivate the symmetric key when `encryption_type` is
|
640
|
+
`kem`.
|
641
|
+
"""
|
642
|
+
|
643
|
+
iteration_count: Optional[int] = None
|
644
|
+
"""
|
645
|
+
Iteration count used to derivate the symmetric key when `encryption_type` is
|
646
|
+
`kem`.
|
647
|
+
"""
|
648
|
+
|
649
|
+
encrypted_salt: Optional[str] = None
|
650
|
+
"""
|
651
|
+
Salt used to derivate the symmetric key when `encryption_type` is `kem`,
|
652
|
+
encrypted with the public key provided in `asymmetric_key`.
|
653
|
+
"""
|
654
|
+
|
592
655
|
public_key: Optional[str] = None
|
593
656
|
"""The public key (in PEM format)."""
|
594
657
|
|
@@ -598,8 +661,67 @@ class ExportResult(PangeaResponseResult):
|
|
598
661
|
key: Optional[str] = None
|
599
662
|
"""The key material."""
|
600
663
|
|
601
|
-
|
602
|
-
|
603
|
-
|
604
|
-
|
605
|
-
|
664
|
+
|
665
|
+
class PangeaTokenVersion(ItemVersion):
|
666
|
+
token: Optional[str] = None
|
667
|
+
"""Pangea token value."""
|
668
|
+
|
669
|
+
|
670
|
+
class PangeaToken(PangeaResponseResult):
|
671
|
+
id: str
|
672
|
+
"""ID of the token."""
|
673
|
+
|
674
|
+
type: Literal[ItemType.PANGEA_TOKEN] = ItemType.PANGEA_TOKEN
|
675
|
+
"""Type of the Vault item."""
|
676
|
+
|
677
|
+
item_versions: List[PangeaTokenVersion]
|
678
|
+
|
679
|
+
metadata: Optional[Metadata] = None
|
680
|
+
"""Metadata provided by the user."""
|
681
|
+
|
682
|
+
num_versions: int
|
683
|
+
"""Total number of versions of the item."""
|
684
|
+
|
685
|
+
enabled: bool
|
686
|
+
"""`true` if the item is enabled."""
|
687
|
+
|
688
|
+
name: str
|
689
|
+
"""Name of the item."""
|
690
|
+
|
691
|
+
folder: str
|
692
|
+
"""Folder where the item is stored."""
|
693
|
+
|
694
|
+
tags: Tags
|
695
|
+
"""List of user-defined tags."""
|
696
|
+
|
697
|
+
last_rotated: Optional[str] = None
|
698
|
+
"""Timestamp of the last rotation."""
|
699
|
+
|
700
|
+
next_rotation: Optional[str] = None
|
701
|
+
"""Timestamp of the next rotation if auto-rotation is enabled."""
|
702
|
+
|
703
|
+
disabled_at: Optional[str] = None
|
704
|
+
"""Timestamp indicating when the item will be disabled."""
|
705
|
+
|
706
|
+
created_at: str
|
707
|
+
"""Timestamp indicating when the item was created."""
|
708
|
+
|
709
|
+
rotation_frequency: str
|
710
|
+
"""Time interval between item rotations."""
|
711
|
+
|
712
|
+
rotation_state: RotationState
|
713
|
+
"""Target state for the previous version after rotation."""
|
714
|
+
|
715
|
+
rotation_grace_period: str
|
716
|
+
"""Grace period for the previous version."""
|
717
|
+
|
718
|
+
inherited_settings: InheritedSettings
|
719
|
+
"""Full paths of the parent folders from which settings inherit their values."""
|
720
|
+
|
721
|
+
|
722
|
+
class PangeaTokenRotateRequest(CommonRotateRequest):
|
723
|
+
rotation_grace_period: Optional[str] = None
|
724
|
+
|
725
|
+
|
726
|
+
class ClientSecretRotateRequest(CommonRotateRequest):
|
727
|
+
rotation_grace_period: Optional[str] = None
|