pysealer 0.6.0__pp311-pypy311_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl

pysealer/__init__.py

@@ -0,0 +1,24 @@
+"""Pysealer package entry point
+
+This package serves as a bridge between the Python command line interface and the
+underlying Rust implementation (compiled as _pysealer module). It exposes the
+core functionality for adding version control decorators to Python functions.
+
+This module also dynamically provides decorator placeholders (e.g. @pysealer._<sig>)
+so that decorated functions remain importable.
+"""
+
+# Define the rust to python module version and functions
+from ._pysealer import generate_keypair, generate_signature, verify_signature
+
+__version__ = "0.6.0"
+__all__ = ["generate_keypair", "generate_signature", "verify_signature"]
+
+# Ensure dummy decorators are registered on import
+from . import dummy_decorators
+
+# Allow dynamic decorator resolution for @pyseal._<sig>()
+def __getattr__(name):
+	if name.startswith("_"):
+		return dummy_decorators._dummy_decorator
+	raise AttributeError(f"module 'pysealer' has no attribute '{name}'")

pysealer/add_decorators.py

@@ -0,0 +1,228 @@
+"""Automatically add cryptographic decorators to all functions and classes in a python file."""
+
+import ast
+import copy
+from pathlib import Path
+from pysealer import generate_signature
+from .setup import get_private_key
+
+def add_decorators(file_path: str) -> tuple[str, bool]:
+    """
+    Parse a Python file, add decorators to all functions and classes, and return the modified code.
+    
+    Args:
+        file_path: Path to the Python file to process
+        
+    Returns:
+        Tuple of (modified Python source code as a string, whether any decorators were added)
+    """
+    # Read the entire file content into a string
+    with open(file_path, 'r') as f:
+        content = f.read()
+
+    # Split content into lines for manipulation
+    lines = content.split('\n')
+
+    # Parse the Python source code into an Abstract Syntax Tree (AST)
+    tree = ast.parse(content)
+    
+    # First pass: Remove existing pysealer decorators
+    lines_to_remove = set()
+    for node in ast.walk(tree):
+        if type(node).__name__ in ("FunctionDef", "AsyncFunctionDef", "ClassDef"):
+            if hasattr(node, 'decorator_list'):
+                for decorator in node.decorator_list:
+                    is_pysealer_decorator = False
+                    
+                    if isinstance(decorator, ast.Name):
+                        if decorator.id.startswith("pysealer"):
+                            is_pysealer_decorator = True
+                    elif isinstance(decorator, ast.Attribute):
+                        if isinstance(decorator.value, ast.Name) and decorator.value.id == "pysealer":
+                            is_pysealer_decorator = True
+                    elif isinstance(decorator, ast.Call):
+                        func = decorator.func
+                        if isinstance(func, ast.Attribute):
+                            if isinstance(func.value, ast.Name) and func.value.id == "pysealer":
+                                is_pysealer_decorator = True
+                        elif isinstance(func, ast.Name) and func.id.startswith("pysealer"):
+                            is_pysealer_decorator = True
+                    
+                    if is_pysealer_decorator:
+                        # Mark this line for removal (convert to 0-indexed)
+                        lines_to_remove.add(decorator.lineno - 1)
+    
+    # Remove the marked lines (in reverse order to preserve indices)
+    for line_idx in sorted(lines_to_remove, reverse=True):
+        del lines[line_idx]
+    
+    # Re-parse the content after removing decorators to get updated line numbers
+    modified_content = '\n'.join(lines)
+    tree = ast.parse(modified_content)
+    
+    # Build parent map for all nodes
+    parent_map = {}
+    for parent in ast.walk(tree):
+        for child in ast.iter_child_nodes(parent):
+            parent_map[child] = parent
+
+    decorators_to_add = []
+
+    for node in ast.walk(tree):
+        node_type = type(node).__name__
+
+        # Only decorate:
+        # - Top-level functions (not inside a class)
+        # - Top-level classes
+        if node_type in ("FunctionDef", "AsyncFunctionDef"):
+            parent = parent_map.get(node)
+            if isinstance(parent, ast.ClassDef):
+                continue  # skip methods inside classes
+        elif node_type == "ClassDef":
+            pass  # always decorate classes
+        else:
+            continue
+
+        # Extract the complete source code of this function/class for hashing
+        # Use original source to preserve formatting (quotes, spacing, etc.)
+        start_line = node.lineno - 1
+        end_line = node.end_lineno if hasattr(node, 'end_lineno') and node.end_lineno else node.lineno
+        
+        # Get the source lines for this node
+        source_lines = lines[start_line:end_line]
+        
+        # Filter out pysealer decorator lines
+        filtered_lines = []
+        for line in source_lines:
+            stripped = line.strip()
+            # Skip lines that are pysealer decorators
+            if stripped.startswith('@pysealer.') or stripped.startswith('@pysealer'):
+                continue
+            filtered_lines.append(line)
+        
+        function_source = '\n'.join(filtered_lines)
+
+        try:
+            private_key = get_private_key()
+        except (FileNotFoundError, ValueError) as e:
+            raise RuntimeError(f"Cannot add decorators: {e}. Please run 'pysealer init' first.")
+
+        try:
+            signature = generate_signature(function_source, private_key)
+        except Exception as e:
+            raise RuntimeError(f"Failed to generate signature: {e}")
+
+        decorator_line = node.lineno - 1
+        if hasattr(node, 'decorator_list') and node.decorator_list:
+            decorator_line = node.decorator_list[0].lineno - 1
+
+        decorators_to_add.append((decorator_line, node.col_offset, signature))
+
+    # If no decorators to add, return original content
+    if not decorators_to_add:
+        return content, False
+    
+    # Sort in reverse order to add from bottom to top (preserves line numbers)
+    decorators_to_add.sort(reverse=True)
+
+    # Add decorators to the lines first
+    for line_idx, col_offset, signature in decorators_to_add:
+        indent = ' ' * col_offset
+        decorator_line = f"{indent}@pysealer._{signature}()"
+        lines.insert(line_idx, decorator_line)
+    
+    # Now add 'import pysealer' at the top if not present
+    has_import_pysealer = any(
+        line.strip() == 'import pysealer' or line.strip().startswith('import pysealer') or line.strip().startswith('from pysealer')
+        for line in lines
+    )
+    if not has_import_pysealer:
+        # Find the import block
+        import_indices = [i for i, line in enumerate(lines) if line.strip().startswith('import ') or line.strip().startswith('from ')]
+        if import_indices:
+            # Insert after the last import in the block
+            last_import = import_indices[-1]
+            lines.insert(last_import + 1, 'import pysealer')
+        else:
+            # No import block found, insert after shebang/docstring/comments
+            insert_at = 0
+            if lines and lines[0].startswith('#!'):
+                insert_at = 1
+            # Skip module-level docstrings and blank lines
+            while insert_at < len(lines):
+                line = lines[insert_at].strip()
+                if line == '':
+                    insert_at += 1
+                elif line.startswith('"""') or line.startswith("'''"):
+                    # Handle multi-line docstrings
+                    quote = '"""' if line.startswith('"""') else "'''"
+                    # Check if docstring ends on same line
+                    if line.count(quote) >= 2:
+                        insert_at += 1
+                    else:
+                        # Multi-line docstring
+                        insert_at += 1
+                        while insert_at < len(lines) and quote not in lines[insert_at]:
+                            insert_at += 1
+                        if insert_at < len(lines):
+                            insert_at += 1
+                elif line.startswith('#'):
+                    # Skip comments
+                    insert_at += 1
+                else:
+                    # Found first non-blank, non-comment, non-docstring line
+                    break
+            
+            lines.insert(insert_at, 'import pysealer')
+            # Add blank line after import if the next line isn't blank
+            if insert_at + 1 < len(lines) and lines[insert_at + 1].strip() != '':
+                lines.insert(insert_at + 1, '')
+
+    # Join lines back together
+    modified_code = '\n'.join(lines)
+
+    return modified_code, True
+
+
+def add_decorators_to_folder(folder_path: str) -> list[str]:
+    """
+    Add decorators to all Python files in a folder.
+    
+    Args:
+        folder_path: Path to the folder containing Python files
+        
+    Returns:
+        List of file paths where decorators were successfully added
+    """
+    folder = Path(folder_path)
+    
+    if not folder.exists():
+        raise FileNotFoundError(f"Folder '{folder_path}' does not exist.")
+    
+    if not folder.is_dir():
+        raise NotADirectoryError(f"'{folder_path}' is not a directory.")
+    
+    # Find all Python files in the folder (recursive)
+    python_files = list(folder.rglob('*.py'))
+    
+    if not python_files:
+        raise ValueError(f"No Python files found in '{folder_path}'.")
+    
+    decorated_files = []
+    errors = []
+    
+    for py_file in python_files:
+        try:
+            modified_code, has_changes = add_decorators(str(py_file))
+            if has_changes:
+                with open(py_file, 'w') as f:
+                    f.write(modified_code)
+                decorated_files.append(str(py_file))
+        except Exception as e:
+            errors.append((str(py_file), str(e)))
+    
+    if errors:
+        error_msg = "\n".join([f"  - {file}: {error}" for file, error in errors])
+        raise RuntimeError(f"Failed to decorate some files:\n{error_msg}")
+    
+    return decorated_files

pysealer/check_decorators.py

@@ -0,0 +1,186 @@
+"""Automatically verify cryptographic decorators for all functions and classes in a python file."""
+
+import ast
+import copy
+from pathlib import Path
+from typing import Dict, List, Tuple, Optional
+from pysealer import verify_signature
+from .setup import get_public_key
+from .git_diff import get_function_diff, is_git_available
+
+
+def check_decorators(file_path: str) -> Dict[str, dict]:
+    """
+    Parse a Python file and verify all pysealer cryptographic decorators.
+    
+    This function checks that each function/class with a pysealer decorator has a valid
+    signature that matches the current source code of that function/class.
+    
+    Args:
+        file_path: Path to the Python file to verify
+        
+    Returns:
+        Dictionary mapping function/class names to their verification results:
+        {
+            "function_name": {
+                "valid": bool,           # Whether signature is valid
+                "signature": str,        # The signature found in decorator
+                "message": str,          # Success or error message
+                "has_decorator": bool,   # Whether function has pysealer decorator
+                "line_start": int,       # Starting line number
+                "line_end": int,         # Ending line number
+                "source": str,           # Function source code
+                "diff": List[Tuple]      # Git diff if validation failed
+            }
+        }
+    """
+    # Read the file content
+    with open(file_path, 'r') as f:
+        content = f.read()
+    
+    # Parse the Python source code into an AST
+    tree = ast.parse(content)
+    
+    # Get the public key for verification
+    try:
+        public_key = get_public_key()
+    except (FileNotFoundError, ValueError) as e:
+        raise RuntimeError(f"Cannot verify decorators: {e}. Please run 'pysealer init' first.")
+    
+    # Dictionary to store results
+    results = {}
+    
+    # Iterate through each node in the AST
+    for node in ast.walk(tree):
+        node_type = type(node).__name__
+        
+        # Check if this node is a function or class definition
+        if node_type in ("FunctionDef", "AsyncFunctionDef", "ClassDef"):
+            name = node.name
+            
+            # Look for pysealer decorator
+            signature_from_decorator = None
+            has_pysealer_decorator = False
+            
+            if hasattr(node, 'decorator_list'):
+                for decorator in node.decorator_list:
+                    # Check if decorator is a Call node (e.g., @pysealer._<signature>())
+                    if isinstance(decorator, ast.Call):
+                        func = decorator.func
+                        # Check if it's pysealer._<signature>
+                        if isinstance(func, ast.Attribute):
+                            if isinstance(func.value, ast.Name) and func.value.id == "pysealer":
+                                attr_name = func.attr
+                                # Extract signature (remove leading underscore)
+                                if attr_name.startswith('_'):
+                                    signature_from_decorator = attr_name[1:]
+                                    has_pysealer_decorator = True
+                                    break
+            
+            # Initialize result for this function/class
+            result = {
+                "has_decorator": has_pysealer_decorator,
+                "valid": False,
+                "signature": signature_from_decorator,
+                "message": "",
+                "line_start": node.lineno,
+                "line_end": node.end_lineno if hasattr(node, 'end_lineno') and node.end_lineno else node.lineno,
+                "source": "",
+                "diff": None
+            }
+            
+            if not has_pysealer_decorator:
+                result["message"] = "No pysealer decorator found"
+                results[name] = result
+                continue
+            
+            # Extract the source code without pysealer decorators for verification
+            # Use original source to preserve formatting (quotes, spacing, etc.)
+            content_lines = content.split('\n')
+            start_line = node.lineno - 1
+            end_line = node.end_lineno if hasattr(node, 'end_lineno') and node.end_lineno else node.lineno
+            
+            # Get the source lines for this node
+            source_lines = content_lines[start_line:end_line]
+            
+            # Filter out pysealer decorator lines
+            filtered_lines = []
+            for line in source_lines:
+                stripped = line.strip()
+                # Skip lines that are pysealer decorators
+                if stripped.startswith('@pysealer.') or stripped.startswith('@pysealer'):
+                    continue
+                filtered_lines.append(line)
+            
+            function_source = '\n'.join(filtered_lines)
+            
+            # Store the source code
+            result["source"] = function_source
+            
+            # Verify the signature
+            try:
+                is_valid = verify_signature(function_source, signature_from_decorator, public_key)
+                
+                result["valid"] = is_valid
+                if is_valid:
+                    result["message"] = "✓ Signature valid - code has not been tampered with"
+                else:
+                    result["message"] = "✗ Signature invalid - code may have been modified"
+                    
+                    # Try to get git diff for failed validation (only if git is available)
+                    if is_git_available():
+                        try:
+                            diff = get_function_diff(
+                                file_path,
+                                name,
+                                function_source,
+                                node.lineno
+                            )
+                            if diff:
+                                result["diff"] = diff
+                        except Exception:
+                            # If git diff fails, just continue without it
+                            pass
+                    
+            except Exception as e:
+                result["message"] = f"✗ Error verifying signature: {e}"
+            
+            results[name] = result
+    
+    return results
+
+
+def check_decorators_in_folder(folder_path: str) -> Dict[str, Dict[str, dict]]:
+    """
+    Check decorators in all Python files in a folder.
+    
+    Args:
+        folder_path: Path to the folder containing Python files
+        
+    Returns:
+        Dictionary mapping file paths to their verification results
+    """
+    folder = Path(folder_path)
+    
+    if not folder.exists():
+        raise FileNotFoundError(f"Folder '{folder_path}' does not exist.")
+    
+    if not folder.is_dir():
+        raise NotADirectoryError(f"'{folder_path}' is not a directory.")
+    
+    # Find all Python files in the folder (recursive)
+    python_files = list(folder.rglob('*.py'))
+    
+    if not python_files:
+        raise ValueError(f"No Python files found in '{folder_path}'.")
+    
+    all_results = {}
+    
+    for py_file in python_files:
+        try:
+            results = check_decorators(str(py_file))
+            all_results[str(py_file)] = results
+        except Exception as e:
+            all_results[str(py_file)] = {"error": str(e)}
+    
+    return all_results