pysealer 0.6.0__pp311-pypy311_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl

pysealer/github_secrets.py

@@ -0,0 +1,175 @@
+"""
+GitHub secrets integration for pysealer.
+
+This module provides functionality to automatically upload the pysealer public key
+to GitHub repository secrets when `pysealer init` is run.
+"""
+
+import logging
+import os
+import re
+from pathlib import Path
+from typing import Optional, Tuple
+
+import git
+from github import Github, GithubException
+from nacl import encoding, public
+
+# Suppress verbose GitHub API logging
+logging.getLogger("github").setLevel(logging.CRITICAL)
+logging.getLogger("urllib3").setLevel(logging.CRITICAL)
+
+
+def get_repo_info() -> Tuple[str, str]:
+    """
+    Extract GitHub owner and repository name from git remote URL.
+    
+    Supports both SSH and HTTPS formats:
+    - SSH: git@github.com:owner/repo.git
+    - HTTPS: https://github.com/owner/repo.git
+    
+    Returns:
+        Tuple[str, str]: (owner, repo_name)
+        
+    Raises:
+        ValueError: If not in a git repository or remote URL is not from GitHub
+        RuntimeError: If unable to parse the remote URL
+    """
+    try:
+        # Get the git repository from current directory
+        repo = git.Repo(search_parent_directories=True)
+        
+        # Try to get the origin remote
+        if 'origin' not in repo.remotes:
+            raise ValueError("No 'origin' remote found in git repository")
+        
+        remote_url = repo.remotes.origin.url
+        
+        # Parse SSH format: git@github.com:owner/repo.git
+        ssh_pattern = r'git@github\.com:([^/]+)/(.+?)(?:\.git)?$'
+        ssh_match = re.match(ssh_pattern, remote_url)
+        if ssh_match:
+            owner, repo_name = ssh_match.groups()
+            return owner, repo_name
+        
+        # Parse HTTPS format: https://github.com/owner/repo.git
+        https_pattern = r'https://github\.com/([^/]+)/(.+?)(?:\.git)?$'
+        https_match = re.match(https_pattern, remote_url)
+        if https_match:
+            owner, repo_name = https_match.groups()
+            return owner, repo_name
+        
+        raise RuntimeError(f"Could not parse GitHub repository from remote URL: {remote_url}")
+        
+    except git.InvalidGitRepositoryError:
+        raise ValueError("Not in a git repository. Please run this command from within a git repository.")
+    except git.GitCommandError as e:
+        raise RuntimeError(f"Git error: {e}")
+
+
+def encrypt_secret(public_key: str, secret_value: str) -> str:
+    """
+    Encrypt a secret using GitHub's public key.
+    
+    GitHub requires secrets to be encrypted using the repository's public key
+    before they can be uploaded via the API.
+    
+    Args:
+        public_key: The repository's public key (base64 encoded)
+        secret_value: The secret value to encrypt
+        
+    Returns:
+        str: Base64 encoded encrypted secret
+    """
+    # Convert the public key from base64
+    public_key_bytes = public_key.encode("utf-8")
+    public_key_obj = public.PublicKey(public_key_bytes, encoding.Base64Encoder())
+    
+    # Encrypt the secret using sealed box
+    sealed_box = public.SealedBox(public_key_obj)
+    encrypted = sealed_box.encrypt(secret_value.encode("utf-8"))
+    
+    # Return base64 encoded encrypted secret
+    return encoding.Base64Encoder().encode(encrypted).decode("utf-8")
+
+
+def add_secret_to_github(token: str, owner: str, repo_name: str, secret_name: str, secret_value: str) -> None:
+    """
+    Add or update a secret in GitHub repository.
+    
+    Args:
+        token: GitHub personal access token (needs 'repo' scope)
+        owner: GitHub repository owner (user or organization)
+        repo_name: Repository name
+        secret_name: Name of the secret to create/update
+        secret_value: Value of the secret (will be encrypted before upload)
+        
+    Raises:
+        GithubException: If GitHub API request fails
+        Exception: For other errors during the process
+    """
+    try:
+        # Initialize GitHub client
+        g = Github(token)
+        
+        # Get the repository
+        repo = g.get_repo(f"{owner}/{repo_name}")
+        
+        # Get the repository's public key for encrypting secrets
+        public_key = repo.get_public_key()
+        
+        # Encrypt the secret
+        encrypted_value = encrypt_secret(public_key.key, secret_value)
+        
+        # Create or update the secret (actions secrets are at repository level)
+        repo.create_secret(secret_name, encrypted_value, secret_type="actions")
+        
+    except GithubException as e:
+        if e.status == 401:
+            raise Exception("Authentication failed. Please check your GitHub token.")
+        elif e.status == 403:
+            raise Exception("Permission denied. Your token needs 'repo' scope to manage secrets.")
+        elif e.status == 404:
+            raise Exception(f"Repository '{owner}/{repo_name}' not found or you don't have access.")
+        else:
+            raise Exception(f"GitHub API error: {e.data.get('message', str(e))}")
+
+
+def setup_github_secrets(public_key: str, github_token: Optional[str] = None) -> Tuple[bool, str]:
+    """
+    Main function to orchestrate GitHub secrets setup.
+    
+    This function:
+    1. Gets GitHub token from parameter or environment variable
+    2. Extracts repository info from git remote
+    3. Uploads the public key to GitHub secrets
+    
+    Args:
+        public_key: The pysealer public key to upload
+        github_token: Optional GitHub token. If None, uses GITHUB_TOKEN env var
+        
+    Returns:
+        Tuple[bool, str]: (success, message)
+        - success: True if secret was uploaded successfully
+        - message: Success or error message
+    """
+    # Get GitHub token
+    token = github_token or os.getenv("GITHUB_TOKEN")
+    if not token:
+        return False, "No GitHub token provided. Use --github-token or set GITHUB_TOKEN environment variable."
+    
+    try:
+        # Get repository information
+        owner, repo_name = get_repo_info()
+        
+        # Upload the secret
+        add_secret_to_github(token, owner, repo_name, "PYSEALER_PUBLIC_KEY", public_key)
+        
+        return True, f"Successfully added PYSEALER_PUBLIC_KEY to {owner}/{repo_name}"
+        
+    except ValueError as e:
+        return False, f"Repository detection failed: {e}"
+    except RuntimeError as e:
+        return False, f"Git error: {e}"
+    except Exception as e:
+        return False, f"Failed to upload secret: {e}"

pysealer/remove_decorators.py

@@ -0,0 +1,88 @@
+"""Remove cryptographic pysealer decorators from all functions and classes in a Python file."""
+
+import ast
+from typing import List, Tuple, Dict
+from pathlib import Path
+
+def remove_decorators(file_path: str) -> Tuple[str, bool]:
+    """
+    Parse a Python file, remove all @pysealer.* decorators from functions and classes, and return the modified code.
+
+    Args:
+        file_path: Path to the Python file to process
+    Returns:
+        Modified Python source code as a string
+    """
+    with open(file_path, 'r') as f:
+        content = f.read()
+
+    tree = ast.parse(content)
+    lines = content.split('\n')
+    lines_to_remove = set()
+
+    for node in ast.walk(tree):
+        if type(node).__name__ in ("FunctionDef", "AsyncFunctionDef", "ClassDef"):
+            if hasattr(node, 'decorator_list'):
+                for decorator in node.decorator_list:
+                    is_pysealer_decorator = False
+                    if isinstance(decorator, ast.Name):
+                        if decorator.id.startswith("pysealer"):
+                            is_pysealer_decorator = True
+                    elif isinstance(decorator, ast.Attribute):
+                        if isinstance(decorator.value, ast.Name) and decorator.value.id == "pysealer":
+                            is_pysealer_decorator = True
+                    elif isinstance(decorator, ast.Call):
+                        func = decorator.func
+                        if isinstance(func, ast.Attribute):
+                            if isinstance(func.value, ast.Name) and func.value.id == "pysealer":
+                                is_pysealer_decorator = True
+                        elif isinstance(func, ast.Name) and func.id.startswith("pysealer"):
+                            is_pysealer_decorator = True
+                    if is_pysealer_decorator:
+                        lines_to_remove.add(decorator.lineno - 1)
+
+    found = len(lines_to_remove) > 0
+    for line_idx in sorted(lines_to_remove, reverse=True):
+        del lines[line_idx]
+
+    modified_code = '\n'.join(lines)
+    return modified_code, found
+
+
+def remove_decorators_from_folder(folder_path: str) -> List[str]:
+    """
+    Remove pysealer decorators from all Python files in a folder (recursively).
+
+    Args:
+        folder_path: Path to the folder to process
+    Returns:
+        List of file paths where decorators were removed
+    """
+    folder = Path(folder_path)
+    
+    if not folder.is_dir():
+        raise NotADirectoryError(f"'{folder_path}' is not a directory")
+    
+    # Find all Python files recursively
+    python_files = list(folder.rglob("*.py"))
+    
+    if not python_files:
+        raise FileNotFoundError(f"No Python files found in '{folder_path}'")
+    
+    files_modified = []
+    
+    for py_file in python_files:
+        try:
+            file_path = str(py_file.resolve())
+            modified_code, found = remove_decorators(file_path)
+            
+            if found:
+                # Write the modified code back to the file
+                with open(file_path, 'w') as f:
+                    f.write(modified_code)
+                files_modified.append(file_path)
+        except Exception as e:
+            # Skip files that can't be processed
+            continue
+    
+    return files_modified

pysealer/setup.py

@@ -0,0 +1,137 @@
+"""Setup the storage of the pysealer keypair in a .env file."""
+
+import os
+from pathlib import Path
+from typing import Optional
+from dotenv import load_dotenv, set_key
+from pysealer import generate_keypair
+
+
+def _find_env_file() -> Path:
+    """
+    Search for .env file starting from current directory and walking up to parent directories.
+    Also checks PYSEALER_ENV_PATH environment variable.
+    
+    Returns:
+        Path: Path to the .env file
+        
+    Raises:
+        FileNotFoundError: If no .env file is found
+    """
+    # First check if PYSEALER_ENV_PATH environment variable is set
+    env_path_var = os.getenv("PYSEALER_ENV_PATH")
+    if env_path_var:
+        env_path = Path(env_path_var)
+        if env_path.exists():
+            return env_path
+    
+    # Start from current working directory and search upward
+    current = Path.cwd()
+    
+    # Check current directory and all parent directories up to root
+    for parent in [current] + list(current.parents):
+        env_file = parent / '.env'
+        if env_file.exists():
+            return env_file
+    
+    # If not found, return the default location (current directory)
+    # This will be used in error messages
+    return Path.cwd() / '.env'
+
+def setup_keypair(env_path: Optional[str | Path] = None):
+    """
+    Generate and store keypair securely.
+    
+    Args:
+        env_path: Optional path to .env file. If None, creates in current directory.
+    """
+    # Determine .env location
+    if env_path is None:
+        env_path = Path.cwd() / '.env'
+    else:
+        env_path = Path(env_path)
+    
+    # Check if keys already exist
+    if env_path.exists():
+        load_dotenv(env_path)
+        existing_private = os.getenv("PYSEALER_PRIVATE_KEY")
+        existing_public = os.getenv("PYSEALER_PUBLIC_KEY")
+        
+        if existing_private or existing_public:
+            raise ValueError(f"Keys already exist in {env_path} Cannot overwrite existing keys.")
+    
+    # Create .env if it doesn't exist
+    env_path.touch(exist_ok=True)
+
+    # Generate keypair using the Rust function
+    private_key_hex, public_key_hex = generate_keypair()
+    
+    # Store keys in .env file
+    set_key(str(env_path), "PYSEALER_PRIVATE_KEY", private_key_hex)
+    set_key(str(env_path), "PYSEALER_PUBLIC_KEY", public_key_hex)
+    
+    return private_key_hex, public_key_hex
+
+
+def get_public_key(env_path: Optional[str | Path] = None) -> str:
+    """
+    Retrieve the public key from the .env file.
+    
+    Args:
+        env_path: Optional path to .env file. If None, searches from current directory upward.
+    
+    Returns:
+        str: The public key hex string, or None if not found.
+    """
+    # Determine .env location
+    if env_path is None:
+        env_path = _find_env_file()
+    else:
+        env_path = Path(env_path)
+    
+    # Check if .env exists
+    if not env_path.exists():
+        raise FileNotFoundError(f"No .env file found at {env_path}. Run setup_keypair() first.")
+    
+    # Load environment variables from .env
+    load_dotenv(env_path)
+    
+    # Get public key
+    public_key = os.getenv("PYSEALER_PUBLIC_KEY")
+    
+    if public_key is None:
+        raise ValueError(f"PYSEALER_PUBLIC_KEY not found in {env_path}. Run setup_keypair() first.")
+    
+    return public_key
+
+
+def get_private_key(env_path: Optional[str | Path] = None) -> str:
+    """
+    Retrieve the private key from the .env file.
+    
+    Args:
+        env_path: Optional path to .env file. If None, searches from current directory upward.
+    
+    Returns:
+        str: The private key hex string, or None if not found.
+    """
+    # Determine .env location
+    if env_path is None:
+        env_path = _find_env_file()
+    else:
+        env_path = Path(env_path)
+    
+    # Check if .env exists
+    if not env_path.exists():
+        raise FileNotFoundError(f"No .env file found at {env_path}. Run setup_keypair() first.")
+    
+    # Load environment variables from .env
+    load_dotenv(env_path)
+    
+    # Get private key
+    private_key = os.getenv("PYSEALER_PRIVATE_KEY")
+    
+    if private_key is None:
+        raise ValueError(f"PYSEALER_PRIVATE_KEY not found in {env_path}. Run setup_keypair() first.")
+    
+    return private_key

pysealer-0.6.0.dist-info/METADATA

@@ -0,0 +1,171 @@
+Metadata-Version: 2.4
+Name: pysealer
+Version: 0.6.0
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Rust
+Classifier: Programming Language :: Python :: Implementation :: CPython
+Classifier: Programming Language :: Python :: Implementation :: PyPy
+Classifier: Topic :: Security
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
+Requires-Dist: python-dotenv>=1.0.0
+Requires-Dist: typer>=0.9.0
+Requires-Dist: pygithub>=2.1.1
+Requires-Dist: pynacl>=1.5.0
+Requires-Dist: gitpython>=3.1.0
+Requires-Dist: pytest>=7.0.0 ; extra == 'test'
+Requires-Dist: pytest-cov>=4.0.0 ; extra == 'test'
+Requires-Dist: pytest-asyncio>=0.21.0 ; extra == 'test'
+Provides-Extra: test
+License-File: LICENSE
+Summary: Cryptographically sign Python functions and classes for defense-in-depth security
+Keywords: rust,python,decorator,cryptography
+Author: Aidan Dyga
+License: MIT
+Requires-Python: >=3.8
+Description-Content-Type: text/markdown; charset=UTF-8; variant=GFM
+Project-URL: Issues, https://github.com/MCP-Security-Research/pysealer/issues
+Project-URL: Repository, https://github.com/MCP-Security-Research/pysealer
+
+# pysealer
+
+Cryptographically sign Python functions and classes for defense-in-depth security
+
+> 💡 **code version controls code**
+
+- 🦀 Built with the [maturin build system](https://www.maturin.rs/) for easy Rust-Python packaging
+- 🔗 [PyO3](https://pyo3.rs/v0.27.1/index.html) bindings for seamless Python-Rust integration
+- 🔏 [Ed25519](https://docs.rs/ed25519-dalek/latest/ed25519_dalek/) signatures to ensure code integrity and authorship
+- 🖥️ [Typer](https://typer.tiangolo.com/) for a clean and user-friendly command line interface
+
+Pysealer helps you maintain code integrity by automatically adding cryptographic signatures to your Python functions and classes. Each function or class receives a unique decorator containing a cryptographic signature that verifies both authorship and integrity, making it easy to detect unauthorized code modifications.
+
+## Table of Contents
+
+1. [Getting Started](#getting-started)
+2. [Usage](#usage)
+3. [How It Works](#how-it-works)
+4. [Model Context Protocol (MCP) Security Use Cases](#model-context-protocol-mcp-security-use-cases)
+5. [Contributing](#contributing)
+6. [License](#license)
+
+## Getting Started
+
+```shell
+pip install pysealer
+# or
+uv pip install pysealer
+```
+
+## Usage
+
+```shell
+pysealer init [ENV_FILE]         # Initialize the pysealer tool by generating and saving keys to an ENV_FILE (default: .env)
+pysealer decorate <file.py>...   # Add cryptographic decorators to all functions/classes in one or more .py files
+pysealer check <file.py>...      # Verify the integrity and validity of pysealer decorators in one or more .py files
+pysealer remove <file.py>...     # Remove all pysealer decorators from one or more .py files
+pysealer --help                  # Show all available commands and options
+```
+
+## How It Works
+
+Pysealer works by automatically injecting cryptographic decorators into your Python functions and classes. Here's how the process works:
+
+### Step-by-Step Example
+
+Suppose you have a file `fibonacci.py`:
+
+```python
+def fibonacci(n):
+    if n <= 0:
+        return 0
+    elif n == 1:
+        return 1
+    else:
+        return fibonacci(n-1) + fibonacci(n-2)
+```
+
+#### 1. Decorate the file
+
+```shell
+pysealer decorate examples/fibonacci.py
+
+Successfully added decorators to 1 file:
+  ✓ /path/to/examples/fibonacci.py
+```
+
+```python
+@pysealer._GnCLaWr9B6TD524JZ3v1CENXmo5Drwfgvc9arVagbghQ6hMH4Aqc8whs3Tf57pkTjsAVNDybviW9XG5Eu3JSP6T()
+def fibonacci(n):
+    if n <= 0:
+        return 0
+    elif n == 1:
+        return 1
+    else:
+        return fibonacci(n-1) + fibonacci(n-2)
+```
+
+#### 2. Check integrity
+
+```shell
+pysealer check examples/fibonacci.py
+
+All decorators are valid in 1 file:
+✓ /path/to/examples/fibonacci.py: 1 decorators valid
+```
+
+#### 3. Tamper with the code (change return 0 to return 42)
+
+```python
+@pysealer._GnCLaWr9B6TD524JZ3v1CENXmo5Drwfgvc9arVagbghQ6hMH4Aqc8whs3Tf57pkTjsAVNDybviW9XG5Eu3JSP6T()
+def fibonacci(n):
+    if n <= 0:
+        return 42
+    elif n == 1:
+        return 1
+    else:
+        return fibonacci(n-1) + fibonacci(n-2)
+```
+
+#### 4. Check again
+
+```shell
+pysealer check examples/fibonacci.py
+
+1/1 decorators failed verification across 1 file:
+  ✗ /path/to/examples/fibonacci.py: 1/1 decorators failed
+```
+
+## Model Context Protocol (MCP) Security Use Cases
+
+One use case of Pysealer is to protect MCP servers from upstream attacks by cryptographically signing tool functions and their docstrings. Since LLMs rely on docstrings to understand tool behavior, attackers can inject malicious instructions or create fake tools that mimic legitimate ones. Pysealer's signatures ensure tool authenticity and detect tampering because any modification to code or docstrings breaks the signature and flags compromised tools.
+
+- **Detect Version Control Changes**
+  - Automatically detect unauthorized code modifications through cryptographic signatures
+  - Each function's decorator contains a signature based on its code and docstring
+  - Any mismatch between code and signature is immediately flagged
+
+- **Defense-in-Depth for Source Control**
+  - Add an additional security layer to version control systems
+  - Complement existing security measures with cryptographic verification
+  - Reduce risk through multiple layers of protection
+
+## Contributing
+
+**🙌 Contributions are welcome!**
+
+If you have suggestions, bug reports, or want to help improve Pysealer, feel free to open an [issue](https://github.com/MCP-Security-Research/pysealer/issues) or submit a pull request.
+
+All ideas and contributions are appreciated—thanks for helping make pysealer better!
+
+## License
+
+Pysealer is licensed under the MIT License. See [LICENSE](LICENSE) for details.
+

pysealer-0.6.0.dist-info/RECORD

@@ -0,0 +1,15 @@
+pysealer/__init__.py,sha256=qxCa8932UYgSwwcWv1TP6uRWxhSn3QPeot3ItEkFQCw,944
+pysealer/_pysealer.pypy311-pp73-aarch64-linux-gnu.so,sha256=FdQN-Z74Cq7XGkypQQWK1y3r7QSTf2gvgJyCIzLiAmg,660696
+pysealer/add_decorators.py,sha256=QkjZw7ckLd06RIg77nhscgzXk8SyLdJ2kNyQ0BTjS4g,9049
+pysealer/check_decorators.py,sha256=_fEsd94qN_ypMOePF75QcL--KrIXFQunyXXAZIeexTM,7401
+pysealer/cli.py,sha256=Ysk3b8q17YboAq5mxi3uwB1t4WPF2KcRJNeyQkJ05fs,16490
+pysealer/dummy_decorators.py,sha256=9ORNnMZ6lT5e1gU4Dt9lifAEDfjJ1wCXGiOUfMiqP-w,2807
+pysealer/git_diff.py,sha256=hgFhjoE5Yom-LF31BzwtO5jmohlW4FfWvfp8BDZgeNY,6912
+pysealer/github_secrets.py,sha256=0Hms2VEewZl2Dv1G1eVUBPLouiy8mcZFrxlLftUOpFg,6331
+pysealer/remove_decorators.py,sha256=v1VpxFid8kqqoj-NuWSWWzCoYUwl1XVYyGdTE8BLbeI,3276
+pysealer/setup.py,sha256=M8wgv4GeVbbC_t0a8PBD5Hn6piqGTFIUTlo1ds6JtAc,4206
+pysealer-0.6.0.dist-info/METADATA,sha256=Re0ucu5klXyfnolk1K0evoZ1zGAUd0uQ2Jz334XHmqg,6229
+pysealer-0.6.0.dist-info/WHEEL,sha256=lvTdq2g8minGuOELGjpnOe0IufZy6sC9B2wysIpb14o,163
+pysealer-0.6.0.dist-info/entry_points.txt,sha256=DUDRyFGp10a8FMaLUFE6X94kCD2dciDY66ISXuUySmA,45
+pysealer-0.6.0.dist-info/licenses/LICENSE,sha256=FtcYsMyXNwAqNhOMxR3TwptCUnwb5coRK_UQyWGLJnc,1067
+pysealer-0.6.0.dist-info/RECORD,,

pysealer-0.6.0.dist-info/WHEEL

@@ -0,0 +1,5 @@
+Wheel-Version: 1.0
+Generator: maturin (1.11.5)
+Root-Is-Purelib: false
+Tag: pp311-pypy311_pp73-manylinux_2_17_aarch64
+Tag: pp311-pypy311_pp73-manylinux2014_aarch64

pysealer-0.6.0.dist-info/entry_points.txt

@@ -0,0 +1,2 @@
+[console_scripts]
+pysealer=pysealer.cli:main

pysealer-0.6.0.dist-info/licenses/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Aidan Dyga
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.