qwashed 0.2.0a1__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (94) hide show
  1. qwashed-0.2.0a1/.gitignore +91 -0
  2. qwashed-0.2.0a1/CHANGELOG.md +1021 -0
  3. qwashed-0.2.0a1/LICENSE +201 -0
  4. qwashed-0.2.0a1/NOTICE +25 -0
  5. qwashed-0.2.0a1/PKG-INFO +332 -0
  6. qwashed-0.2.0a1/README.md +267 -0
  7. qwashed-0.2.0a1/THREAT_MODEL.md +267 -0
  8. qwashed-0.2.0a1/docs/AUDIT_GUIDE.md +626 -0
  9. qwashed-0.2.0a1/docs/CONTRIBUTING.md +82 -0
  10. qwashed-0.2.0a1/docs/QUICKSTART.md +173 -0
  11. qwashed-0.2.0a1/docs/ROADMAP.md +895 -0
  12. qwashed-0.2.0a1/docs/SECURITY.md +145 -0
  13. qwashed-0.2.0a1/docs/THREAT_PROFILES.md +356 -0
  14. qwashed-0.2.0a1/docs/VAULT_GUIDE.md +666 -0
  15. qwashed-0.2.0a1/docs/VERIFY_RELEASE.md +334 -0
  16. qwashed-0.2.0a1/examples/audit/README.md +37 -0
  17. qwashed-0.2.0a1/examples/audit/civic_websites.yaml +10 -0
  18. qwashed-0.2.0a1/examples/audit/email_pgp.yaml +19 -0
  19. qwashed-0.2.0a1/examples/audit/email_smime.yaml +23 -0
  20. qwashed-0.2.0a1/examples/audit/healthcare_endpoints.yaml +11 -0
  21. qwashed-0.2.0a1/examples/audit/journalism_endpoints.yaml +9 -0
  22. qwashed-0.2.0a1/examples/audit/legal_endpoints.yaml +9 -0
  23. qwashed-0.2.0a1/pyproject.toml +262 -0
  24. qwashed-0.2.0a1/qwashed/__init__.py +34 -0
  25. qwashed-0.2.0a1/qwashed/__main__.py +10 -0
  26. qwashed-0.2.0a1/qwashed/audit/__init__.py +46 -0
  27. qwashed-0.2.0a1/qwashed/audit/_tls_wire.py +835 -0
  28. qwashed-0.2.0a1/qwashed/audit/algorithm_tables.json +260 -0
  29. qwashed-0.2.0a1/qwashed/audit/classifier.py +340 -0
  30. qwashed-0.2.0a1/qwashed/audit/cli.py +560 -0
  31. qwashed-0.2.0a1/qwashed/audit/pipeline.py +104 -0
  32. qwashed-0.2.0a1/qwashed/audit/probe.py +888 -0
  33. qwashed-0.2.0a1/qwashed/audit/probe_base.py +38 -0
  34. qwashed-0.2.0a1/qwashed/audit/probe_pgp.py +487 -0
  35. qwashed-0.2.0a1/qwashed/audit/probe_smime.py +354 -0
  36. qwashed-0.2.0a1/qwashed/audit/profile_loader.py +130 -0
  37. qwashed-0.2.0a1/qwashed/audit/profiles/__init__.py +9 -0
  38. qwashed-0.2.0a1/qwashed/audit/profiles/default.yaml +35 -0
  39. qwashed-0.2.0a1/qwashed/audit/profiles/healthcare.yaml +33 -0
  40. qwashed-0.2.0a1/qwashed/audit/profiles/journalism.yaml +32 -0
  41. qwashed-0.2.0a1/qwashed/audit/profiles/legal.yaml +32 -0
  42. qwashed-0.2.0a1/qwashed/audit/report_html.py +197 -0
  43. qwashed-0.2.0a1/qwashed/audit/roadmap.py +253 -0
  44. qwashed-0.2.0a1/qwashed/audit/schemas.py +391 -0
  45. qwashed-0.2.0a1/qwashed/audit/scoring.py +451 -0
  46. qwashed-0.2.0a1/qwashed/cli.py +195 -0
  47. qwashed-0.2.0a1/qwashed/core/__init__.py +92 -0
  48. qwashed-0.2.0a1/qwashed/core/canonical.py +337 -0
  49. qwashed-0.2.0a1/qwashed/core/errors.py +130 -0
  50. qwashed-0.2.0a1/qwashed/core/kdf.py +257 -0
  51. qwashed-0.2.0a1/qwashed/core/report.py +174 -0
  52. qwashed-0.2.0a1/qwashed/core/schemas.py +164 -0
  53. qwashed-0.2.0a1/qwashed/core/signing.py +232 -0
  54. qwashed-0.2.0a1/qwashed/vault/__init__.py +29 -0
  55. qwashed-0.2.0a1/qwashed/vault/audit_log.py +410 -0
  56. qwashed-0.2.0a1/qwashed/vault/cli.py +645 -0
  57. qwashed-0.2.0a1/qwashed/vault/hybrid_kem.py +538 -0
  58. qwashed-0.2.0a1/qwashed/vault/hybrid_sig.py +348 -0
  59. qwashed-0.2.0a1/qwashed/vault/store.py +2270 -0
  60. qwashed-0.2.0a1/tests/__init__.py +2 -0
  61. qwashed-0.2.0a1/tests/audit/__init__.py +2 -0
  62. qwashed-0.2.0a1/tests/audit/test_classifier.py +304 -0
  63. qwashed-0.2.0a1/tests/audit/test_cli.py +225 -0
  64. qwashed-0.2.0a1/tests/audit/test_golden.py +230 -0
  65. qwashed-0.2.0a1/tests/audit/test_pipeline.py +144 -0
  66. qwashed-0.2.0a1/tests/audit/test_probe.py +471 -0
  67. qwashed-0.2.0a1/tests/audit/test_probe_pgp.py +389 -0
  68. qwashed-0.2.0a1/tests/audit/test_probe_smime.py +289 -0
  69. qwashed-0.2.0a1/tests/audit/test_profile_loader.py +145 -0
  70. qwashed-0.2.0a1/tests/audit/test_report_html.py +128 -0
  71. qwashed-0.2.0a1/tests/audit/test_roadmap.py +170 -0
  72. qwashed-0.2.0a1/tests/audit/test_schemas.py +262 -0
  73. qwashed-0.2.0a1/tests/audit/test_scoring.py +577 -0
  74. qwashed-0.2.0a1/tests/core/__init__.py +2 -0
  75. qwashed-0.2.0a1/tests/core/test_canonical.py +182 -0
  76. qwashed-0.2.0a1/tests/core/test_errors.py +63 -0
  77. qwashed-0.2.0a1/tests/core/test_kdf.py +138 -0
  78. qwashed-0.2.0a1/tests/core/test_report.py +64 -0
  79. qwashed-0.2.0a1/tests/core/test_schemas.py +125 -0
  80. qwashed-0.2.0a1/tests/core/test_signing.py +122 -0
  81. qwashed-0.2.0a1/tests/golden/civic_default.json +1 -0
  82. qwashed-0.2.0a1/tests/golden/healthcare_healthcare.json +1 -0
  83. qwashed-0.2.0a1/tests/golden/journalism_journalism.json +1 -0
  84. qwashed-0.2.0a1/tests/golden/legal_legal.json +1 -0
  85. qwashed-0.2.0a1/tests/test_smoke.py +177 -0
  86. qwashed-0.2.0a1/tests/test_verify_cli.py +125 -0
  87. qwashed-0.2.0a1/tests/vault/__init__.py +2 -0
  88. qwashed-0.2.0a1/tests/vault/conftest.py +23 -0
  89. qwashed-0.2.0a1/tests/vault/test_audit_log.py +272 -0
  90. qwashed-0.2.0a1/tests/vault/test_cli.py +688 -0
  91. qwashed-0.2.0a1/tests/vault/test_format_migration.py +422 -0
  92. qwashed-0.2.0a1/tests/vault/test_hybrid_kem.py +213 -0
  93. qwashed-0.2.0a1/tests/vault/test_hybrid_sig.py +162 -0
  94. qwashed-0.2.0a1/tests/vault/test_store.py +915 -0
qwashed-0.2.0a1/.gitignore ADDED
@@ -0,0 +1,91 @@
1
+ # SPDX-License-Identifier: Apache-2.0
2
+
3
+ # ---------------------------------------------------------------------------
4
+ # Python
5
+ # ---------------------------------------------------------------------------
6
+ __pycache__/
7
+ *.py[cod]
8
+ *$py.class
9
+ *.so
10
+ .Python
11
+
12
+ # Build artifacts
13
+ build/
14
+ dist/
15
+ *.egg-info/
16
+ *.egg
17
+ .eggs/
18
+ wheels/
19
+ pip-wheel-metadata/
20
+ share/python-wheels/
21
+
22
+ # Virtual environments
23
+ .venv/
24
+ venv/
25
+ env/
26
+ ENV/
27
+
28
+ # Installer logs
29
+ pip-log.txt
30
+ pip-delete-this-directory.txt
31
+
32
+ # ---------------------------------------------------------------------------
33
+ # Testing / linting / typing
34
+ # ---------------------------------------------------------------------------
35
+ .pytest_cache/
36
+ .tox/
37
+ .nox/
38
+ .coverage
39
+ .coverage.*
40
+ htmlcov/
41
+ .cache
42
+ coverage.xml
43
+ *.cover
44
+ *.py,cover
45
+ .hypothesis/
46
+
47
+ .mypy_cache/
48
+ .ruff_cache/
49
+ .pyre/
50
+ .pytype/
51
+
52
+ # ---------------------------------------------------------------------------
53
+ # Editors / OS
54
+ # ---------------------------------------------------------------------------
55
+ .vscode/
56
+ .idea/
57
+ *.swp
58
+ *.swo
59
+ *~
60
+ .DS_Store
61
+ Thumbs.db
62
+
63
+ # ---------------------------------------------------------------------------
64
+ # Qwashed-specific (operational secrets and user data — must NEVER be checked in)
65
+ # ---------------------------------------------------------------------------
66
+
67
+ # Vault directories: any path that looks like a Qwashed vault root. We err on
68
+ # the side of caution; user-created vaults live outside the repo by default.
69
+ *.qwashed-vault/
70
+ qwashed-vault/
71
+ .qwashed/
72
+
73
+ # Signing keys
74
+ *.ed25519.sk
75
+ *.mldsa65.sk
76
+ *.hybrid.sk
77
+ qwashed-signing-key
78
+ qwashed-signing-key.*
79
+
80
+ # Signed audit artifacts that contain real organizational data
81
+ audit-*.json
82
+ audit-*.html
83
+ audit-*.pdf
84
+ !examples/audit_demo_*.json
85
+ !tests/**/audit-fixture-*.json
86
+
87
+ # Raw TLS handshakes captured during probing (may contain certificates)
88
+ *.handshake.b64
89
+
90
+ # Local override of threat profiles (users may keep private profiles)
91
+ local_profiles/