swarmauri_cipher_suite_pep458 0.2.0.dev4__tar.gz → 0.11.0.dev1__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {swarmauri_cipher_suite_pep458-0.2.0.dev4 → swarmauri_cipher_suite_pep458-0.11.0.dev1}/PKG-INFO +23 -22
- {swarmauri_cipher_suite_pep458-0.2.0.dev4 → swarmauri_cipher_suite_pep458-0.11.0.dev1}/README.md +16 -17
- {swarmauri_cipher_suite_pep458-0.2.0.dev4 → swarmauri_cipher_suite_pep458-0.11.0.dev1}/pyproject.toml +8 -8
- {swarmauri_cipher_suite_pep458-0.2.0.dev4 → swarmauri_cipher_suite_pep458-0.11.0.dev1}/swarmauri_cipher_suite_pep458/Pep458CipherSuite.py +39 -9
- {swarmauri_cipher_suite_pep458-0.2.0.dev4 → swarmauri_cipher_suite_pep458-0.11.0.dev1}/LICENSE +0 -0
- {swarmauri_cipher_suite_pep458-0.2.0.dev4 → swarmauri_cipher_suite_pep458-0.11.0.dev1}/swarmauri_cipher_suite_pep458/__init__.py +0 -0
{swarmauri_cipher_suite_pep458-0.2.0.dev4 → swarmauri_cipher_suite_pep458-0.11.0.dev1}/PKG-INFO
RENAMED
|
@@ -1,24 +1,26 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: swarmauri_cipher_suite_pep458
|
|
3
|
-
Version: 0.
|
|
3
|
+
Version: 0.11.0.dev1
|
|
4
4
|
Summary: PEP 458 policy and algorithm definitions for Swarmauri cipher suites
|
|
5
5
|
License-Expression: Apache-2.0
|
|
6
6
|
License-File: LICENSE
|
|
7
7
|
Keywords: supply-chain,tuf,pep458,policy,cipher-suite,swarmauri,sdk,standards,cipher,suite,cryptography,PEP 458,TUF 1.x,The Update Framework,Ed25519,RSA-PSS-SHA256,RFC 8032,RFC 8017
|
|
8
8
|
Author: Jacob Stewart
|
|
9
9
|
Author-email: jacob@swarmauri.com
|
|
10
|
-
Requires-Python: >=3.10,<3.
|
|
10
|
+
Requires-Python: >=3.10,<3.15
|
|
11
11
|
Classifier: Development Status :: 1 - Planning
|
|
12
12
|
Classifier: License :: OSI Approved :: Apache Software License
|
|
13
13
|
Classifier: Natural Language :: English
|
|
14
|
+
Classifier: Topic :: Security :: Cryptography
|
|
15
|
+
Classifier: Intended Audience :: Developers
|
|
14
16
|
Classifier: Programming Language :: Python
|
|
15
17
|
Classifier: Programming Language :: Python :: 3
|
|
18
|
+
Classifier: Programming Language :: Python :: 3 :: Only
|
|
16
19
|
Classifier: Programming Language :: Python :: 3.10
|
|
17
20
|
Classifier: Programming Language :: Python :: 3.11
|
|
18
21
|
Classifier: Programming Language :: Python :: 3.12
|
|
19
|
-
Classifier:
|
|
20
|
-
Classifier:
|
|
21
|
-
Classifier: Programming Language :: Python :: 3 :: Only
|
|
22
|
+
Classifier: Programming Language :: Python :: 3.13
|
|
23
|
+
Classifier: Programming Language :: Python :: 3.14
|
|
22
24
|
Requires-Dist: swarmauri_base
|
|
23
25
|
Requires-Dist: swarmauri_core
|
|
24
26
|
Project-URL: Documentation, https://github.com/swarmauri/swarmauri-sdk/tree/main/pkgs/standards/swarmauri_cipher_suite_pep458#readme
|
|
@@ -26,24 +28,21 @@ Project-URL: Homepage, https://github.com/swarmauri/swarmauri-sdk
|
|
|
26
28
|
Project-URL: Source, https://github.com/swarmauri/swarmauri-sdk/tree/main/pkgs/standards/swarmauri_cipher_suite_pep458
|
|
27
29
|
Description-Content-Type: text/markdown
|
|
28
30
|
|
|
29
|
-

|
|
30
32
|
|
|
31
33
|
<p align="center">
|
|
34
|
+
<a href="https://pepy.tech/project/swarmauri_cipher_suite_pep458/">
|
|
35
|
+
<img src="https://static.pepy.tech/badge/swarmauri_cipher_suite_pep458/month" alt="PyPI - Downloads"/></a>
|
|
36
|
+
<a href="https://hits.sh/github.com/swarmauri/swarmauri-sdk/tree/master/pkgs/standards/swarmauri_cipher_suite_pep458/">
|
|
37
|
+
<img alt="Hits" src="https://hits.sh/github.com/swarmauri/swarmauri-sdk/tree/master/pkgs/standards/swarmauri_cipher_suite_pep458.svg"/></a>
|
|
32
38
|
<a href="https://pypi.org/project/swarmauri_cipher_suite_pep458/">
|
|
33
|
-
<img src="https://img.shields.io/badge/
|
|
34
|
-
</a>
|
|
39
|
+
<img src="https://img.shields.io/badge/python-3.10%20%7C%203.11%20%7C%203.12%20%7C%203.13%20%7C%203.14-blue" alt="PyPI - Python Version"/></a>
|
|
35
40
|
<a href="https://pypi.org/project/swarmauri_cipher_suite_pep458/">
|
|
36
|
-
<img src="https://img.shields.io/pypi/
|
|
37
|
-
</a>
|
|
41
|
+
<img src="https://img.shields.io/pypi/l/swarmauri_cipher_suite_pep458" alt="PyPI - License"/></a>
|
|
38
42
|
<a href="https://pypi.org/project/swarmauri_cipher_suite_pep458/">
|
|
39
|
-
<img src="https://img.shields.io/
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
<img src="https://img.shields.io/badge/pep%20458-policy-blue" alt="PEP 458 policy" />
|
|
43
|
-
</a>
|
|
44
|
-
</p>
|
|
45
|
-
|
|
46
|
-
---
|
|
43
|
+
<img src="https://img.shields.io/pypi/v/swarmauri_cipher_suite_pep458?label=swarmauri_cipher_suite_pep458&color=green" alt="PyPI - swarmauri_cipher_suite_pep458"/></a>
|
|
44
|
+
<a href="https://discord.gg/N4UpBuQv8T">
|
|
45
|
+
<img src="https://img.shields.io/badge/Discord-Join%20Chat-5865F2?logo=discord&logoColor=white" alt="Discord"/></a></p>
|
|
47
46
|
|
|
48
47
|
# swarmauri_cipher_suite_pep458
|
|
49
48
|
|
|
@@ -55,16 +54,16 @@ expectations when they sign or verify TUF metadata.
|
|
|
55
54
|
|
|
56
55
|
## Highlights
|
|
57
56
|
|
|
58
|
-
- **Explicit role policies**
|
|
57
|
+
- **Explicit role policies** ? Encodes recommended thresholds, expiration windows,
|
|
59
58
|
and algorithm selections for the canonical `root`, `targets`, `snapshot`, and
|
|
60
59
|
`timestamp` metadata roles.
|
|
61
|
-
- **Deterministic defaults**
|
|
60
|
+
- **Deterministic defaults** ? Advertises TUF canonical JSON (`tuf-json`) as the
|
|
62
61
|
canonicalization format and returns Ed25519 as the default online algorithm while
|
|
63
62
|
still supporting RSA-PSS-SHA256 for offline roots.
|
|
64
|
-
- **Descriptor normalization**
|
|
63
|
+
- **Descriptor normalization** ? Produces rich normalized descriptors containing the
|
|
65
64
|
signer implementation hint (`swarmauri_signing_pep458.Pep458Signer`), canonical
|
|
66
65
|
preferences, and caller-specified policy overrides.
|
|
67
|
-
- **Compliance metadata**
|
|
66
|
+
- **Compliance metadata** ? Surfaces machine readable notes indicating PEP 458 and
|
|
68
67
|
TUF compatibility, enabling automated linting and negotiation between components.
|
|
69
68
|
|
|
70
69
|
## Installation
|
|
@@ -130,3 +129,5 @@ performs the cryptographic operations.
|
|
|
130
129
|
|
|
131
130
|
This project is licensed under the [Apache License 2.0](LICENSE).
|
|
132
131
|
|
|
132
|
+
|
|
133
|
+
|
{swarmauri_cipher_suite_pep458-0.2.0.dev4 → swarmauri_cipher_suite_pep458-0.11.0.dev1}/README.md
RENAMED
|
@@ -1,21 +1,18 @@
|
|
|
1
|
-

|
|
2
2
|
|
|
3
3
|
<p align="center">
|
|
4
|
+
<a href="https://pepy.tech/project/swarmauri_cipher_suite_pep458/">
|
|
5
|
+
<img src="https://static.pepy.tech/badge/swarmauri_cipher_suite_pep458/month" alt="PyPI - Downloads"/></a>
|
|
6
|
+
<a href="https://hits.sh/github.com/swarmauri/swarmauri-sdk/tree/master/pkgs/standards/swarmauri_cipher_suite_pep458/">
|
|
7
|
+
<img alt="Hits" src="https://hits.sh/github.com/swarmauri/swarmauri-sdk/tree/master/pkgs/standards/swarmauri_cipher_suite_pep458.svg"/></a>
|
|
4
8
|
<a href="https://pypi.org/project/swarmauri_cipher_suite_pep458/">
|
|
5
|
-
<img src="https://img.shields.io/badge/
|
|
6
|
-
</a>
|
|
9
|
+
<img src="https://img.shields.io/badge/python-3.10%20%7C%203.11%20%7C%203.12%20%7C%203.13%20%7C%203.14-blue" alt="PyPI - Python Version"/></a>
|
|
7
10
|
<a href="https://pypi.org/project/swarmauri_cipher_suite_pep458/">
|
|
8
|
-
<img src="https://img.shields.io/pypi/
|
|
9
|
-
</a>
|
|
11
|
+
<img src="https://img.shields.io/pypi/l/swarmauri_cipher_suite_pep458" alt="PyPI - License"/></a>
|
|
10
12
|
<a href="https://pypi.org/project/swarmauri_cipher_suite_pep458/">
|
|
11
|
-
<img src="https://img.shields.io/
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
<img src="https://img.shields.io/badge/pep%20458-policy-blue" alt="PEP 458 policy" />
|
|
15
|
-
</a>
|
|
16
|
-
</p>
|
|
17
|
-
|
|
18
|
-
---
|
|
13
|
+
<img src="https://img.shields.io/pypi/v/swarmauri_cipher_suite_pep458?label=swarmauri_cipher_suite_pep458&color=green" alt="PyPI - swarmauri_cipher_suite_pep458"/></a>
|
|
14
|
+
<a href="https://discord.gg/N4UpBuQv8T">
|
|
15
|
+
<img src="https://img.shields.io/badge/Discord-Join%20Chat-5865F2?logo=discord&logoColor=white" alt="Discord"/></a></p>
|
|
19
16
|
|
|
20
17
|
# swarmauri_cipher_suite_pep458
|
|
21
18
|
|
|
@@ -27,16 +24,16 @@ expectations when they sign or verify TUF metadata.
|
|
|
27
24
|
|
|
28
25
|
## Highlights
|
|
29
26
|
|
|
30
|
-
- **Explicit role policies**
|
|
27
|
+
- **Explicit role policies** ? Encodes recommended thresholds, expiration windows,
|
|
31
28
|
and algorithm selections for the canonical `root`, `targets`, `snapshot`, and
|
|
32
29
|
`timestamp` metadata roles.
|
|
33
|
-
- **Deterministic defaults**
|
|
30
|
+
- **Deterministic defaults** ? Advertises TUF canonical JSON (`tuf-json`) as the
|
|
34
31
|
canonicalization format and returns Ed25519 as the default online algorithm while
|
|
35
32
|
still supporting RSA-PSS-SHA256 for offline roots.
|
|
36
|
-
- **Descriptor normalization**
|
|
33
|
+
- **Descriptor normalization** ? Produces rich normalized descriptors containing the
|
|
37
34
|
signer implementation hint (`swarmauri_signing_pep458.Pep458Signer`), canonical
|
|
38
35
|
preferences, and caller-specified policy overrides.
|
|
39
|
-
- **Compliance metadata**
|
|
36
|
+
- **Compliance metadata** ? Surfaces machine readable notes indicating PEP 458 and
|
|
40
37
|
TUF compatibility, enabling automated linting and negotiation between components.
|
|
41
38
|
|
|
42
39
|
## Installation
|
|
@@ -101,3 +98,5 @@ performs the cryptographic operations.
|
|
|
101
98
|
## License
|
|
102
99
|
|
|
103
100
|
This project is licensed under the [Apache License 2.0](LICENSE).
|
|
101
|
+
|
|
102
|
+
|
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
[project]
|
|
2
2
|
name = "swarmauri_cipher_suite_pep458"
|
|
3
|
-
version = "0.
|
|
3
|
+
version = "0.11.0.dev1"
|
|
4
4
|
description = "PEP 458 policy and algorithm definitions for Swarmauri cipher suites"
|
|
5
5
|
readme = "README.md"
|
|
6
|
-
requires-python = ">=3.10,<3.
|
|
6
|
+
requires-python = ">=3.10,<3.15"
|
|
7
7
|
license = "Apache-2.0"
|
|
8
8
|
keywords = [
|
|
9
9
|
"supply-chain",
|
|
@@ -25,21 +25,21 @@ keywords = [
|
|
|
25
25
|
"RFC 8032",
|
|
26
26
|
"RFC 8017",
|
|
27
27
|
]
|
|
28
|
-
authors = [
|
|
29
|
-
{ name = "Jacob Stewart", email = "jacob@swarmauri.com" },
|
|
30
|
-
]
|
|
28
|
+
authors = [{ name = "Jacob Stewart", email = "jacob@swarmauri.com" }]
|
|
31
29
|
classifiers = [
|
|
32
30
|
"Development Status :: 1 - Planning",
|
|
33
31
|
"License :: OSI Approved :: Apache Software License",
|
|
34
32
|
"Natural Language :: English",
|
|
33
|
+
"Topic :: Security :: Cryptography",
|
|
34
|
+
"Intended Audience :: Developers",
|
|
35
35
|
"Programming Language :: Python",
|
|
36
36
|
"Programming Language :: Python :: 3",
|
|
37
|
+
"Programming Language :: Python :: 3 :: Only",
|
|
37
38
|
"Programming Language :: Python :: 3.10",
|
|
38
39
|
"Programming Language :: Python :: 3.11",
|
|
39
40
|
"Programming Language :: Python :: 3.12",
|
|
40
|
-
"
|
|
41
|
-
"
|
|
42
|
-
"Programming Language :: Python :: 3 :: Only",
|
|
41
|
+
"Programming Language :: Python :: 3.13",
|
|
42
|
+
"Programming Language :: Python :: 3.14",
|
|
43
43
|
]
|
|
44
44
|
dependencies = [
|
|
45
45
|
"swarmauri_core",
|
|
@@ -43,7 +43,9 @@ class Pep458CipherSuite(CipherSuiteBase):
|
|
|
43
43
|
def supports(self) -> Mapping[CipherOp, Iterable[Alg]]:
|
|
44
44
|
return {"sign": _PEP458_ALGS, "verify": _PEP458_ALGS}
|
|
45
45
|
|
|
46
|
-
def default_alg(
|
|
46
|
+
def default_alg(
|
|
47
|
+
self, op: CipherOp, *, for_key: Optional[KeyRef] = None
|
|
48
|
+
) -> Alg:
|
|
47
49
|
inferred = _infer_alg_from_key(for_key)
|
|
48
50
|
if inferred:
|
|
49
51
|
return inferred
|
|
@@ -56,7 +58,10 @@ class Pep458CipherSuite(CipherSuiteBase):
|
|
|
56
58
|
"dialects": {"provider": ["pep458"], "sigstore": []},
|
|
57
59
|
"ops": {
|
|
58
60
|
"sign": {"default": "Ed25519", "allowed": list(_PEP458_ALGS)},
|
|
59
|
-
"verify": {
|
|
61
|
+
"verify": {
|
|
62
|
+
"default": "Ed25519",
|
|
63
|
+
"allowed": list(_PEP458_ALGS),
|
|
64
|
+
},
|
|
60
65
|
},
|
|
61
66
|
"constraints": {
|
|
62
67
|
"canonicalization": _DEFAULT_CANON,
|
|
@@ -65,8 +70,15 @@ class Pep458CipherSuite(CipherSuiteBase):
|
|
|
65
70
|
},
|
|
66
71
|
"compliance": {"pep458": True, "tuf": "1.x"},
|
|
67
72
|
"notes": [
|
|
68
|
-
|
|
69
|
-
|
|
73
|
+
(
|
|
74
|
+
"Implements offline root and online timestamp role "
|
|
75
|
+
"separation "
|
|
76
|
+
"per PEP 458."
|
|
77
|
+
),
|
|
78
|
+
(
|
|
79
|
+
"Pair with swarmauri_signing_pep458.Pep458Signer for "
|
|
80
|
+
"signature production."
|
|
81
|
+
),
|
|
70
82
|
],
|
|
71
83
|
}
|
|
72
84
|
|
|
@@ -80,10 +92,26 @@ class Pep458CipherSuite(CipherSuiteBase):
|
|
|
80
92
|
"keyid_hash": "sha256",
|
|
81
93
|
},
|
|
82
94
|
"roles": {
|
|
83
|
-
"root": {
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
95
|
+
"root": {
|
|
96
|
+
"threshold": 2,
|
|
97
|
+
"expires": "P365D",
|
|
98
|
+
"alg": "RSA-PSS-SHA256",
|
|
99
|
+
},
|
|
100
|
+
"targets": {
|
|
101
|
+
"threshold": 1,
|
|
102
|
+
"expires": "P90D",
|
|
103
|
+
"alg": "Ed25519",
|
|
104
|
+
},
|
|
105
|
+
"snapshot": {
|
|
106
|
+
"threshold": 1,
|
|
107
|
+
"expires": "P14D",
|
|
108
|
+
"alg": "Ed25519",
|
|
109
|
+
},
|
|
110
|
+
"timestamp": {
|
|
111
|
+
"threshold": 1,
|
|
112
|
+
"expires": "P1D",
|
|
113
|
+
"alg": "Ed25519",
|
|
114
|
+
},
|
|
87
115
|
},
|
|
88
116
|
}
|
|
89
117
|
|
|
@@ -103,7 +131,9 @@ class Pep458CipherSuite(CipherSuiteBase):
|
|
|
103
131
|
|
|
104
132
|
resolved_params: Dict[str, Any] = dict(params or {})
|
|
105
133
|
canon = resolved_params.pop("canon", _DEFAULT_CANON)
|
|
106
|
-
role = resolved_params.pop(
|
|
134
|
+
role = resolved_params.pop(
|
|
135
|
+
"role", resolved_params.pop("tuf_role", "generic")
|
|
136
|
+
)
|
|
107
137
|
threshold = int(resolved_params.pop("threshold", 1))
|
|
108
138
|
|
|
109
139
|
mapped = {
|
{swarmauri_cipher_suite_pep458-0.2.0.dev4 → swarmauri_cipher_suite_pep458-0.11.0.dev1}/LICENSE
RENAMED
|
File without changes
|