truthound 1.0.8__py3-none-any.whl

truthound/plugins/security/sandbox/engines/process.py

@@ -0,0 +1,336 @@
+"""Process-based sandbox engine with resource limits.
+
+This engine executes code in a separate subprocess with:
+- Memory limits (via resource module on Linux/macOS)
+- CPU time limits
+- Timeout enforcement
+- Module import restrictions
+"""
+
+from __future__ import annotations
+
+import asyncio
+import hashlib
+import json
+import logging
+import os
+import pickle
+import sys
+import tempfile
+import time
+from concurrent.futures import ProcessPoolExecutor
+from pathlib import Path
+from typing import Any, Callable
+
+from truthound.plugins.security.protocols import (
+    IsolationLevel,
+    SecurityPolicy,
+    SandboxContext,
+)
+from truthound.plugins.security.sandbox.context import SandboxContextImpl
+from truthound.plugins.security.exceptions import (
+    SandboxTimeoutError,
+    SandboxResourceError,
+    SandboxSecurityViolation,
+    SandboxError,
+)
+
+logger = logging.getLogger(__name__)
+
+
+def _create_executor_script(
+    func_module: str,
+    func_name: str,
+    data_path: Path,
+    result_path: Path,
+    max_memory_mb: int,
+    max_cpu_time: int,
+    blocked_modules: tuple[str, ...],
+) -> str:
+    """Create Python script for subprocess execution."""
+    blocked_set = set(blocked_modules)
+    return f'''
+import sys
+import pickle
+import json
+
+# Set resource limits (Linux/macOS only)
+try:
+    import resource
+    # Memory limit
+    memory_bytes = {max_memory_mb} * 1024 * 1024
+    resource.setrlimit(resource.RLIMIT_AS, (memory_bytes, memory_bytes))
+    # CPU time limit
+    resource.setrlimit(resource.RLIMIT_CPU, ({max_cpu_time}, {max_cpu_time}))
+except (ImportError, ValueError):
+    pass  # Windows or limit already exceeded
+
+# Block dangerous modules
+blocked = {blocked_set}
+
+class ImportBlocker:
+    def find_module(self, name, path=None):
+        if name in blocked or any(name.startswith(m + ".") for m in blocked):
+            return self
+        return None
+
+    def load_module(self, name):
+        raise ImportError(f"Module '{{name}}' is blocked in sandbox")
+
+sys.meta_path.insert(0, ImportBlocker())
+
+try:
+    # Load function and data
+    with open("{data_path}", "rb") as f:
+        data = pickle.load(f)
+
+    func = data["func"]
+    args = data["args"]
+    kwargs = data["kwargs"]
+
+    # Execute
+    result = func(*args, **kwargs)
+
+    # Save result
+    with open("{result_path}", "wb") as f:
+        pickle.dump({{"success": True, "result": result}}, f)
+
+except MemoryError as e:
+    with open("{result_path}", "wb") as f:
+        pickle.dump({{"success": False, "error": "memory_limit", "message": str(e)}}, f)
+except Exception as e:
+    with open("{result_path}", "wb") as f:
+        pickle.dump({{"success": False, "error": type(e).__name__, "message": str(e)}}, f)
+'''
+
+
+class ProcessSandboxEngine:
+    """Process-based sandbox engine with resource limits.
+
+    Executes code in a separate subprocess with memory and CPU limits
+    enforced via the resource module (Linux/macOS).
+
+    Features:
+        - Memory limiting
+        - CPU time limiting
+        - Module import blocking
+        - Timeout enforcement
+        - Process isolation
+    """
+
+    @property
+    def isolation_level(self) -> IsolationLevel:
+        """Return the isolation level provided by this engine."""
+        return IsolationLevel.PROCESS
+
+    def __init__(self) -> None:
+        """Initialize the process sandbox engine."""
+        self._contexts: dict[str, SandboxContextImpl] = {}
+        self._temp_dirs: list[Path] = []
+
+    def create_sandbox(
+        self,
+        plugin_id: str,
+        policy: SecurityPolicy,
+    ) -> SandboxContext:
+        """Create a sandbox context.
+
+        Args:
+            plugin_id: Plugin identifier
+            policy: Security policy to apply
+
+        Returns:
+            SandboxContext for execution
+        """
+        context = SandboxContextImpl(
+            plugin_id=plugin_id,
+            policy=policy,
+        )
+        self._contexts[context.sandbox_id] = context
+        logger.debug(f"Created process sandbox context for {plugin_id}")
+        return context
+
+    async def execute(
+        self,
+        context: SandboxContext,
+        func: Callable[..., Any],
+        *args: Any,
+        **kwargs: Any,
+    ) -> Any:
+        """Execute function in isolated subprocess.
+
+        Args:
+            context: Sandbox context
+            func: Function to execute
+            *args: Positional arguments
+            **kwargs: Keyword arguments
+
+        Returns:
+            Function result
+
+        Raises:
+            SandboxTimeoutError: If execution times out
+            SandboxResourceError: If resource limits exceeded
+            SandboxSecurityViolation: If blocked module imported
+        """
+        impl = self._get_impl(context)
+        impl.mark_started()
+        policy = context.policy
+        limits = policy.resource_limits
+
+        # Create temporary directory for IPC
+        temp_dir = Path(tempfile.mkdtemp(prefix="truthound_sandbox_"))
+        self._temp_dirs.append(temp_dir)
+
+        data_path = temp_dir / "data.pkl"
+        result_path = temp_dir / "result.pkl"
+        script_path = temp_dir / "executor.py"
+
+        try:
+            # Serialize function and data
+            with open(data_path, "wb") as f:
+                pickle.dump({
+                    "func": func,
+                    "args": args,
+                    "kwargs": kwargs,
+                }, f)
+
+            # Create executor script
+            script = _create_executor_script(
+                func_module=getattr(func, "__module__", "__main__"),
+                func_name=getattr(func, "__name__", "func"),
+                data_path=data_path,
+                result_path=result_path,
+                max_memory_mb=limits.max_memory_mb,
+                max_cpu_time=int(limits.max_execution_time_sec),
+                blocked_modules=policy.blocked_modules,
+            )
+            with open(script_path, "w") as f:
+                f.write(script)
+
+            # Execute in subprocess
+            process = await asyncio.create_subprocess_exec(
+                sys.executable,
+                str(script_path),
+                stdout=asyncio.subprocess.PIPE,
+                stderr=asyncio.subprocess.PIPE,
+                cwd=str(temp_dir),
+            )
+            impl.set_process_id(process.pid or 0)
+
+            try:
+                # Wait with timeout (add grace period)
+                stdout, stderr = await asyncio.wait_for(
+                    process.communicate(),
+                    timeout=limits.max_execution_time_sec + 5,
+                )
+            except asyncio.TimeoutError:
+                process.kill()
+                await process.wait()
+                impl.mark_terminated()
+                raise SandboxTimeoutError(
+                    f"Execution timed out after {limits.max_execution_time_sec}s",
+                    plugin_id=context.plugin_id,
+                    sandbox_id=context.sandbox_id,
+                    timeout_seconds=limits.max_execution_time_sec,
+                    execution_time=impl.execution_time_sec,
+                )
+
+            impl.mark_finished()
+
+            # Check for result
+            if not result_path.exists():
+                stderr_text = stderr.decode() if stderr else "No output"
+                raise SandboxError(
+                    f"Subprocess produced no result. stderr: {stderr_text}",
+                    plugin_id=context.plugin_id,
+                    sandbox_id=context.sandbox_id,
+                )
+
+            # Load result
+            with open(result_path, "rb") as f:
+                result_data = pickle.load(f)
+
+            if result_data.get("success"):
+                return result_data.get("result")
+
+            # Handle errors
+            error_type = result_data.get("error", "UnknownError")
+            error_msg = result_data.get("message", "Unknown error")
+
+            if error_type == "memory_limit":
+                raise SandboxResourceError(
+                    f"Memory limit exceeded: {error_msg}",
+                    plugin_id=context.plugin_id,
+                    sandbox_id=context.sandbox_id,
+                    resource_type="memory",
+                    limit=limits.max_memory_mb,
+                )
+            elif error_type == "ImportError":
+                raise SandboxSecurityViolation(
+                    f"Blocked import: {error_msg}",
+                    plugin_id=context.plugin_id,
+                    sandbox_id=context.sandbox_id,
+                    violation_type="import",
+                    attempted_action=error_msg,
+                )
+            else:
+                raise SandboxError(
+                    f"Execution error ({error_type}): {error_msg}",
+                    plugin_id=context.plugin_id,
+                    sandbox_id=context.sandbox_id,
+                )
+
+        finally:
+            # Cleanup temp directory
+            self._cleanup_temp_dir(temp_dir)
+
+    def terminate(self, context: SandboxContext) -> None:
+        """Terminate sandbox subprocess.
+
+        Args:
+            context: Sandbox to terminate
+        """
+        impl = self._get_impl(context)
+        impl.mark_terminated()
+
+        # Kill process if running
+        pid = impl.process_id
+        if pid:
+            try:
+                os.kill(pid, 9)  # SIGKILL
+            except (OSError, ProcessLookupError):
+                pass  # Process already dead
+
+        self._contexts.pop(context.sandbox_id, None)
+
+    async def cleanup(self) -> None:
+        """Clean up all sandbox resources."""
+        # Terminate all contexts
+        for context in list(self._contexts.values()):
+            self.terminate(context)
+        self._contexts.clear()
+
+        # Clean up temp directories
+        import shutil
+        for temp_dir in self._temp_dirs:
+            if temp_dir.exists():
+                shutil.rmtree(temp_dir, ignore_errors=True)
+        self._temp_dirs.clear()
+
+    def _cleanup_temp_dir(self, temp_dir: Path) -> None:
+        """Clean up a single temp directory."""
+        import shutil
+        if temp_dir.exists():
+            shutil.rmtree(temp_dir, ignore_errors=True)
+        if temp_dir in self._temp_dirs:
+            self._temp_dirs.remove(temp_dir)
+
+    def _get_impl(self, context: SandboxContext) -> SandboxContextImpl:
+        """Get implementation from context."""
+        if isinstance(context, SandboxContextImpl):
+            return context
+        impl = self._contexts.get(context.sandbox_id)
+        if impl is None:
+            raise ValueError(f"Unknown sandbox context: {context.sandbox_id}")
+        return impl

truthound/plugins/security/sandbox/factory.py

@@ -0,0 +1,211 @@
+"""Factory for creating sandbox engines.
+
+This module provides the SandboxFactory which creates the appropriate
+sandbox engine based on the requested isolation level.
+
+The factory follows the Strategy pattern, allowing different isolation
+mechanisms to be selected at runtime.
+"""
+
+from __future__ import annotations
+
+import logging
+from typing import Type
+
+from truthound.plugins.security.protocols import IsolationLevel, SandboxEngine
+
+logger = logging.getLogger(__name__)
+
+
+class SandboxFactory:
+    """Factory for creating sandbox engines.
+
+    Uses the Strategy pattern to select appropriate sandbox engine
+    based on isolation level.
+
+    Example:
+        >>> engine = SandboxFactory.create(IsolationLevel.PROCESS)
+        >>> context = engine.create_sandbox("my-plugin", policy)
+    """
+
+    # Registry of engine classes by isolation level
+    _engines: dict[IsolationLevel, Type[SandboxEngine]] = {}
+
+    # Lazy-loaded engine instances (singletons per level)
+    _instances: dict[IsolationLevel, SandboxEngine] = {}
+
+    @classmethod
+    def register(
+        cls,
+        level: IsolationLevel,
+        engine_class: Type[SandboxEngine],
+    ) -> None:
+        """Register a sandbox engine for an isolation level.
+
+        Args:
+            level: Isolation level this engine provides
+            engine_class: Engine class to register
+
+        Example:
+            >>> SandboxFactory.register(IsolationLevel.WASM, WasmSandboxEngine)
+        """
+        cls._engines[level] = engine_class
+        # Clear cached instance if exists
+        cls._instances.pop(level, None)
+        logger.debug(f"Registered sandbox engine {engine_class.__name__} for {level.name}")
+
+    @classmethod
+    def unregister(cls, level: IsolationLevel) -> bool:
+        """Unregister a sandbox engine.
+
+        Args:
+            level: Isolation level to unregister
+
+        Returns:
+            True if engine was registered, False otherwise
+        """
+        cls._instances.pop(level, None)
+        return cls._engines.pop(level, None) is not None
+
+    @classmethod
+    def create(
+        cls,
+        level: IsolationLevel,
+        singleton: bool = True,
+    ) -> SandboxEngine:
+        """Create or get a sandbox engine for the specified isolation level.
+
+        Args:
+            level: Desired isolation level
+            singleton: If True, return cached instance; if False, create new
+
+        Returns:
+            SandboxEngine instance
+
+        Raises:
+            ValueError: If no engine registered for the level
+        """
+        # Check for singleton instance
+        if singleton and level in cls._instances:
+            return cls._instances[level]
+
+        # Get engine class
+        engine_class = cls._engines.get(level)
+        if engine_class is None:
+            # Try to lazily load default engines
+            cls._load_default_engines()
+            engine_class = cls._engines.get(level)
+
+        if engine_class is None:
+            available = [l.name for l in cls._engines.keys()]
+            raise ValueError(
+                f"No sandbox engine registered for isolation level {level.name}. "
+                f"Available: {available}"
+            )
+
+        # Create instance
+        instance = engine_class()
+
+        # Cache if singleton
+        if singleton:
+            cls._instances[level] = instance
+
+        logger.debug(f"Created sandbox engine {engine_class.__name__} for {level.name}")
+        return instance
+
+    @classmethod
+    def _load_default_engines(cls) -> None:
+        """Lazily load default sandbox engines."""
+        if cls._engines:
+            return  # Already loaded
+
+        # Import engines here to avoid circular imports
+        from truthound.plugins.security.sandbox.engines.noop import NoopSandboxEngine
+        from truthound.plugins.security.sandbox.engines.process import ProcessSandboxEngine
+        from truthound.plugins.security.sandbox.engines.container import ContainerSandboxEngine
+
+        cls._engines = {
+            IsolationLevel.NONE: NoopSandboxEngine,
+            IsolationLevel.PROCESS: ProcessSandboxEngine,
+            IsolationLevel.CONTAINER: ContainerSandboxEngine,
+            # WASM not implemented yet
+        }
+
+    @classmethod
+    def is_available(cls, level: IsolationLevel) -> bool:
+        """Check if a sandbox engine is available for the level.
+
+        Args:
+            level: Isolation level to check
+
+        Returns:
+            True if engine is registered
+        """
+        cls._load_default_engines()
+        return level in cls._engines
+
+    @classmethod
+    def list_available(cls) -> list[IsolationLevel]:
+        """List all available isolation levels.
+
+        Returns:
+            List of registered isolation levels
+        """
+        cls._load_default_engines()
+        return list(cls._engines.keys())
+
+    @classmethod
+    def get_best_available(cls, preferred: IsolationLevel) -> SandboxEngine:
+        """Get the best available sandbox engine.
+
+        Falls back to less isolated options if preferred is not available.
+
+        Args:
+            preferred: Preferred isolation level
+
+        Returns:
+            Best available SandboxEngine
+
+        Raises:
+            ValueError: If no engines are available
+        """
+        cls._load_default_engines()
+
+        # Priority order from most to least isolated
+        fallback_order = [
+            IsolationLevel.CONTAINER,
+            IsolationLevel.PROCESS,
+            IsolationLevel.NONE,
+        ]
+
+        # Try preferred first
+        if cls.is_available(preferred):
+            return cls.create(preferred)
+
+        # Find best available fallback
+        preferred_index = fallback_order.index(preferred) if preferred in fallback_order else 0
+        for level in fallback_order[preferred_index:]:
+            if cls.is_available(level):
+                logger.warning(
+                    f"Preferred isolation {preferred.name} not available, "
+                    f"falling back to {level.name}"
+                )
+                return cls.create(level)
+
+        raise ValueError("No sandbox engines available")
+
+    @classmethod
+    async def cleanup_all(cls) -> None:
+        """Clean up all cached engine instances."""
+        for level, engine in list(cls._instances.items()):
+            try:
+                await engine.cleanup()
+            except Exception as e:
+                logger.error(f"Error cleaning up {level.name} engine: {e}")
+        cls._instances.clear()
+
+    @classmethod
+    def reset(cls) -> None:
+        """Reset factory to initial state (mainly for testing)."""
+        cls._engines.clear()
+        cls._instances.clear()

truthound/plugins/security/signing/__init__.py

@@ -0,0 +1,57 @@
+"""Plugin signing and verification module.
+
+This module provides cryptographic signing and verification for plugins
+using the Chain of Responsibility pattern for multi-step verification.
+
+Components:
+    - SigningServiceImpl: Signs plugins with various algorithms
+    - TrustStoreImpl: Manages trusted certificates
+    - VerificationChain: Chain of verification handlers
+
+Example:
+    >>> from truthound.plugins.security.signing import (
+    ...     SigningServiceImpl,
+    ...     TrustStoreImpl,
+    ...     create_verification_chain,
+    ... )
+    >>>
+    >>> # Sign a plugin
+    >>> service = SigningServiceImpl()
+    >>> signature = service.sign(plugin_path, private_key)
+    >>>
+    >>> # Verify with trust store
+    >>> trust_store = TrustStoreImpl()
+    >>> chain = create_verification_chain(trust_store)
+    >>> result = chain.verify(plugin_path, signature, {})
+"""
+
+from __future__ import annotations
+
+from truthound.plugins.security.signing.service import (
+    SigningServiceImpl,
+    SignatureAlgorithm,
+)
+from truthound.plugins.security.signing.trust_store import TrustStoreImpl
+from truthound.plugins.security.signing.verifier import (
+    VerificationHandlerBase,
+    IntegrityVerifier,
+    SignatureVerifier,
+    TrustVerifier,
+    ExpirationVerifier,
+    create_verification_chain,
+)
+
+__all__ = [
+    # Service
+    "SigningServiceImpl",
+    "SignatureAlgorithm",
+    # Trust Store
+    "TrustStoreImpl",
+    # Verification Chain
+    "VerificationHandlerBase",
+    "IntegrityVerifier",
+    "SignatureVerifier",
+    "TrustVerifier",
+    "ExpirationVerifier",
+    "create_verification_chain",
+]