async def encrypt(self,
clear_data: bytes,
options: Optional[EncryptionOptions] = None) -> bytes:
"""Encrypt `clear_data`
:param options: An optional instance of :py:class:EncryptionOptions`
:return: Encrypted data, as `bytes`
"""
if options:
c_encrypt_options = CEncryptionOptions(
share_with_users=options.share_with_users,
share_with_groups=options.share_with_groups,
share_with_self=options.share_with_self,
)
else:
c_encrypt_options = CEncryptionOptions()
c_clear_buffer = ffihelpers.bytes_to_c_buffer(
clear_data) # type: CData
clear_size = len(c_clear_buffer)
size = tankerlib.tanker_encrypted_size(clear_size)
c_encrypted_buffer = ffi.new("uint8_t[%i]" % size)
c_future = tankerlib.tanker_encrypt(
self.c_tanker,
c_encrypted_buffer,
c_clear_buffer,
clear_size,
c_encrypt_options.get(),
)
await ffihelpers.handle_tanker_future(c_future)
return ffihelpers.c_buffer_to_bytes(c_encrypted_buffer)
def __init__(
self,
verifications: List[Verification],
):
c_verification_list = ffi.new("tanker_verification_list_t *",
{"version": 1})
c_verification_list.count = len(verifications)
self._tanker_verifications = ffi.new("tanker_verification_t [%i]" %
len(verifications))
c_verification_list.verifications = self._tanker_verifications
# We need to keep the reference to the CVerifications to prevent deallocation
self._verification_list = []
for (i, verification) in enumerate(verifications):
c_verification = CVerification(verification)
self._verification_list.append(c_verification)
# We use [0] to dereference the pointer
c_verification_list.verifications[i] = c_verification.get()[0]
self._c_verification_list = c_verification_list
def __init__(
self,
with_session_token: bool,
):
self._c_data = ffi.new(
"tanker_verification_options_t *",
{
"version": 1,
"with_session_token": with_session_token
},
)
async def encrypt(self, clear_data: bytes) -> bytes:
"""Encrypt `clear_data` with the session"""
c_clear_buffer = ffihelpers.bytes_to_c_buffer(
clear_data) # type: CData
clear_size = len(c_clear_buffer)
size = tankerlib.tanker_encryption_session_encrypted_size(clear_size)
c_encrypted_buffer = ffi.new("uint8_t[%i]" % size)
c_future = tankerlib.tanker_encryption_session_encrypt(
self.c_session, c_encrypted_buffer, c_clear_buffer, clear_size)
await ffihelpers.handle_tanker_future(c_future)
return ffihelpers.c_buffer_to_bytes(c_encrypted_buffer)
async def decrypt(self, encrypted_data: bytes) -> bytes:
"""Decrypt `encrypted_data`"""
c_encrypted_buffer = encrypted_data
c_expected_size = tankerlib.tanker_decrypted_size(
c_encrypted_buffer, len(c_encrypted_buffer))
c_size = ffihelpers.unwrap_expected(c_expected_size, "uint64_t")
size = cast(int, c_size)
c_clear_buffer = ffi.new("uint8_t[%i]" % size)
c_future = tankerlib.tanker_decrypt(self.c_tanker, c_clear_buffer,
c_encrypted_buffer,
len(c_encrypted_buffer))
await ffihelpers.handle_tanker_future(c_future)
return ffihelpers.c_buffer_to_bytes(c_clear_buffer)
def __init__(
self,
*,
share_with_users: OptionalStrList,
share_with_groups: OptionalStrList,
) -> None:
self.user_list = CCharList(share_with_users, ffi, tankerlib)
self.group_list = CCharList(share_with_groups, ffi, tankerlib)
self._c_data = ffi.new(
"tanker_sharing_options_t *",
{
"version": 1,
"share_with_users": self.user_list.data,
"nb_users": self.user_list.size,
"share_with_groups": self.group_list.data,
"nb_groups": self.group_list.size,
},
)
def __init__(
self,
*,
share_with_users: OptionalStrList = None,
share_with_groups: OptionalStrList = None,
share_with_self: bool = True,
) -> None:
self.user_list = CCharList(share_with_users, ffi, tankerlib)
self.group_list = CCharList(share_with_groups, ffi, tankerlib)
self._c_data = ffi.new(
"tanker_encrypt_options_t *",
{
"version": 3,
"share_with_users": self.user_list.data,
"nb_users": self.user_list.size,
"share_with_groups": self.group_list.data,
"nb_groups": self.group_list.size,
"share_with_self": share_with_self,
},
)
def _create_tanker_obj(self) -> None:
c_url = ffihelpers.str_to_c_string(self.url)
c_app_id = ffihelpers.str_to_c_string(self.app_id)
c_persistent_path = ffihelpers.str_to_c_string(self.persistent_path)
c_cache_path = ffihelpers.str_to_c_string(self.cache_path)
c_sdk_type = ffihelpers.str_to_c_string(self.sdk_type)
c_sdk_version = ffihelpers.str_to_c_string(__version__)
tanker_options = ffi.new(
"tanker_options_t *",
{
"version": 4,
"app_id": c_app_id,
"url": c_url,
"persistent_path": c_persistent_path,
"sdk_type": c_sdk_type,
"sdk_version": c_sdk_version,
"http_options": {
"send_request": ffi.NULL,
"cancel_request": ffi.NULL,
"data": ffi.NULL,
},
"cache_path": c_cache_path,
"datastore_options": {
"open": ffi.NULL,
"close": ffi.NULL,
"nuke": ffi.NULL,
"put_serialized_device": ffi.NULL,
"find_serialized_device": ffi.NULL,
"put_cache_values": ffi.NULL,
"find_cache_values": ffi.NULL,
},
},
)
create_fut = tankerlib.tanker_create(tanker_options)
ffihelpers.wait_fut_or_raise(create_fut)
c_voidp = tankerlib.tanker_future_get_voidptr(create_fut)
self.c_tanker = ffi.cast("tanker_t*", c_voidp)
def __init__(
self,
verification: Verification,
):
# Note: we store things in `self` so they don't get
# garbage collected later on
c_verification = ffi.new("tanker_verification_t *", {"version": 5})
if isinstance(verification, VerificationKeyVerification):
c_verification.verification_method_type = (
tankerlib.TANKER_VERIFICATION_METHOD_VERIFICATION_KEY)
self._verification_key = ffihelpers.str_to_c_string(
verification.verification_key)
c_verification.verification_key = self._verification_key
elif isinstance(verification, PassphraseVerification):
c_verification.verification_method_type = (
tankerlib.TANKER_VERIFICATION_METHOD_PASSPHRASE)
self._passphrase = ffihelpers.str_to_c_string(
verification.passphrase)
c_verification.passphrase = self._passphrase
elif isinstance(verification, EmailVerification):
c_verification.verification_method_type = (
tankerlib.TANKER_VERIFICATION_METHOD_EMAIL)
self._email_verification = {
"version":
1,
"email":
ffihelpers.str_to_c_string(verification.email),
"verification_code":
ffihelpers.str_to_c_string(verification.verification_code),
}
c_verification.email_verification = self._email_verification
elif isinstance(verification, OidcIdTokenVerification):
c_verification.verification_method_type = (
tankerlib.TANKER_VERIFICATION_METHOD_OIDC_ID_TOKEN)
self._oidc_id_token = ffihelpers.str_to_c_string(
verification.oidc_id_token)
c_verification.oidc_id_token = self._oidc_id_token
elif isinstance(verification, PhoneNumberVerification):
c_verification.verification_method_type = (
tankerlib.TANKER_VERIFICATION_METHOD_PHONE_NUMBER)
self._phone_number_verification = {
"version":
1,
"phone_number":
ffihelpers.str_to_c_string(verification.phone_number),
"verification_code":
ffihelpers.str_to_c_string(verification.verification_code),
}
c_verification.phone_number_verification = self._phone_number_verification
elif isinstance(verification, PreverifiedEmailVerification):
c_verification.verification_method_type = (
tankerlib.TANKER_VERIFICATION_METHOD_PREVERIFIED_EMAIL)
self._preverified_email = ffihelpers.str_to_c_string(
verification.preverified_email)
c_verification.preverified_email = self._preverified_email
elif isinstance(verification, PreverifiedPhoneNumberVerification):
c_verification.verification_method_type = (
tankerlib.TANKER_VERIFICATION_METHOD_PREVERIFIED_PHONE_NUMBER)
self._preverified_phone_number = ffihelpers.str_to_c_string(
verification.preverified_phone_number)
c_verification.preverified_phone_number = self._preverified_phone_number
self._c_verification = c_verification