Python Wrapper for openTDF SDK

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for opentdf from gravatar.com opentdf

Unverified details

These details have not been verified by PyPI
Project links

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: BSD License (The Clear BSD License)

Author: Virtru

Classifiers

Project description

OpenTDF SDK

The OpenTDF Python SDK allows developers to easily create and manage encrypted Trusted Data Format (TDF) objects and interact with Key Access and Attribute Provider services (KAS, AP).

Installation

Upgrade pip3 to the latest version and run

pip3 install opentdf

Backend services

To perform any TDF operation, first start the backend services. Follow the opentdf backend instructions here to get going quickly.

Authentication

The OpenTDF team has chosen Keycloak as its reference implementation IdP.

The OpenTDF SDK uses OIDC as authentication and authorization to verify the client has access on behalf of an entity or the a certain level of access appropriate to its subject attributes. The opentdf SDK currently supports only client attributes, not user or person entity attributes. First, create a client application in keycloak

Use the client creds to create an OIDCCredentials instance and pass into the TDFClient or NanoTDFClient. With the client initialized as such, you can use it to perform encrypt/decrypt operations on behalf of the assigned client profile.

Access control

OpenTDF enables the access control of the data by enabling attributes. The key access ABAC backend service can be used to add and remove attribute values to the client application.

Applying a data attribute to the TDF can be done using this SDK api.

client.add_data_attribute("https://example.com/attr/Classification/value/S", "optionalKasUrl")

Create TDF Object (minimal example)

import sys
from opentdf import TDFClient, NanoTDFClient, OIDCCredentials, LogLevel, TDFStorageType

# encrypt the file and apply the policy on tdf file and also decrypt.
OIDC_ENDPONT = "http://localhost:65432/"
KAS_URL = "http://localhost:65432/api/kas"
OIDC_CONFIGURATION_URL = "http://localhost:65432/auth/realms/tdf/.well-known/openid-configuration"
try:
    # Create OIDC credentials object
    oidc_creds = OIDCCredentials(OIDC_CONFIGURATION_URL)
    oidc_creds.set_client_id_and_client_secret(client_id = "tdf-client",
                                 client_secret = "123-456")

    client = TDFClient(oidc_credentials = oidc_creds,
                        kas_url = KAS_URL)
    client.enable_console_logging(LogLevel.Warn)

    #################################################
    # TDF - File API
    ################################################


    client.add_data_attribute("https://example.com/attr/Classification/value/S", KAS_URL)

    # NOTE: Make sure sample.txt file exists
    
    sampleTxtStorage = TDFStorageType()
    sampleTxtStorage.set_tdf_storage_file_type("sample.txt")
    client.enable_benchmark()
    client.encrypt_file(sampleTxtStorage, "sample.txt.tdf")

    sampleTdfStorage = TDFStorageType()
    sampleTdfStorage.set_tdf_storage_file_type("sample.txt.tdf")
    client.decrypt_file(sampleTdfStorage, "sample_out.txt")

    #################################################
    # TDF - Data API
    #################################################

    plain_text = 'Hello world!!'
    sampleStringStorage = TDFStorageType()
    sampleStringStorage.set_tdf_storage_string_type(plain_text)
    tdf_data = client.encrypt_data(sampleStringStorage)

    sampleEncryptedStringStorage = TDFStorageType()
    sampleEncryptedStringStorage.set_tdf_storage_string_type(tdf_data)
    decrypted_plain_text = client.decrypt_data(sampleEncryptedStringStorage)

    if plain_text == decrypted_plain_text:
        print("TDF Encrypt/Decrypt is successful!!")
    else:
        print("Error: TDF Encrypt/Decrypt failed!!")


    #################################################
    # Nano TDF - File API
    ################################################

    # create a nano tdf client.
    nano_tdf_client = NanoTDFClient(oidc_credentials = oidc_creds,
                                 kas_url = KAS_URL)
    nano_tdf_client.enable_console_logging(LogLevel.Warn)
    nano_tdf_client.enable_benchmark()

    sampleTxtStorageNano = TDFStorageType()
    sampleTxtStorageNano.set_tdf_storage_file_type("sample.txt")
    nano_tdf_client.encrypt_file(sampleTxtStorageNano, "sample.txt.ntdf")

    sampleTdfStorageNano = TDFStorageType()
    sampleTdfStorageNano.set_tdf_storage_file_type("sample.txt.ntdf")
    nano_tdf_client.decrypt_file(sampleTdfStorageNano, "sample_out.nano.txt")

    #################################################
    # Nano TDF - Data API
    #################################################

    plain_text = 'Hello world!!'
    sampleStringStorageNano = TDFStorageType()
    sampleStringStorageNano.set_tdf_storage_string_type(plain_text)
    nan_tdf_data = nano_tdf_client.encrypt_data(sampleStringStorageNano)

    sampleEncryptedStringStorageNano = TDFStorageType()
    sampleEncryptedStringStorageNano.set_tdf_storage_string_type(nan_tdf_data)
    decrypted_plain_text = nano_tdf_client.decrypt_data(sampleEncryptedStringStorageNano)

    if plain_text == decrypted_plain_text.decode("utf-8"):
        print("Nano TDF Encrypt/Decrypt is successful!!")
    else:
        print("Error: Nano TDF Encrypt/Decrypt failed!!")

except:
    print("Unexpected error: %s" % sys.exc_info()[0])
    raise

License

OpenTDF is licensed under the Clear BSD License.

See the LICENSE file for more details.

Terms of Service

Privacy Policy

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for opentdf from gravatar.com opentdf

Unverified details

These details have not been verified by PyPI
Project links

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: BSD License (The Clear BSD License)

Author: Virtru

Classifiers

Release history Release notifications | RSS feed

This version

1.5.5

1.5.4

1.5.3

1.5.0

1.2.9a1476 pre-release

1.2.2

1.2.1

1.2.0

1.1.9

1.1.8

1.1.7

1.1.6

1.1.0a2057 pre-release

1.1.0a2050 pre-release

1.1.0a2049 pre-release

1.0.0

1.0.0b1957 pre-release

1.0.0a2048 pre-release

1.0.0a1956 pre-release

0.7.4a1836 pre-release

0.7.3

0.7.3b1828 pre-release

0.7.3a1827 pre-release

0.7.2

0.7.2b1814 pre-release

0.7.2a1813 pre-release

0.7.1

0.7.1b1809 pre-release

0.7.1a1808 pre-release

0.7.1a1801 pre-release

0.7.0a1766 pre-release

0.6.3a1741 pre-release

0.6.2a1730 pre-release

0.5.3a1704 pre-release

0.2.11a1624 pre-release

0.2.7

0.2.7b1604 pre-release

0.2.7a1602 pre-release

0.2.7a1599 pre-release

0.2.6

0.2.6a1582 pre-release

0.2.6a1573 pre-release

0.2.5a1568 pre-release

0.2.3a1549 pre-release

0.1.1a1520 pre-release

0.1.1a1517 pre-release

0.1.0

0.1.0b1499 pre-release

0.1.0a1495 pre-release

0.1.0a1487 pre-release

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distributions

opentdf-1.5.5-pp310-pypy310_pp73-macosx_11_0_arm64.whl (3.7 MB view hashes)

Uploaded PyPy macOS 11.0+ ARM64

opentdf-1.5.5-pp310-pypy310_pp73-macosx_10_9_x86_64.whl (4.1 MB view hashes)

Uploaded PyPy macOS 10.9+ x86-64

opentdf-1.5.5-pp39-pypy39_pp73-macosx_11_0_arm64.whl (3.7 MB view hashes)

Uploaded PyPy macOS 11.0+ ARM64

opentdf-1.5.5-pp39-pypy39_pp73-macosx_10_9_x86_64.whl (4.1 MB view hashes)

Uploaded PyPy macOS 10.9+ x86-64

opentdf-1.5.5-pp38-pypy38_pp73-macosx_11_0_arm64.whl (3.7 MB view hashes)

Uploaded PyPy macOS 11.0+ ARM64

opentdf-1.5.5-pp38-pypy38_pp73-macosx_10_9_x86_64.whl (4.1 MB view hashes)

Uploaded PyPy macOS 10.9+ x86-64

opentdf-1.5.5-pp37-pypy37_pp73-macosx_10_9_x86_64.whl (4.1 MB view hashes)

Uploaded PyPy macOS 10.9+ x86-64

opentdf-1.5.5-cp312-cp312-macosx_11_0_arm64.whl (3.8 MB view hashes)

Uploaded CPython 3.12 macOS 11.0+ ARM64

opentdf-1.5.5-cp312-cp312-macosx_10_9_x86_64.whl (4.2 MB view hashes)

Uploaded CPython 3.12 macOS 10.9+ x86-64

opentdf-1.5.5-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (7.4 MB view hashes)

Uploaded CPython 3.11 manylinux: glibc 2.17+ x86-64

opentdf-1.5.5-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl (7.0 MB view hashes)

Uploaded CPython 3.11 manylinux: glibc 2.17+ ARM64

opentdf-1.5.5-cp311-cp311-macosx_11_0_arm64.whl (3.7 MB view hashes)

Uploaded CPython 3.11 macOS 11.0+ ARM64

opentdf-1.5.5-cp311-cp311-macosx_10_9_x86_64.whl (4.2 MB view hashes)

Uploaded CPython 3.11 macOS 10.9+ x86-64

opentdf-1.5.5-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (7.4 MB view hashes)

Uploaded CPython 3.10 manylinux: glibc 2.17+ x86-64

opentdf-1.5.5-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl (7.0 MB view hashes)

Uploaded CPython 3.10 manylinux: glibc 2.17+ ARM64

opentdf-1.5.5-cp310-cp310-macosx_11_0_arm64.whl (3.7 MB view hashes)

Uploaded CPython 3.10 macOS 11.0+ ARM64

opentdf-1.5.5-cp310-cp310-macosx_10_9_x86_64.whl (4.2 MB view hashes)

Uploaded CPython 3.10 macOS 10.9+ x86-64

opentdf-1.5.5-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (7.4 MB view hashes)

Uploaded CPython 3.9 manylinux: glibc 2.17+ x86-64

opentdf-1.5.5-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl (7.0 MB view hashes)

Uploaded CPython 3.9 manylinux: glibc 2.17+ ARM64

opentdf-1.5.5-cp39-cp39-macosx_11_0_arm64.whl (3.7 MB view hashes)

Uploaded CPython 3.9 macOS 11.0+ ARM64

opentdf-1.5.5-cp39-cp39-macosx_10_9_x86_64.whl (4.2 MB view hashes)

Uploaded CPython 3.9 macOS 10.9+ x86-64

opentdf-1.5.5-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (7.4 MB view hashes)

Uploaded CPython 3.8 manylinux: glibc 2.17+ x86-64

opentdf-1.5.5-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl (7.0 MB view hashes)

Uploaded CPython 3.8 manylinux: glibc 2.17+ ARM64

opentdf-1.5.5-cp38-cp38-macosx_11_0_arm64.whl (3.7 MB view hashes)

Uploaded CPython 3.8 macOS 11.0+ ARM64

opentdf-1.5.5-cp38-cp38-macosx_10_9_x86_64.whl (4.2 MB view hashes)

Uploaded CPython 3.8 macOS 10.9+ x86-64

opentdf-1.5.5-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (7.5 MB view hashes)

Uploaded CPython 3.7m manylinux: glibc 2.17+ x86-64

opentdf-1.5.5-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl (7.1 MB view hashes)

Uploaded CPython 3.7m manylinux: glibc 2.17+ ARM64

opentdf-1.5.5-cp37-cp37m-macosx_10_9_x86_64.whl (4.2 MB view hashes)

Uploaded CPython 3.7m macOS 10.9+ x86-64

opentdf-1.5.5-cp36-cp36m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl (7.5 MB view hashes)

Uploaded CPython 3.6m manylinux: glibc 2.17+ x86-64

opentdf-1.5.5-cp36-cp36m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl (7.1 MB view hashes)

Uploaded CPython 3.6m manylinux: glibc 2.17+ ARM64

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page