nvflare.fuel.sec.security_content_service module

class LoadResult(value)[source]

Bases: Enum

Constants for different results when loading secure content.

INVALID_CONTENT = 'invalidContent'
INVALID_SIGNATURE = 'invalidSignature'
NOT_MANAGED = 'notManaged'
NOT_SIGNED = 'notSigned'
NO_SUCH_CONTENT = 'noSuchContent'
OK = 'ok'
class SecurityContentManager(content_folder, signature_filename='signature.json', root_cert='rootCA.pem')[source]

Bases: object

Content manager used by SecurityContentService to load secure content.

Parameters:
  • content_folder (str) – the folder path that includes signature file

  • signature_filename (str, optional) – the signature file (signed dictionary). Defaults to “signature.json”.

  • root_cert (str, optional) – root CA certificate filename. Defaults to “rootCA.pem”.

load_content(file_under_verification)[source]

Loads the data of the file under verification and verifies that the signature is valid.

Parameters:

file_under_verification – file to load and verify

Returns:

A tuple of the file data and the LoadResult. File data may be None if the data cannot be loaded.

class SecurityContentService[source]

Bases: object

Uses SecurityContentManager to load secure content.

classmethod check_json_files(patterns: [<class 'str'>]) [<class 'str'>][source]

Check JSON files that match the specified patterns

Parameters:

patterns – the patterns to be checked

Returns: full paths of invalid files if any. A file is considered invalid in any of the cases: - The file is not signed - The file does not match signature

content_folder = None
classmethod initialize(content_folder: str, signature_filename='signature.json', root_cert='rootCA.pem')[source]
classmethod load_content(file_under_verification)[source]
classmethod load_json(file_under_verification)[source]
security_content_manager = None