daniel156161
6fa931aa36
Testing / remote-protocol-compat (0.9.5) (push) Successful in 56s
Testing / remote-protocol-compat (0.9.3) (push) Successful in 59s
Testing / test (push) Successful in 1m1s
Build & Publish Package / publish (push) Successful in 33s
Package Extension / package-extension (push) Successful in 36s
- Gate TCP serve commands with safe-by-default policies, per-key allow tokens, per-key rate limiting, and audit labels. - Reuse authenticated encrypted remote sessions and parallelize/caches multi-browser fanout to reduce repeated handshake roundtrips. - Increase paged native-host batch size with extension-side byte budgeting to speed large tab listings safely. - Point install output at public Chrome Web Store / Firefox AMO listings by default, with --dev preserving unpacked workflows. - Share search-engine metadata between CLI and SDK and bump the package/extension version to 0.16.0. - Cover the new security, pooling, paging, install, and fanout behavior with expanded Python and extension tests.
72 lines
1.7 KiB
Python
72 lines
1.7 KiB
Python
"""Public auth API for browser-cli.
|
|
|
|
Implementation lives in focused modules:
|
|
- ``auth.agent``: SSH-agent/YubiKey helpers
|
|
- ``auth.keys``: file keys and authorized_keys management
|
|
- ``auth.signing``: canonical payload signing/verification
|
|
- ``auth.pq``: ML-KEM KEX and encrypted transport helpers
|
|
"""
|
|
from browser_cli.auth.agent import (
|
|
AgentKey,
|
|
agent_find_key,
|
|
agent_list_keys,
|
|
agent_roundtrip as _agent_roundtrip,
|
|
agent_sign_raw,
|
|
pack_ssh_string as _pack_str,
|
|
unpack_ssh_string as _unpack_str,
|
|
)
|
|
from browser_cli.auth.keys import (
|
|
add_authorized_key,
|
|
format_authorized_line,
|
|
generate_keypair,
|
|
load_authorized_keys,
|
|
load_authorized_keys_with_names,
|
|
load_authorized_keys_with_policies,
|
|
load_private_key,
|
|
public_key_hex,
|
|
)
|
|
from browser_cli.auth.pq import (
|
|
new_nonce,
|
|
pq_decrypt,
|
|
pq_encrypt,
|
|
pq_kex_client_encapsulate,
|
|
pq_kex_server_decapsulate,
|
|
pq_kex_server_keypair,
|
|
pq_transport_key as _pq_transport_key,
|
|
)
|
|
from browser_cli.auth.signing import (
|
|
auth_message as _auth_message,
|
|
canonical_payload,
|
|
sign,
|
|
verify,
|
|
)
|
|
from browser_cli.constants import DEFAULT_AUTHORIZED_KEYS_PATH, DEFAULT_KEY_PATH, PQ_KEX_ALG, PQ_TRANSPORT_ALG
|
|
|
|
__all__ = [
|
|
"AgentKey",
|
|
"DEFAULT_AUTHORIZED_KEYS_PATH",
|
|
"DEFAULT_KEY_PATH",
|
|
"PQ_KEX_ALG",
|
|
"PQ_TRANSPORT_ALG",
|
|
"add_authorized_key",
|
|
"agent_find_key",
|
|
"agent_list_keys",
|
|
"agent_sign_raw",
|
|
"canonical_payload",
|
|
"format_authorized_line",
|
|
"generate_keypair",
|
|
"load_authorized_keys",
|
|
"load_authorized_keys_with_names",
|
|
"load_authorized_keys_with_policies",
|
|
"load_private_key",
|
|
"new_nonce",
|
|
"pq_decrypt",
|
|
"pq_encrypt",
|
|
"pq_kex_client_encapsulate",
|
|
"pq_kex_server_decapsulate",
|
|
"pq_kex_server_keypair",
|
|
"public_key_hex",
|
|
"sign",
|
|
"verify",
|
|
]
|