49b9bb6724
Deploy Docs / deploy-docs (push) Failing after 1s
Conformance Tests / client-conformance (push) Failing after 3s
Conformance Tests / server-conformance (push) Failing after 1s
GitHub Actions Security Analysis / zizmor (push) Failing after 1s
CI / checks (push) Failing after 59m20s
CI / all-green (push) Has been cancelled
39 lines
1.5 KiB
Python
39 lines
1.5 KiB
Python
import os
|
|
|
|
from cryptography.exceptions import InvalidTag
|
|
from cryptography.hazmat.primitives.ciphers.aead import AESGCM
|
|
|
|
from mcp.server import MCPServer
|
|
from mcp.server.mcpserver import InvalidRequestState, RequestStateSecurity
|
|
|
|
PREFIX = "kms1." # format version; fed to GCM as associated data, so it is bound under the tag
|
|
|
|
|
|
def unwrap_data_key() -> bytes:
|
|
"""One KMS call at process start, kms.decrypt(CiphertextBlob=...); every token after that is local crypto."""
|
|
return os.urandom(32) # stand-in for the unwrapped 32-byte data key
|
|
|
|
|
|
class EnvelopeCodec:
|
|
def __init__(self, data_key: bytes) -> None:
|
|
self._aesgcm = AESGCM(data_key)
|
|
|
|
def seal(self, payload: bytes) -> str:
|
|
nonce = os.urandom(12)
|
|
return PREFIX + (nonce + self._aesgcm.encrypt(nonce, payload, PREFIX.encode())).hex()
|
|
|
|
def unseal(self, token: str) -> bytes:
|
|
if not token.startswith(PREFIX):
|
|
raise InvalidRequestState("unknown token format")
|
|
body = token[len(PREFIX) :]
|
|
try:
|
|
raw = bytes.fromhex(body)
|
|
if raw.hex() != body: # only the exact string seal() produced verifies
|
|
raise ValueError("non-canonical hex")
|
|
return self._aesgcm.decrypt(raw[:12], raw[12:], PREFIX.encode())
|
|
except (ValueError, InvalidTag) as exc:
|
|
raise InvalidRequestState("token failed verification") from exc
|
|
|
|
|
|
mcp = MCPServer("Deployer", request_state_security=RequestStateSecurity(codec=EnvelopeCodec(unwrap_data_key())))
|