WIP: decrypt - using pydantic WrapValidator #27
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
CipherDetails may have a dedicated key to use for decryption, use if set
commonism
commented
Jul 4, 2025
| ResetMasterPassword: bool | None = None | ||
| master_key: bytes | None = None | ||
|
|
||
| master_key: bytes | None = None #pydantic.PrivateAttr(default=None) |
There was a problem hiding this comment.
I propose using PrivateAttr here
|
@Lujeni can we talk about this? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hi,
I've looked into this library as a replacement.
This PR is meant to allow discussing some design aspects of the library.
In the first place I need to be able to lookup credentials, therefore I worked on decryption.
Decryption is dealt with during validation, using a pydantic WrapValidator.
Item specific keys, as with CipherDetails or Attachments, can be pushed to the stack when working the item, popped afterwards to continue with the org key. Attachment misses this glue atm.
Encryption would be a WrapSerializer.
Argon2id got some initial thoughts already as well.
I've used allow=forbid for development purposes.
I'd be glad if you could look into this and let me know what think about it.
I could even split this into different PRs (crypto-serdes, argon2id) if required.