tdf3sdk

TDF3 SDK

The TDF3 Python SDK allows developers to easily create and manage encrypted Trusted Data Format (TDF) objects and interact with Key Access and Entity Attribute Services (KAS, EAS).

Installation

Upgrade pip3 to the latest version and run

pip3 install tdf3sdk

Authentication

tdf3sdk allows users to set authentication headers (OIDC bearer tokens, etc), and will use those for authenticating with backing services - by design it does not contain authentication flow logic, for example to exchange client credentials for OIDC bearer tokens, refresh expired tokens, etc - it expects callers to handle that.

For an example of how to wrap this library in auth provider flows, see virtru-tdf3-cpp

OIDC

1. Provide KAS url, user id, and set the use_oidc flag to true:

client = TDF3Client(kas_url, user_id, use_oidc=True)

1. Provide the TDF3Client instance with your valid, previously obtained/generated OIDC bearer token:

client.set_auth_header('eyJhbGciOiJSUzI1NiIsInR5cCIg...')

Legacy EAS

Two different methods:

1. Provide EAS url and user id (user should be registered on EAS):

client = TDF3Client(eas_url, user_id)

1. Provide EAS url, user id, client key (absolute file path), client cetificate (absolute file path) and root CA (absolute file path)

client = TDF3Client(eas_url, user_id, filepath_client_key, filepath_client_cert, filepath_rootCA)

Create Encrypted TDF Object (minimal example)

from tdf3sdk import TDF3Client

client = TDF3Client(eas_url, user_id)
unprotected_file = "sensitive.txt"
protected_file = unprotected_file + ".tdf.html"

client.encrypt_file(unprotected_file, protected_file)

Terms of Service Privacy Policy