secure_unpickle¶

Warning: ONLY LOAD DATA YOU TRUST. When depickling (deserializing) is performed arbitrary code can be executed, learn more at https://docs.python.org/3/library/pickle.html We (the PyRosetta developers) have made reasonable efforts to prevent malicious usage, however the system’s complexity means it cannot be guaranteed to be entirely foolproof. To avoid finding any remaining security issues from the pickle module, only use inputs and data from known, trusted sources.

pyrosetta.secure_unpickle.set_unpickle_hmac_key(key: Optional[bytes]) → None¶: Set the global Hash-based Message Authentication Code (HMAC) key for Pose.cache score object secure serialization.

pyrosetta.secure_unpickle.get_unpickle_hmac_key() → Optional[bytes]¶: Get the global Hash-based Message Authentication Code (HMAC) key for Pose.cache score object secure serialization.

exception pyrosetta.secure_unpickle.UnpickleCompatibilityError(module: str, name: str)¶

Bases: UnpicklingError

Subclass of pickle.UnpicklingError raised when an unpickle-allowed module cannot be resolved due to a Python package version or environment mismatch from that used to pickle the module.

__init__(module: str, name: str) → None¶

add_note()¶: Exception.add_note(note) – add a note to the exception

args¶

with_traceback()¶: Exception.with_traceback(tb) – set self.__traceback__ to tb and return self.

exception pyrosetta.secure_unpickle.UnpickleIntegrityError(*args: Any)¶

Bases: UnpicklingError

Subclass of pickle.UnpicklingError raised on failed HMAC verification.

__init__(*args: Any) → None¶

add_note()¶: Exception.add_note(note) – add a note to the exception

args¶

with_traceback()¶: Exception.with_traceback(tb) – set self.__traceback__ to tb and return self.

exception pyrosetta.secure_unpickle.UnpickleSecurityError(module: str, name: str, allowed: Tuple[str, ...])¶

Bases: UnpicklingError

Subclass of pickle.UnpicklingError raised when pickled objects reference disallowed globals and modules.

__init__(module: str, name: str, allowed: Tuple[str, ...]) → None¶

add_note()¶: Exception.add_note(note) – add a note to the exception

args¶

with_traceback()¶: Exception.with_traceback(tb) – set self.__traceback__ to tb and return self.

pyrosetta.secure_unpickle.add_secure_package(package: str) → None¶: Add a secure package by top-level name to the unpickle-allowed list.

pyrosetta.secure_unpickle.clear_secure_packages() → None¶: Remove all secure packages, excluding ‘pyrosetta’ which is always implicitly allowed.

pyrosetta.secure_unpickle.get_secure_packages() → Tuple[str, ...]¶: Return the extra secure packages currently allowed, excluding ‘pyrosetta’ which is always implicitly allowed.

pyrosetta.secure_unpickle.remove_secure_package(package: str) → None¶: Remove a secure package by top-level name if present in the unpickle-allowed list.

pyrosetta.secure_unpickle.set_secure_packages(packages: Iterable[str]) → None¶

Set the secure extra packages in the unpickle-allowed list, excluding ‘pyrosetta’ which is always implicitly allowed.

Example:: set_secure_packages((‘numpy’, ‘pandas’))

pyrosetta.secure_unpickle.get_disallowed_packages() → Tuple[str, ...]¶: Return a tuple of packages and methods that are permanently disallowed from being unpickled in PyRosetta, where ‘*’ matches any string.

pyrosetta.secure_unpickle._split_top_package(module: str) → str¶

class pyrosetta.secure_unpickle.ModuleCache¶

Bases: object

Resolve modules and packages by path, and determine if they are allowed or disallowed.

static _rosetta_module() → object¶

static _rosetta_origin() → Optional[Path]¶

static _package_base_dir(package_name: str) → Optional[Path]¶

static _module_file(module_name: str) → Optional[Path]¶

static _is_relative_to(path: Path, base: Path) → bool¶

static _is_under_package(module: str, package: str) → bool¶

static _is_under_rosetta(module: str) → bool¶

static _walk_rosetta_module(module: str) → Any¶

static _is_allowed_module(module: str) → bool¶

static _get_allowed_module_attr(module: str, name: str) → Any¶

class pyrosetta.secure_unpickle.SecureUnpickler(file: BytesIO, *, stream_protocol: int = -1)¶

Bases: Unpickler

Secure subclass of pickle.Unpickler predicated on allowed and disallowed globals, modules, and prefixes.

__init__(file: BytesIO, *, stream_protocol: int = -1) → None¶

find_class(module: str, name: str) → Union[Any, NoReturn]¶

Return an object from a specified module.

If necessary, the module will be imported. Subclasses may override this method (e.g. to restrict unpickling of arbitrary classes and functions).

This method is called whenever a class or a function object is needed. Both arguments passed are str objects.

load()¶

Load a pickle.

Read a pickled object representation from the open file object given in the constructor, and return the reconstituted object hierarchy specified therein.

memo¶

persistent_load¶

class pyrosetta.secure_unpickle.SecureSerializerBase¶

Bases: object

Base class for PackedPose, Pose, and Pose.cache score object secure serialization.

_encoder: str = 'utf-8'¶

_pickle_protocol: int = 4¶

static to_pickle(value: Any) → Union[bytes, NoReturn]¶

static from_base64(value: Union[str, bytes]) → bytes¶

static to_base64(value: bytes) → str¶

static secure_loads(value: bytes) → Union[Any, NoReturn]¶: Secure replacement for pickle.loads.

static secure_load(file: BufferedReader) → Union[Any, NoReturn]¶: Secure replacement for pickle.load() for file-like objects.

static secure_from_base64_pickle(string: str) → Any¶

static secure_to_base64_pickle(obj: Any) → str¶

static _get_hmac_tag(key: bytes, data: bytes) → bytes¶

static _prepend_hmac_tag(key: bytes, data: bytes) → bytes¶

static _verify_and_remove_hmac_tag(key: bytes, signed_data: bytes) → Union[bytes, NoReturn]¶

static _get_file_head(file: BufferedReader) → bytes¶

static _get_stream_protocol(obj: bytes) → int¶