indy

package
v0.30.45 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 2, 2023 License: Apache-2.0 Imports: 22 Imported by: 0

Documentation

Index

Constants

View Source
const MethodPrefix = "did:sov:"
View Source
const SovVerKeyLen = 32

Variables

View Source
var (
	ErrWrongSignature = fmt.Errorf("signature validation failed")
)

Functions

func DID2KID

func DID2KID(did string) string

Types

type Crypto

type Crypto struct {
}

func (*Crypto) ComputeMAC

func (c *Crypto) ComputeMAC(data []byte, kh interface{}) ([]byte, error)

ComputeMAC computes message authentication code (MAC) for code data using a matching MAC primitive in kh key handle

func (*Crypto) Decrypt

func (c *Crypto) Decrypt(cipher []byte, aad []byte, nonce []byte, kh interface{}) ([]byte, error)

Decrypt will decrypt cipher with aad and given nonce using a matching AEAD primitive in kh key handle of a private key returns:

plainText in []byte
error in case of errors

func (*Crypto) DeriveProof

func (c *Crypto) DeriveProof(messages [][]byte, bbsSignature []byte, nonce []byte, revealedIndexes []int, kh interface{}) ([]byte, error)

DeriveProof will create a signature proof for a list of revealed messages using BBS signature (can be built using a Signer's SignMulti() call) and a matching signing primitive found in kh key handle of a public key. returns:

signature proof in []byte
error in case of errors

func (*Crypto) Encrypt

func (c *Crypto) Encrypt(msg []byte, aad []byte, kh interface{}) ([]byte, []byte, error)

Encrypt will encrypt msg and aad using a matching AEAD primitive in kh key handle of a public key returns:

cipherText in []byte
nonce in []byte
error in case of errors during encryption

func (*Crypto) Sign

func (c *Crypto) Sign(msg []byte, kh interface{}) (s []byte, err error)

Sign will sign msg using a matching signature primitive in kh key handle of a private key returns:

signature in []byte
error in case of errors

func (*Crypto) SignMulti

func (c *Crypto) SignMulti(messages [][]byte, kh interface{}) ([]byte, error)

SignMulti will create a signature of messages using a matching signing primitive found in kh key handle of a private key. returns:

signature in []byte
error in case of errors

func (*Crypto) UnwrapKey

func (c *Crypto) UnwrapKey(recWK *crypto.RecipientWrappedKey, kh interface{}, opts ...crypto.WrapKeyOpts) ([]byte, error)

UnwrapKey unwraps a key in recWK using recipient private key kh. 'opts' allows setting the optional sender key handle using WithSender() option and the an authentication tag using WithTag() option. These allow ECDH-1PU key unwrapping (aka Authcrypt). The absence of these options uses ECDH-ES key unwrapping (aka Anoncrypt). There is no need to use WithXC20PKW() for UnwrapKey since the function will use the wrapping algorithm based on recWK.Alg. returns:

unwrapped key in raw bytes
error in case of errors

func (*Crypto) Verify

func (c *Crypto) Verify(signature []byte, msg []byte, kh interface{}) (err error)

Verify will verify a signature for the given msg using a matching signature primitive in kh key handle of a public key returns:

error in case of errors or nil if signature verification was successful

func (*Crypto) VerifyMAC

func (c *Crypto) VerifyMAC(mac []byte, data []byte, kh interface{}) error

VerifyMAC determines if mac is a correct authentication code (MAC) for data using a matching MAC primitive in kh key handle and returns nil if so, otherwise it returns an error.

func (*Crypto) VerifyMulti

func (c *Crypto) VerifyMulti(messages [][]byte, signature []byte, kh interface{}) error

VerifyMulti will verify a signature of messages using a matching signing primitive found in kh key handle of a public key. returns:

error in case of errors or nil if signature verification was successful

func (*Crypto) VerifyProof

func (c *Crypto) VerifyProof(revealedMessages [][]byte, proof []byte, nonce []byte, kh interface{}) error

VerifyProof will verify a signature proof (generated e.g. by Verifier's DeriveProof() call) for revealedMessages using a matching signing primitive found in kh key handle of a public key. returns:

error in case of errors or nil if signature proof verification was successful

func (*Crypto) WrapKey

func (c *Crypto) WrapKey(cek []byte, apu []byte, apv []byte, recPubKey *crypto.PublicKey, opts ...crypto.WrapKeyOpts) (*crypto.RecipientWrappedKey, error)

WrapKey will execute key wrapping of cek using apu, apv and recipient public key 'recPubKey'. 'opts' allows setting the optional sender key handle using WithSender() option and the an authentication tag using WithTag() option. These allow ECDH-1PU key unwrapping (aka Authcrypt). The absence of these options uses ECDH-ES key wrapping (aka Anoncrypt). Another option that can be used is WithXC20PKW() to instruct the WrapKey to use XC20P key wrapping instead of the default A256GCM. returns:

RecipientWrappedKey containing the wrapped cek value
error in case of errors

type Handle

type Handle struct {
	Wallet int
	VerKey string
}

type Indy

type Indy struct {
	Handle int
	// contains filtered or unexported fields
}

func New

func New(handle int) *Indy

func (*Indy) Close

func (i *Indy) Close() error

func (*Indy) ConnectionStorage

func (i *Indy) ConnectionStorage() api.ConnectionStorage

func (*Indy) CredentialStorage

func (i *Indy) CredentialStorage() api.CredentialStorage

func (*Indy) DIDStorage

func (i *Indy) DIDStorage() api.DIDStorage

func (*Indy) GetOpenStores

func (i *Indy) GetOpenStores() []storage.Store

func (*Indy) GetStoreConfig

func (i *Indy) GetStoreConfig(name string) (storage.StoreConfiguration, error)

func (*Indy) KMS

func (i *Indy) KMS() kms.KeyManager

func (*Indy) Open

func (i *Indy) Open() error

func (*Indy) OpenStore

func (i *Indy) OpenStore(name string) (storage.Store, error)

func (*Indy) OurPackager

func (i *Indy) OurPackager() api.Packager

func (*Indy) SetStoreConfig

func (i *Indy) SetStoreConfig(name string, config storage.StoreConfiguration) error

type KMS

type KMS struct {
	// contains filtered or unexported fields
}

func NewKMS

func NewKMS(storage api.AgentStorage) *KMS

func (*KMS) Add

func (k *KMS) Add(KID, verKey string)

func (*KMS) Create

func (k *KMS) Create(kt kms.KeyType) (string, interface{}, error)

func (*KMS) CreateAndExportPubKeyBytes

func (k *KMS) CreateAndExportPubKeyBytes(kt kms.KeyType) (string, []byte, error)

func (*KMS) ExportPubKeyBytes

func (k *KMS) ExportPubKeyBytes(KID string) ([]byte, kms.KeyType, error)

func (*KMS) Get

func (k *KMS) Get(KID string) (interface{}, error)

func (*KMS) ImportPrivateKey

func (k *KMS) ImportPrivateKey(privKey interface{}, kt kms.KeyType, opts ...kms.PrivateKeyOpts) (string, interface{}, error)

func (*KMS) PubKeyBytesToHandle

func (k *KMS) PubKeyBytesToHandle(pubKey []byte, kt kms.KeyType) (interface{}, error)

func (*KMS) Rotate

func (k *KMS) Rotate(kt kms.KeyType, KID string) (string, interface{}, error)

type Packager

type Packager struct {
	// contains filtered or unexported fields
}

func (*Packager) Crypto

func (p *Packager) Crypto() crypto.Crypto

func (*Packager) KMS

func (p *Packager) KMS() kms.KeyManager

func (*Packager) PackMessage

func (p *Packager) PackMessage(envelope *transport.Envelope) (b []byte, err error)

func (*Packager) StorageProvider

func (p *Packager) StorageProvider() storage.Provider

func (*Packager) UnpackMessage

func (p *Packager) UnpackMessage(
	encMessage []byte,
) (
	e *transport.Envelope,
	err error,
)

func (*Packager) VDRegistry

func (p *Packager) VDRegistry() vdr.Registry

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL