aries_cloudagent.indy package¶

Subpackages¶

aries_cloudagent.indy.sdk package

Submodules¶

aries_cloudagent.indy.holder module¶

Base Indy Holder class.

class aries_cloudagent.indy.holder.IndyHolder[source]¶

Bases: abc.ABC

Base class for holder.

CHUNK = 256¶

RECORD_TYPE_MIME_TYPES = 'attribute-mime-types'¶

create_credential_request(credential_offer: dict, credential_definition: dict, holder_did: str) → Tuple[str, str][source]¶

Create a credential request for the given credential offer.

Parameters:	credential_offer – The credential offer to create request for credential_definition – The credential definition to create an offer for holder_did – the DID of the agent making the request
Returns:	A tuple of the credential request and credential request metadata

create_presentation(presentation_request: dict, requested_credentials: dict, schemas: dict, credential_definitions: dict, rev_states: dict = None) → str[source]¶

Get credentials stored in the wallet.

Parameters:	presentation_request – Valid indy format presentation request requested_credentials – Indy format requested credentials schemas – Indy formatted schemas JSON credential_definitions – Indy formatted credential definitions JSON rev_states – Indy format revocation states JSON

create_revocation_state(cred_rev_id: str, rev_reg_def: dict, rev_reg_delta: dict, timestamp: int, tails_file_path: str) → str[source]¶

Create current revocation state for a received credential.

Parameters:	cred_rev_id – credential revocation id in revocation registry rev_reg_def – revocation registry definition rev_reg_delta – revocation delta timestamp – delta timestamp
Returns:	the revocation state

credential_revoked(ledger: aries_cloudagent.ledger.base.BaseLedger, credential_id: str, fro: int = None, to: int = None) → bool[source]¶

Check ledger for revocation status of credential by cred id.

Parameters:	credential_id – Credential id to check

delete_credential(credential_id: str)[source]¶

Remove a credential stored in the wallet.

Parameters:	credential_id – Credential id to remove

get_credential(credential_id: str) → str[source]¶

Get a credential stored in the wallet.

Parameters:	credential_id – Credential id to retrieve

get_mime_type(credential_id: str, attr: str = None) → Union[dict, str][source]¶

Get MIME type per attribute (or for all attributes).

Parameters:	credential_id – credential id attr – attribute of interest or omit for all

Returns: Attribute MIME type or dict mapping attribute names to MIME types: attr_meta_json = all_meta.tags.get(attr)

store_credential(credential_definition: dict, credential_data: dict, credential_request_metadata: dict, credential_attr_mime_types=None, credential_id: str = None, rev_reg_def: dict = None)[source]¶

Store a credential in the wallet.

Parameters:

credential_definition – Credential definition for this credential
credential_data – Credential data generated by the issuer
credential_request_metadata – credential request metadata generated by the issuer
credential_attr_mime_types – dict mapping attribute names to (optional) MIME types to store as non-secret record, if specified
credential_id – optionally override the stored credential id
rev_reg_def – revocation registry definition in json

Returns:

the ID of the stored credential

exception aries_cloudagent.indy.holder.IndyHolderError(*args, error_code: str = None, **kwargs)[source]¶

Bases: aries_cloudagent.core.error.BaseError

Base class for holder exceptions.

aries_cloudagent.indy.issuer module¶

Base Indy Issuer class.

class aries_cloudagent.indy.issuer.IndyIssuer[source]¶

Bases: abc.ABC

Base class for Indy Issuer.

create_and_store_credential_definition(origin_did: str, schema: dict, signature_type: str = None, tag: str = None, support_revocation: bool = False) → Tuple[str, str][source]¶

Create a new credential definition and store it in the wallet.

Parameters:	origin_did – the DID issuing the credential definition schema_json – the schema used as a basis signature_type – the credential definition signature type (default ‘CL’) tag – the credential definition tag support_revocation – whether to enable revocation for this credential def
Returns:	A tuple of the credential definition ID and JSON

create_and_store_revocation_registry(origin_did: str, cred_def_id: str, revoc_def_type: str, tag: str, max_cred_num: int, tails_base_path: str) → Tuple[str, str, str][source]¶

Create a new revocation registry and store it in the wallet.

Parameters:	origin_did – the DID issuing the revocation registry cred_def_id – the identifier of the related credential definition revoc_def_type – the revocation registry type (default CL_ACCUM) tag – the unique revocation registry tag max_cred_num – the number of credentials supported in the registry tails_base_path – where to store the tails file
Returns:	A tuple of the revocation registry ID, JSON, and entry JSON

create_credential(schema: dict, credential_offer: dict, credential_request: dict, credential_values: dict, cred_ex_id: str, revoc_reg_id: str = None, tails_file_path: str = None) → Tuple[str, str][source]¶

Create a credential.

Args: schema: Schema to create credential for credential_offer: Credential Offer to create credential for credential_request: Credential request to create credential for credential_values: Values to go in credential cred_ex_id: credential exchange identifier to use in issuer cred rev rec revoc_reg_id: ID of the revocation registry tails_file_path: The location of the tails file

Returns:	A tuple of created credential and revocation id

create_credential_offer(credential_definition_id) → str[source]¶

Create a credential offer for the given credential definition id.

Parameters:	credential_definition_id – The credential definition to create an offer for
Returns:	The created credential offer

create_schema(origin_did: str, schema_name: str, schema_version: str, attribute_names: Sequence[str]) → Tuple[str, str][source]¶

Create a new credential schema and store it in the wallet.

Parameters:	origin_did – the DID issuing the credential definition schema_name – the schema name schema_version – the schema version attribute_names – a sequence of schema attribute names
Returns:	A tuple of the schema ID and JSON

credential_definition_in_wallet(credential_definition_id: str) → bool[source]¶

Check whether a given credential definition ID is present in the wallet.

Parameters:	credential_definition_id – The credential definition ID to check

make_credential_definition_id(origin_did: str, schema: dict, signature_type: str = None, tag: str = None) → str[source]¶: Derive the ID for a credential definition.

make_schema_id(origin_did: str, schema_name: str, schema_version: str) → str[source]¶: Derive the ID for a schema.

merge_revocation_registry_deltas(fro_delta: str, to_delta: str) → str[source]¶

Merge revocation registry deltas.

Parameters:	fro_delta – original delta in JSON format to_delta – incoming delta in JSON format
Returns:	Merged delta in JSON format

revoke_credentials(revoc_reg_id: str, tails_file_path: str, cred_rev_ids: Sequence[str]) -> (<class 'str'>, typing.Sequence[str])[source]¶

Revoke a set of credentials in a revocation registry.

Parameters:	revoc_reg_id – ID of the revocation registry tails_file_path – path to the local tails file cred_rev_ids – sequences of credential indexes in the revocation registry
Returns:	Tuple with the combined revocation delta, list of cred rev ids not revoked

exception aries_cloudagent.indy.issuer.IndyIssuerError(*args, error_code: str = None, **kwargs)[source]¶

Bases: aries_cloudagent.core.error.BaseError

Generic issuer error.

exception aries_cloudagent.indy.issuer.IndyIssuerRevocationRegistryFullError(*args, error_code: str = None, **kwargs)[source]¶

Bases: aries_cloudagent.indy.issuer.IndyIssuerError

Revocation registry is full when issuing a new credential.

aries_cloudagent.indy.util module¶

Utilities for dealing with Indy conventions.

aries_cloudagent.indy.util.generate_pr_nonce() → str[source]¶: Generate a nonce for a proof request.

aries_cloudagent.indy.util.indy_client_dir(subpath: str = None, create: bool = False) → str[source]¶

Return ‘/’-terminated subdirectory of indy-client directory.

Parameters:	subpath – subpath within indy-client structure create – whether to create subdirectory if absent

aries_cloudagent.indy.util.tails_path(rev_reg_id: str) → str[source]¶: Return path to indy tails file for input rev reg id.

aries_cloudagent.indy.verifier module¶

Base Indy Verifier class.

class aries_cloudagent.indy.verifier.IndyVerifier[source]¶

Bases: abc.ABC

Base class for Indy Verifier.

check_timestamps(ledger: aries_cloudagent.ledger.base.BaseLedger, pres_req: Mapping[KT, VT_co], pres: Mapping[KT, VT_co], rev_reg_defs: Mapping[KT, VT_co])[source]¶

Check for suspicious, missing, and superfluous timestamps.

Raises ValueError on timestamp in the future, prior to rev reg creation, superfluous or missing.

Parameters:	ledger – the base ledger for retrieving revocation registry definitions pres_req – indy proof request pres – indy proof request rev_reg_defs – rev reg defs by rev reg id, augmented with transaction times

non_revoc_intervals(pres_req: dict, pres: dict)[source]¶

Remove superfluous non-revocation intervals in presentation request.

Irrevocable credentials constitute proof of non-revocation, but indy rejects proof requests with non-revocation intervals lining up with non-revocable credentials in proof: seek and remove.

Parameters:	pres_req – presentation request pres – corresponding presentation

pre_verify(pres_req: dict, pres: dict)[source]¶

Check for essential components and tampering in presentation.

Visit encoded attribute values against raw, and predicate bounds, in presentation, cross-reference against presentation request.

Parameters:	pres_req – presentation request pres – corresponding presentation

verify_presentation(presentation_request, presentation, schemas, credential_definitions, rev_reg_defs, rev_reg_entries)[source]¶

Verify a presentation.

Parameters:	presentation_request – Presentation request data presentation – Presentation data schemas – Schema data credential_definitions – credential definition data rev_reg_defs – revocation registry definitions rev_reg_entries – revocation registry entries