aries_cloudagent.wallet package
Abstract and Indy wallet handling.
Subpackages
Submodules
aries_cloudagent.wallet.askar module
aries_cloudagent.wallet.base module
Wallet base class.
- class aries_cloudagent.wallet.base.BaseWallet[source]
Bases:
abc.ABC
Abstract wallet interface.
- abstract async create_local_did(method: aries_cloudagent.wallet.did_method.DIDMethod, key_type: aries_cloudagent.wallet.key_type.KeyType, seed: Optional[str] = None, did: Optional[str] = None, metadata: Optional[dict] = None) aries_cloudagent.wallet.did_info.DIDInfo [source]
Create and store a new local DID.
- Parameters
method – The method to use for the DID
key_type – The key type to use for the DID
seed – Optional seed to use for DID
did – The DID to use
metadata – Metadata to store with DID
- Returns
The created DIDInfo
- async create_public_did(method: aries_cloudagent.wallet.did_method.DIDMethod, key_type: aries_cloudagent.wallet.key_type.KeyType, seed: Optional[str] = None, did: Optional[str] = None, metadata: dict = {}) aries_cloudagent.wallet.did_info.DIDInfo [source]
Create and store a new public DID.
- Parameters
seed – Optional seed to use for DID
did – The DID to use
metadata – Metadata to store with DID
- Returns
The created DIDInfo
- abstract async create_signing_key(key_type: aries_cloudagent.wallet.key_type.KeyType, seed: Optional[str] = None, metadata: Optional[dict] = None) aries_cloudagent.wallet.did_info.KeyInfo [source]
Create a new public/private signing keypair.
- Parameters
key_type – Key type to create
seed – Optional seed allowing deterministic key creation
metadata – Optional metadata to store with the keypair
- Returns
A KeyInfo representing the new record
- abstract async get_local_did(did: str) aries_cloudagent.wallet.did_info.DIDInfo [source]
Find info for a local DID.
- Parameters
did – The DID for which to get info
- Returns
A DIDInfo instance for the DID
- abstract async get_local_did_for_verkey(verkey: str) aries_cloudagent.wallet.did_info.DIDInfo [source]
Resolve a local DID from a verkey.
- Parameters
verkey – Verkey for which to get DID info
- Returns
A DIDInfo instance for the DID
- abstract async get_local_dids() Sequence[aries_cloudagent.wallet.did_info.DIDInfo] [source]
Get list of defined local DIDs.
- Returns
A list of DIDInfo instances
- async get_posted_dids() Sequence[aries_cloudagent.wallet.did_info.DIDInfo] [source]
Get list of defined posted DIDs.
- Returns
A list of DIDInfo instances
- abstract async get_public_did() aries_cloudagent.wallet.did_info.DIDInfo [source]
Retrieve the public DID.
- Returns
The currently public DIDInfo, if any
- abstract async get_signing_key(verkey: str) aries_cloudagent.wallet.did_info.KeyInfo [source]
Fetch info for a signing keypair.
- Parameters
verkey – The verification key of the keypair
- Returns
A KeyInfo representing the keypair
- abstract async pack_message(message: str, to_verkeys: Sequence[str], from_verkey: Optional[str] = None) bytes [source]
Pack a message for one or more recipients.
- Parameters
message – The message to pack
to_verkeys – The verkeys to pack the message for
from_verkey – The sender verkey
- Returns
The packed message
- abstract async replace_local_did_metadata(did: str, metadata: dict)[source]
Replace the metadata associated with a local DID.
Prefer set_did_endpoint() to set endpoint in metadata.
- Parameters
did – DID for which to replace metadata
metadata – The new metadata
- abstract async replace_signing_key_metadata(verkey: str, metadata: dict)[source]
Replace the metadata associated with a signing keypair.
- Parameters
verkey – The verification key of the keypair
metadata – The new metadata to store
- abstract async rotate_did_keypair_apply(did: str) None [source]
Apply temporary keypair as main for DID that wallet owns.
- Parameters
did – signing DID
- Raises
WalletNotFoundError – if wallet does not own DID
WalletError – if wallet has not started key rotation
- abstract async rotate_did_keypair_start(did: str, next_seed: Optional[str] = None) str [source]
Begin key rotation for DID that wallet owns: generate new keypair.
- Parameters
did – signing DID
next_seed – seed for incoming ed25519 key pair (default random)
- Returns
The new verification key
- Raises
WalletNotFoundError – if wallet does not own DID
- async set_did_endpoint(did: str, endpoint: str, _ledger: aries_cloudagent.ledger.base.BaseLedger, endpoint_type: Optional[aries_cloudagent.ledger.endpoint_type.EndpointType] = None, write_ledger: bool = True, endorser_did: Optional[str] = None)[source]
Update the endpoint for a DID in the wallet, send to ledger if public or posted.
- Parameters
did – DID for which to set endpoint
endpoint – the endpoint to set, None to clear
ledger – the ledger to which to send endpoint update if DID is public or posted
endpoint_type – the type of the endpoint/service. Only endpoint_type ‘endpoint’ affects local wallet
- abstract async set_public_did(did: Union[str, aries_cloudagent.wallet.did_info.DIDInfo]) aries_cloudagent.wallet.did_info.DIDInfo [source]
Assign the public DID.
- Returns
The updated DIDInfo
- abstract async sign_message(message: Union[List[bytes], bytes], from_verkey: str) bytes [source]
Sign message(s) using the private key associated with a given verkey.
- Parameters
message – The message(s) to sign
from_verkey – Sign using the private key related to this verkey
- Returns
The signature
- abstract async unpack_message(enc_message: bytes) Tuple[str, str, str] [source]
Unpack a message.
- Parameters
enc_message – The encrypted message
- Returns
(message, from_verkey, to_verkey)
- Return type
A tuple
- abstract async verify_message(message: Union[List[bytes], bytes], signature: bytes, from_verkey: str, key_type: aries_cloudagent.wallet.key_type.KeyType) bool [source]
Verify a signature against the public key of the signer.
- Parameters
message – The message to verify
signature – The signature to verify
from_verkey – Verkey to use in verification
key_type – The key type to derive the signature verification algorithm from
- Returns
True if verified, else False
aries_cloudagent.wallet.bbs module
BBS+ crypto.
- exception aries_cloudagent.wallet.bbs.BbsException(*args, error_code: Optional[str] = None, **kwargs)[source]
Bases:
aries_cloudagent.core.error.BaseError
Base BBS exception.
- aries_cloudagent.wallet.bbs.create_bls12381g2_keypair(seed: Optional[bytes] = None) Tuple[bytes, bytes] [source]
Create a public and private bls12381g2 keypair from a seed value.
- Parameters
seed – Seed for keypair
- Returns
A tuple of (public key, secret key)
- aries_cloudagent.wallet.bbs.sign_messages_bls12381g2(messages: List[bytes], secret: bytes)[source]
Sign messages using a bls12381g2 private signing key.
- aries_cloudagent.wallet.bbs.verify_signed_messages_bls12381g2(messages: List[bytes], signature: bytes, public_key: bytes) bool [source]
Verify an ed25519 signed message according to a public verification key.
- Parameters
signed – The signed messages
public_key – The public key to use in verification
- Returns
True if verified, else False
aries_cloudagent.wallet.crypto module
aries_cloudagent.wallet.did_info module
KeyInfo, DIDInfo.
- class aries_cloudagent.wallet.did_info.DIDInfo(did, verkey, metadata, method, key_type)
Bases:
tuple
- property did
Alias for field number 0
- property key_type
Alias for field number 4
- property metadata
Alias for field number 2
- property method
Alias for field number 3
- property verkey
Alias for field number 1
aries_cloudagent.wallet.did_method module
Did method enum.
- class aries_cloudagent.wallet.did_method.DIDMethod(value)[source]
Bases:
enum.Enum
DID Method class specifying DID methods with supported key types.
- KEY = DIDMethodSpec(method_name='key', supported_key_types=[<KeyType.ED25519: KeySpec(key_type='ed25519', multicodec_name='ed25519-pub', multicodec_prefix=b'\xed\x01')>, <KeyType.BLS12381G2: KeySpec(key_type='bls12381g2', multicodec_name='bls12_381-g2-pub', multicodec_prefix=b'\xeb\x01')>], supports_rotation=False)
- SOV = DIDMethodSpec(method_name='sov', supported_key_types=[<KeyType.ED25519: KeySpec(key_type='ed25519', multicodec_name='ed25519-pub', multicodec_prefix=b'\xed\x01')>], supports_rotation=True)
- classmethod from_did(did: str) aries_cloudagent.wallet.did_method.DIDMethod [source]
Get DID method instance from the method name.
- classmethod from_metadata(metadata: Mapping) aries_cloudagent.wallet.did_method.DIDMethod [source]
Get DID method instance from metadata object.
Returns SOV if no metadata was found for backwards compatability.
- classmethod from_method(method: str) Optional[aries_cloudagent.wallet.did_method.DIDMethod] [source]
Get DID method instance from the method name.
- property supported_key_types: List[aries_cloudagent.wallet.key_type.KeyType]
Getter for supported key types of method.
- supports_key_type(key_type: aries_cloudagent.wallet.key_type.KeyType) bool [source]
Check whether the current method supports the key type.
aries_cloudagent.wallet.did_posture module
Ledger utilities.
- class aries_cloudagent.wallet.did_posture.DIDPosture(value)[source]
Bases:
enum.Enum
Enum for DID postures: public, posted but not public, or in wallet only.
- POSTED = DIDPostureSpec(moniker='posted', ordinal=1, public=False, posted=True)
- PUBLIC = DIDPostureSpec(moniker='public', ordinal=0, public=True, posted=True)
- WALLET_ONLY = DIDPostureSpec(moniker='wallet_only', ordinal=2, public=False, posted=False)
- static get(posture: Union[str, Mapping]) aries_cloudagent.wallet.did_posture.DIDPosture [source]
Return enum instance corresponding to input string or DID metadata.
- property metadata: Mapping
DID metadata for DID posture.
- property ordinal: Mapping
public first, then posted and wallet-only.
- Type
Ordinal for presentation
aries_cloudagent.wallet.error module
Wallet-related exceptions.
- exception aries_cloudagent.wallet.error.WalletDuplicateError(*args, error_code: Optional[str] = None, **kwargs)[source]
Bases:
aries_cloudagent.wallet.error.WalletError
Duplicate record exception.
- exception aries_cloudagent.wallet.error.WalletError(*args, error_code: Optional[str] = None, **kwargs)[source]
Bases:
aries_cloudagent.core.error.BaseError
General wallet exception.
- exception aries_cloudagent.wallet.error.WalletNotFoundError(*args, error_code: Optional[str] = None, **kwargs)[source]
Bases:
aries_cloudagent.wallet.error.WalletError
Record not found exception.
- exception aries_cloudagent.wallet.error.WalletSettingsError(*args, error_code: Optional[str] = None, **kwargs)[source]
Bases:
aries_cloudagent.wallet.error.WalletError
Invalid settings exception.
aries_cloudagent.wallet.in_memory module
aries_cloudagent.wallet.indy module
aries_cloudagent.wallet.key_pair module
Key pair storage manager.
- class aries_cloudagent.wallet.key_pair.KeyPairStorageManager(store: aries_cloudagent.storage.base.BaseStorage)[source]
Bases:
object
Key pair storage manager.
- async delete_key_pair(verkey: str)[source]
Remove a previously-stored key pair record.
- Raises
StorageNotFoundError – If the record is not found
- async find_key_pairs(tag_query: Optional[Mapping] = None) List[dict] [source]
Find key pairs by tag query.
- async get_key_pair(verkey: str) dict [source]
Retrieve signing key pair from storage by verkey.
- Parameters
storage (BaseStorage) – The storage to use for querying
verkey (str) – The verkey to query for
- Raises
StorageDuplicateError – If more than one key pair is found for this verkey
StorageNotFoundError – If no key pair is found for this verkey
- Returns
dict: The key pair data
aries_cloudagent.wallet.key_type module
Key type enum.
- class aries_cloudagent.wallet.key_type.KeySpec(key_type, multicodec_name, multicodec_prefix)
Bases:
tuple
- property key_type
Alias for field number 0
- property multicodec_name
Alias for field number 1
- property multicodec_prefix
Alias for field number 2
- class aries_cloudagent.wallet.key_type.KeyType(value)[source]
Bases:
enum.Enum
KeyType Enum specifying key types with multicodec name.
- BLS12381G1 = KeySpec(key_type='bls12381g1', multicodec_name='bls12_381-g1-pub', multicodec_prefix=b'\xea\x01')
- BLS12381G1G2 = KeySpec(key_type='bls12381g1g2', multicodec_name='bls12_381-g1g2-pub', multicodec_prefix=b'\xee\x01')
- BLS12381G2 = KeySpec(key_type='bls12381g2', multicodec_name='bls12_381-g2-pub', multicodec_prefix=b'\xeb\x01')
- ED25519 = KeySpec(key_type='ed25519', multicodec_name='ed25519-pub', multicodec_prefix=b'\xed\x01')
- X25519 = KeySpec(key_type='x25519', multicodec_name='x25519-pub', multicodec_prefix=b'\xec\x01')
- classmethod from_key_type(key_type: str) Optional[aries_cloudagent.wallet.key_type.KeyType] [source]
Get KeyType instance from the key type identifier.
- classmethod from_multicodec_name(multicodec_name: str) Optional[aries_cloudagent.wallet.key_type.KeyType] [source]
Get KeyType instance based on multicodec name. Returns None if not found.
- classmethod from_multicodec_prefix(multicodec_prefix: bytes) Optional[aries_cloudagent.wallet.key_type.KeyType] [source]
Get KeyType instance based on multicodec prefix. Returns None if not found.
- classmethod from_prefixed_bytes(prefixed_bytes: bytes) Optional[aries_cloudagent.wallet.key_type.KeyType] [source]
Get KeyType instance based on prefix in bytes. Returns None if not found.
- exception aries_cloudagent.wallet.key_type.KeyTypeException[source]
Bases:
BaseException
Key type exception.
aries_cloudagent.wallet.routes module
aries_cloudagent.wallet.util module
Wallet utility functions.
- aries_cloudagent.wallet.util.abbr_verkey(full_verkey: str, did: Optional[str] = None) str [source]
Given a full verkey and DID, return the abbreviated verkey.
- aries_cloudagent.wallet.util.b58_to_bytes(val: str) bytes [source]
Convert a base 58 string to bytes.
- aries_cloudagent.wallet.util.b64_to_bytes(val: str, urlsafe=False) bytes [source]
Convert a base 64 string to bytes.
- aries_cloudagent.wallet.util.b64_to_str(val: str, urlsafe=False, encoding=None) str [source]
Convert a base 64 string to string on input encoding (default utf-8).
- aries_cloudagent.wallet.util.bytes_to_b58(val: bytes) str [source]
Convert a byte string to base 58.
- aries_cloudagent.wallet.util.bytes_to_b64(val: bytes, urlsafe=False, pad=True, encoding: str = 'ascii') str [source]
Convert a byte string to base 64.
- aries_cloudagent.wallet.util.default_did_from_verkey(verkey: str) str [source]
Given a verkey, return the default indy did.
By default the did is the first 16 bytes of the verkey.
- aries_cloudagent.wallet.util.full_verkey(did: str, abbr_verkey: str) str [source]
Given a DID and abbreviated verkey, return the full verkey.
- async aries_cloudagent.wallet.util.notify_endorse_did_attrib_event(profile: aries_cloudagent.core.profile.Profile, did: str, meta_data: dict)[source]
Send notification for a DID ATTRIB post-process event.
- async aries_cloudagent.wallet.util.notify_endorse_did_event(profile: aries_cloudagent.core.profile.Profile, did: str, meta_data: dict)[source]
Send notification for a DID post-process event.
- aries_cloudagent.wallet.util.pad(val: str) str [source]
Pad base64 values if need be: JWT calls to omit trailing padding.
- aries_cloudagent.wallet.util.random_seed() bytes [source]
Generate a random seed value.
- Returns
A new random seed
- aries_cloudagent.wallet.util.set_urlsafe_b64(val: str, urlsafe: bool = True) str [source]
Set URL safety in base64 encoding.