wallet

package
v0.3.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 9, 2023 License: Apache-2.0 Imports: 63 Imported by: 11

Documentation

Overview

nolint

Index

Constants

View Source 
const (
	Ed25519VerificationKey2018 = "ed25519verificationkey2018"
	Bls12381G1Key2020          = "bls12381g1key2020"
)

supported key types for import key base58 (all constants defined in lower case).

View Source 
const (
	// ExternalJWTProofFormat indicates that a credential or presentation should be signed with an external JWT proof.
	ExternalJWTProofFormat = "ExternalJWTProofFormat"
	// EmbeddedLDProofFormat indicates that a credential or presentation should be signed with an embedded LD proof.
	EmbeddedLDProofFormat = "EmbeddedLDProofFormat"
)
View Source 
const (
	// Ed25519Signature2018 ed25519 signature suite.
	Ed25519Signature2018 = "Ed25519Signature2018"
	// JSONWebSignature2020 json web signature suite.
	JSONWebSignature2020 = "JsonWebSignature2020"
	// BbsBlsSignature2020 BBS signature suite.
	BbsBlsSignature2020 = "BbsBlsSignature2020"
)

Proof types.

Variables

View Source 
var (
	// ErrAlreadyUnlocked error when key manager is already created for a given user.
	ErrAlreadyUnlocked = errors.New("wallet already unlocked")

	// ErrWalletLocked when key manager operation is attempted without unlocking wallet.
	ErrWalletLocked = errors.New("wallet locked")
)

errors.

View Source 
var ErrInvalidAuthToken = errors.New("invalid auth token")

ErrInvalidAuthToken when auth token provided to wallet is unable to unlock key manager.

View Source 
var ErrProfileNotFound = errors.New("profile does not exist")

ErrProfileNotFound error for wallet profile not found scenario.

View Source 
var (
	// ErrQueryNoResultFound error when no records found from query.
	ErrQueryNoResultFound = errors.New("no result found")
)

Query errors.

Functions

func CreateDataVaultKeyPairs 

func CreateDataVaultKeyPairs(userID string, ctx provider, options ...UnlockOptions) error

CreateDataVaultKeyPairs can be used create EDV key pairs for given profile. Wallet will create key pairs in profile kms and updates profile with newly generate EDV encryption & MAC key IDs.

func CreateProfile 

func CreateProfile(userID string, ctx provider, options ...ProfileOptions) error

CreateProfile creates a new verifiable credential wallet profile for given user. returns error if wallet profile is already created. Use `UpdateProfile()` for replacing an already created verifiable credential wallet profile.

func ProfileExists 

func ProfileExists(userID string, ctx provider) error

ProfileExists checks if profile exists for given wallet user, returns error if not found.

func UpdateProfile 

func UpdateProfile(userID string, ctx provider, options ...ProfileOptions) error

UpdateProfile updates existing verifiable credential wallet profile. Caution: - you might lose your existing keys if you change kms options. - you might lose your existing wallet contents if you change storage/EDV options (ex: switching context storage provider or changing EDV settings).

Types

type AddContentOptions 

type AddContentOptions func(opts *addContentOpts)

AddContentOptions is option for adding contents to wallet.

func AddByCollection 

func AddByCollection(collectionID string) AddContentOptions

AddByCollection option for grouping wallet contents by collection ID.

func ValidateContent added in v0.1.9 

func ValidateContent() AddContentOptions

ValidateContent enables data model validations of adding content.

type ConcludeInteractionOptions added in v0.1.8 

type ConcludeInteractionOptions func(opts *concludeInteractionOpts)

ConcludeInteractionOptions is option to conclude credential interaction between wallet and verifier/issuer by sending present proof or request credential message.

func FromPresentation 

func FromPresentation(presentation *verifiable.Presentation) ConcludeInteractionOptions

FromPresentation for sending aries verifiable presentation as message attachment.

func FromRawPresentation 

func FromRawPresentation(raw json.RawMessage) ConcludeInteractionOptions

FromRawPresentation for sending raw JSON as presentation as message attachment.

func WaitForDone added in v0.1.8 

func WaitForDone(timeout time.Duration) ConcludeInteractionOptions

WaitForDone if provided then wallet will wait for credential interaction protocol status to be done or abandoned till given timeout. If used then wallet will wait for acknowledgement or problem report from other party and also will return web redirect info if found in incoming message. If timeout is zero then wallet will use its default timeout.

type ConnectOptions 

type ConnectOptions func(opts *connectOpts)

ConnectOptions options for accepting incoming out-of-band invitation and connecting.

func WithConnectTimeout 

func WithConnectTimeout(timeout time.Duration) ConnectOptions

WithConnectTimeout option providing connect timeout, to wait for connection status to be 'completed'.

func WithMyLabel 

func WithMyLabel(label string) ConnectOptions

WithMyLabel option for providing label to be shared with the other agent during the subsequent did-exchange.

func WithReuseAnyConnection 

func WithReuseAnyConnection(reuse bool) ConnectOptions

WithReuseAnyConnection option to use any recognized DID in the services array for a reusable connection.

func WithReuseDID 

func WithReuseDID(did string) ConnectOptions

WithReuseDID option to provide DID to be used when reusing a connection.

func WithRouterConnections 

func WithRouterConnections(conns ...string) ConnectOptions

WithRouterConnections option to provide for router connections to be used.

type ContentType 

type ContentType string

ContentType is wallet content type. 

const (
	// Collection content type which can be used to group wallet contents together.
	// https://w3c-ccg.github.io/universal-wallet-interop-spec/#Collection
	Collection ContentType = "collection"

	// Credential content type for handling credential data models.
	// https://w3c-ccg.github.io/universal-wallet-interop-spec/#Credential
	Credential ContentType = "credential"

	// DIDResolutionResponse content type for handling DID document data models.
	// https://w3c-ccg.github.io/universal-wallet-interop-spec/#DIDResolutionResponse
	DIDResolutionResponse ContentType = "didResolutionResponse"

	// Metadata content type for handling wallet metadata data models.
	// https://w3c-ccg.github.io/universal-wallet-interop-spec/#meta-data
	Metadata ContentType = "metadata"

	// Connection content type for handling wallet connection data models.
	// https://w3c-ccg.github.io/universal-wallet-interop-spec/#connection
	Connection ContentType = "connection"

	// Key content type for handling key data models.
	// https://w3c-ccg.github.io/universal-wallet-interop-spec/#Key
	Key ContentType = "key"
)

func (ContentType) IsValid 

func (ct ContentType) IsValid() error

IsValid checks if underlying content type is supported.

func (ContentType) Name 

func (ct ContentType) Name() string

Name of the content type.

type CredentialInteractionStatus added in v0.1.8 

type CredentialInteractionStatus struct {
	// One of the status present proof or issue credential interaction
	// Refer https://github.com/hyperledger/aries-rfcs/blob/main/features/0015-acks/README.md#ack-status.
	Status string `json:"status"`
	// Optional web redirect URL info sent by verifier.
	RedirectURL string `json:"url,omitempty"`
}

CredentialInteractionStatus holds the status of credential share/issuance interaction from wallet. Typically holds web redirect info of credential interaction conclusion or problem-report.

type CredentialToDerive 

type CredentialToDerive func(opts *deriveOpts)

CredentialToDerive is credential option for deriving a credential from wallet.

func FromCredential 

func FromCredential(cred *verifiable.Credential) CredentialToDerive

FromCredential option for deriving credential from a credential instance.

func FromRawCredential 

func FromRawCredential(raw json.RawMessage) CredentialToDerive

FromRawCredential for deriving credential from raw credential bytes.

func FromStoredCredential 

func FromStoredCredential(id string) CredentialToDerive

FromStoredCredential for deriving credential from stored credential.

type DeriveOptions 

type DeriveOptions struct {
	// Frame is JSON-LD frame used for selective disclosure.
	Frame map[string]interface{} `json:"frame,omitempty"`
	// Nonce to prove uniqueness or freshness of the proof.
	Nonce string `json:"nonce,omitempty"`
}

DeriveOptions model containing options for deriving a credential.

type DidComm added in v0.1.9 

type DidComm struct {
	// contains filtered or unexported fields
}

DidComm enables access to verifiable credential wallet features.

func NewDidComm added in v0.1.9 

func NewDidComm(wallet *Wallet, ctx combinedDidCommWalletProvider) (*DidComm, error)

NewDidComm returns new verifiable credential wallet for given user. returns error if wallet profile is not found. To create a new wallet profile, use `CreateProfile()`. To update an existing profile, use `UpdateProfile()`.

func (*DidComm) Connect added in v0.1.9 

func (c *DidComm) Connect(authToken string, invitation *outofband.Invitation, options ...ConnectOptions) (string, error)

Connect accepts out-of-band invitations and performs DID exchange.

Args:

  • authToken: authorization for performing create key pair operation.
  • invitation: out-of-band invitation.
  • options: connection options.

Returns:

  • connection ID if DID exchange is successful.
  • error if operation false.

func (*DidComm) PresentProof added in v0.1.9 

func (c *DidComm) PresentProof(authToken, thID string, options ...ConcludeInteractionOptions) (*CredentialInteractionStatus, error)

PresentProof sends message present proof message from wallet to relying party. https://w3c-ccg.github.io/universal-wallet-interop-spec/#presentproof

Currently Supporting [0454-present-proof-v2](https://github.com/hyperledger/aries-rfcs/tree/master/features/0454-present-proof-v2)

Args:

  • authToken: authorization for performing operation.
  • thID: thread ID (action ID) of request presentation.
  • presentProofFrom: presentation to be sent.

Returns:

  • Credential interaction status containing status, redirectURL.
  • error if operation fails.

func (*DidComm) ProposeCredential added in v0.1.9 

func (c *DidComm) ProposeCredential(authToken string, invitation *GenericInvitation, options ...InitiateInteractionOption) (*service.DIDCommMsgMap, error)

ProposeCredential sends propose credential message from wallet to issuer. https://w3c-ccg.github.io/universal-wallet-interop-spec/#proposecredential

Currently Supporting : 0453-issueCredentialV2 https://github.com/hyperledger/aries-rfcs/blob/main/features/0453-issue-credential-v2/README.md

Args:

  • authToken: authorization for performing operation.
  • invitation: out-of-band invitation from issuer.
  • options: options for accepting invitation and send propose credential message.

Returns:

  • DIDCommMsgMap containing offer credential message if operation is successful.
  • error if operation fails.

func (*DidComm) ProposePresentation added in v0.1.9 

func (c *DidComm) ProposePresentation(authToken string, invitation *GenericInvitation, options ...InitiateInteractionOption) (*service.DIDCommMsgMap, error)

ProposePresentation accepts out-of-band invitation and sends message proposing presentation from wallet to relying party. https://w3c-ccg.github.io/universal-wallet-interop-spec/#proposepresentation

Currently Supporting [0454-present-proof-v2](https://github.com/hyperledger/aries-rfcs/tree/master/features/0454-present-proof-v2)

Args:

  • authToken: authorization for performing operation.
  • invitation: out-of-band invitation from relying party.
  • options: options for accepting invitation and send propose presentation message.

Returns:

  • DIDCommMsgMap containing request presentation message if operation is successful.
  • error if operation fails.

func (*DidComm) RequestCredential added in v0.1.9 

func (c *DidComm) RequestCredential(authToken, thID string, options ...ConcludeInteractionOptions) (*CredentialInteractionStatus, error)

RequestCredential sends request credential message from wallet to issuer and optionally waits for credential response. https://w3c-ccg.github.io/universal-wallet-interop-spec/#requestcredential

Currently Supporting : 0453-issueCredentialV2 https://github.com/hyperledger/aries-rfcs/blob/main/features/0453-issue-credential-v2/README.md

Args:

  • authToken: authorization for performing operation.
  • thID: thread ID (action ID) of offer credential message previously received.
  • concludeInteractionOptions: options to conclude interaction like presentation to be shared etc.

Returns:

  • Credential interaction status containing status, redirectURL.
  • error if operation fails.

type ExampleDefinition 

type ExampleDefinition struct {
	Context           []string                  `json:"@context"`
	Type              interface{}               `json:"type"`
	CredentialSubject map[string]string         `json:"credentialSubject"`
	CredentialSchema  map[string]string         `json:"credentialSchema"`
	TrustedIssuer     []TrustedIssuerDefinition `json:"trustedIssuer"`
	IssuerQuery       map[string]interface{}    `json:"issuerQuery"`
}

ExampleDefinition frame for QueryByExample. Refer - https://w3c-ccg.github.io/vp-request-spec/#example-2-a-query-by-example-query TODO currently `IssuerQuery` is ignored.

type GenericInvitation added in v0.1.8 

type GenericInvitation struct {
	ID        string                        `json:"id"`
	Type      string                        `json:"type"`
	From      string                        `json:"from,omitempty"`
	Label     string                        `json:"label,omitempty"`
	Goal      string                        `json:"goal,omitempty"`
	GoalCode  string                        `json:"goal_code,omitempty"`
	Services  []interface{}                 `json:"services"`
	Accept    []string                      `json:"accept,omitempty"`
	Protocols []string                      `json:"handshake_protocols,omitempty"`
	Requests  []decorator.GenericAttachment `json:"attachments,omitempty"`
	// contains filtered or unexported fields
}

GenericInvitation holds either a DIDComm V1 or V2 invitation.

func (*GenericInvitation) AsV1 added in v0.1.8 

func (gi *GenericInvitation) AsV1() *oobsvc.Invitation

AsV1 returns this invitation as an OOB V1 invitation.

func (*GenericInvitation) AsV2 added in v0.1.8 

func (gi *GenericInvitation) AsV2() *oobv2.Invitation

AsV2 returns this invitation as an OOB V2 invitation.

func (*GenericInvitation) MarshalJSON added in v0.1.8 

func (gi *GenericInvitation) MarshalJSON() ([]byte, error)

MarshalJSON implements json.Marshaler interface.

func (*GenericInvitation) UnmarshalJSON added in v0.1.8 

func (gi *GenericInvitation) UnmarshalJSON(data []byte) error

UnmarshalJSON implements json.Unmarshaler interface.

func (*GenericInvitation) Version added in v0.1.8 

func (gi *GenericInvitation) Version() service.Version

Version returns the DIDComm version of this OOB invitation.

type GetAllContentsOptions 

type GetAllContentsOptions func(opts *getAllContentsOpts)

GetAllContentsOptions is option for getting all contents from wallet.

func FilterByCollection 

func FilterByCollection(collectionID string) GetAllContentsOptions

FilterByCollection option for getting all contents by collection from wallet.

type InitiateInteractionOption added in v0.1.8 

type InitiateInteractionOption func(opts *initiateInteractionOpts)

InitiateInteractionOption options for initiating credential interaction by proposing presentation/credential from wallet.

func WithConnectOptions 

func WithConnectOptions(options ...ConnectOptions) InitiateInteractionOption

WithConnectOptions for customizing options for accepting invitation.

func WithFromDID 

func WithFromDID(from string) InitiateInteractionOption

WithFromDID option for providing customized from DID for sending propose message.

func WithInitiateTimeout added in v0.1.8 

func WithInitiateTimeout(timeout time.Duration) InitiateInteractionOption

WithInitiateTimeout to provide timeout duration to wait for response for propose message.

type KeyPair 

type KeyPair struct {
	// base64 encoded key ID of the key created.
	KeyID string `json:"keyID,omitempty"`
	// base64 encoded public key of the key pair created.
	PublicKey string `json:"publicKey,omitempty"`
}

KeyPair is response of creating key pair inside wallet.

type ProfileOptions 

type ProfileOptions func(opts *profileOpts)

ProfileOptions is option for verifiable credential wallet key manager.

func WithEDVStorage 

func WithEDVStorage(url, vaultID, encryptionKID, macKID string) ProfileOptions

WithEDVStorage option, for wallet profile to use EDV as storage. If provided then all wallet contents will use EDV for storage. Note: key manager options supplied for profile creation and management will be reused for EDV operations.

func WithKeyServerURL 

func WithKeyServerURL(url string) ProfileOptions

WithKeyServerURL option, when provided then wallet will use remote kms for key operations. This option will be ignore if provided with 'WithSecretLockService' option.

func WithPassphrase 

func WithPassphrase(passphrase string) ProfileOptions

WithPassphrase option to provide passphrase for local kms for key operations.

func WithSecretLockService 

func WithSecretLockService(svc secretlock.Service) ProfileOptions

WithSecretLockService option, when provided then wallet will use local kms for key operations.

type ProofFormat added in v0.1.9 

type ProofFormat string

ProofFormat determines whether a credential or presentation should be signed with an external JWT proof (wrapping the credential to form a JWT-VC) or with an embedded LD proof.

type ProofOptions 

type ProofOptions struct {
	// Controller is a DID to be for signing. This option is required for issue/prove wallet features.
	Controller string `json:"controller,omitempty"`
	// VerificationMethod is the URI of the verificationMethod used for the proof.
	// Optional, by default Controller public key matching 'assertion' for issue or 'authentication' for prove functions.
	VerificationMethod string `json:"verificationMethod,omitempty"`
	// Created date of the proof.
	// Optional, current system time will be used.
	Created *time.Time `json:"created,omitempty"`
	// ProofFormat determines whether a credential or presentation should be signed with an external JWT proof
	// (wrapping the credential to form a JWT-VC) or with an embedded LD proof.
	//
	// Optional: If empty, defaults to EmbeddedLDProofFormat.
	ProofFormat ProofFormat `json:"proofFormat,omitempty"`
	// Domain is operational domain of a digital proof.
	// Optional, by default domain will not be part of proof.
	Domain string `json:"domain,omitempty"`
	// Challenge is a random or pseudo-random value option authentication.
	// Optional, by default challenge will not be part of proof.
	Challenge string `json:"challenge,omitempty"`
	// ProofType is signature type used for signing.
	// Optional, by default proof will be generated in Ed25519Signature2018 format.
	ProofType string `json:"proofType,omitempty"`
	// ProofRepresentation is type of proof data expected, (Refer verifiable.SignatureProofValue)
	// Optional, by default proof will be represented as 'verifiable.SignatureProofValue'.
	ProofRepresentation *verifiable.SignatureRepresentation `json:"proofRepresentation,omitempty"`
}

ProofOptions model

Options for adding JWT or linked data proofs to a verifiable credential or a verifiable presentation. To be used as options for issue/prove wallet features.

type ProveOptions 

type ProveOptions func(opts *proveOpts)

ProveOptions options for proving credential to present from wallet.

func WithCredentialsToProve 

func WithCredentialsToProve(credentials ...*verifiable.Credential) ProveOptions

WithCredentialsToProve option for providing verifiable credential instances for wallet to present.

func WithPresentationToProve 

func WithPresentationToProve(presentation *verifiable.Presentation) ProveOptions

WithPresentationToProve option for providing presentation for wallet to present. If passed along with other credentials options, response verifiable presentation will be normalized to include all the credentials.

func WithRawCredentialsToProve 

func WithRawCredentialsToProve(raw ...json.RawMessage) ProveOptions

WithRawCredentialsToProve option for providing raw credential for wallet to present.

func WithRawPresentationToProve 

func WithRawPresentationToProve(presentation json.RawMessage) ProveOptions

WithRawPresentationToProve option for providing raw presentation for wallet to present. Ignored if passed along with WithPresentationToProve option. If passed along with other credentials options, response verifiable presentation will be normalized to include all the credentials.

func WithStoredCredentialsToProve 

func WithStoredCredentialsToProve(ids ...string) ProveOptions

WithStoredCredentialsToProve option for providing stored credential IDs for wallet to present.

type Query 

type Query struct {
	// contains filtered or unexported fields
}

Query performs wallet credential queries, currently supporting all the QueryTypes defined in QueryType.

func NewQuery 

func NewQuery(pkFetcher verifiable.PublicKeyFetcher, loader ld.DocumentLoader, queries ...*QueryParams) *Query

NewQuery returns new wallet query instance.

func (*Query) PerformQuery 

func (q *Query) PerformQuery(credentials map[string]json.RawMessage) ([]*verifiable.Presentation, error)

PerformQuery performs credential query on given credentials. nolint:gocyclo

type QueryByExampleDefinition 

type QueryByExampleDefinition struct {
	Example *ExampleDefinition `json:"example"`
}

QueryByExampleDefinition is model for QueryByExample query type. https://w3c-ccg.github.io/vp-request-spec/#query-by-example

type QueryByFrameDefinition 

type QueryByFrameDefinition struct {
	Frame         map[string]interface{}    `json:"frame"`
	TrustedIssuer []TrustedIssuerDefinition `json:"trustedIssuer"`
}

QueryByFrameDefinition is model for QueryByExample query type. https://w3c-ccg.github.io/vp-request-spec/ TODO QueryByExampleDefinition model is not yet finalized - https://github.com/w3c-ccg/vp-request-spec/issues/8

type QueryParams 

type QueryParams struct {
	// Type of the query.
	// Allowed values  'QueryByExample', 'QueryByFrame', 'PresentationExchange', 'DIDAuth'
	Type string `json:"type"`

	// Query can contain one or more credential queries.
	Query []json.RawMessage `json:"credentialQuery"`
}

QueryParams contains credential queries for querying credential from wallet. Refer https://w3c-ccg.github.io/vp-request-spec/#format for more details.

type QueryType 

type QueryType int

QueryType is type of query supported by wallet implementation More details can be found here : https://w3c-ccg.github.io/universal-wallet-interop-spec/#query 

const (
	// QueryByExample https://w3c-ccg.github.io/vp-request-spec/#query-by-example
	QueryByExample QueryType = iota + 1
	// QueryByFrame https://github.com/w3c-ccg/vp-request-spec/issues/8
	QueryByFrame
	// PresentationExchange https://identity.foundation/presentation-exchange/
	PresentationExchange
	// DIDAuth https://w3c-ccg.github.io/vp-request-spec/#did-authentication-request
	DIDAuth
)

func GetQueryType 

func GetQueryType(name string) (QueryType, error)

GetQueryType returns QueryType instance for given string query type.

func (QueryType) Name 

func (q QueryType) Name() string

Name returns name of the query.

type ResolveManifestOption added in v0.1.8 

type ResolveManifestOption func(opts *resolveManifestOpts)

ResolveManifestOption is option to resolve credential manifests.

func ResolveCredential added in v0.1.8 

func ResolveCredential(descriptorID string, credential *verifiable.Credential) ResolveManifestOption

ResolveCredential options for resolving credential by given descriptor ID.

func ResolveCredentialID added in v0.1.8 

func ResolveCredentialID(descriptorID, credentialID string) ResolveManifestOption

ResolveCredentialID options for resolving credential from wallet content store by given descriptor ID.

func ResolveRawCredential added in v0.1.8 

func ResolveRawCredential(descriptorID string, rawCredential json.RawMessage) ResolveManifestOption

ResolveRawCredential options for resolving raw bytes of credential by given descriptor ID.

func ResolveRawResponse added in v0.1.9 

func ResolveRawResponse(response json.RawMessage) ResolveManifestOption

ResolveRawResponse options for resolving raw bytes of credential response presentation.

func ResolveResponse added in v0.1.9 

func ResolveResponse(response *verifiable.Presentation) ResolveManifestOption

ResolveResponse options for resolving credential response presentation.

type Session added in v0.1.9 

type Session struct {
	KeyManager kms.KeyManager
	// contains filtered or unexported fields
}

Session represent a session object created when user unlock wallet.

type TrustedIssuerDefinition 

type TrustedIssuerDefinition struct {
	Issuer   string `json:"issuer"`
	Required bool   `json:"required"`
}

TrustedIssuerDefinition is model for trusted issuer component in QueryByFrame & QueryByExample.

type UnlockOptions 

type UnlockOptions func(opts *unlockOpts)

UnlockOptions is option for unlocking verifiable credential wallet key manager. Wallet unlocking instantiates KMS instance for wallet operations. Type of key manager (local or remote) to be used will be decided based on options passed. Note: unlock options should match key manager options set for given wallet profile.

func WithUnlockByAuthorizationToken 

func WithUnlockByAuthorizationToken(url string) UnlockOptions

WithUnlockByAuthorizationToken option for supplying remote kms auth token to open wallet. This option will be ignore when supplied with localkms options.

func WithUnlockByPassphrase 

func WithUnlockByPassphrase(passphrase string) UnlockOptions

WithUnlockByPassphrase option for supplying passphrase to open wallet. This option takes precedence when provided along with other options.

func WithUnlockBySecretLockService 

func WithUnlockBySecretLockService(svc secretlock.Service) UnlockOptions

WithUnlockBySecretLockService option for supplying secret lock service to open wallet. This option will be ignored when supplied with 'WithPassphrase' option.

func WithUnlockEDVOptions 

func WithUnlockEDVOptions(edvOpts ...edv.RESTProviderOption) UnlockOptions

WithUnlockEDVOptions can be used to provide custom aries edv options for unlocking wallet. Provided options will be considered only if given wallet profile is using EDV configurations.

func WithUnlockExpiry 

func WithUnlockExpiry(tokenExpiry time.Duration) UnlockOptions

WithUnlockExpiry time duration after which wallet key manager will be expired. Wallet should be reopened by using 'client.Open()' once expired or a new instance needs to be created.

func WithUnlockWebKMSOptions 

func WithUnlockWebKMSOptions(webkmsOpts ...webkms.Opt) UnlockOptions

WithUnlockWebKMSOptions can be used to provide custom aries web kms options for unlocking wallet. This option can be used to set web kms client http header function instead of using WithUnlockByAuthorizationToken.

type VerificationOption 

type VerificationOption func(opts *verifyOpts)

VerificationOption options for verifying credential from wallet.

func WithRawCredentialToVerify 

func WithRawCredentialToVerify(raw json.RawMessage) VerificationOption

WithRawCredentialToVerify option for providing raw credential to be verified from wallet.

func WithRawPresentationToVerify 

func WithRawPresentationToVerify(raw json.RawMessage) VerificationOption

WithRawPresentationToVerify option for providing raw presentation to be verified from wallet.

func WithStoredCredentialToVerify 

func WithStoredCredentialToVerify(id string) VerificationOption

WithStoredCredentialToVerify option for providing ID of the stored credential to be verified from wallet.

type Wallet 

type Wallet struct {
	// contains filtered or unexported fields
}

Wallet enables access to verifiable credential wallet features.

func New 

func New(userID string, ctx provider) (*Wallet, error)

New returns new verifiable credential wallet for given user. returns error if wallet profile is not found. To create a new wallet profile, use `CreateProfile()`. To update an existing profile, use `UpdateProfile()`.

func (*Wallet) Add 

func (c *Wallet) Add(authToken string, contentType ContentType, content json.RawMessage, options ...AddContentOptions) error

Add adds given data model to wallet contents store.

Supported data models:

func (*Wallet) Close 

func (c *Wallet) Close() bool

Close expires token issued to this VC wallet, removes the key manager instance and closes wallet content store. returns false if token is not found or already expired for this wallet user.

func (*Wallet) CreateKeyPair 

func (c *Wallet) CreateKeyPair(authToken string, keyType kms.KeyType) (*KeyPair, error)

CreateKeyPair creates key pair inside a wallet. 

Args:
	- authToken: authorization for performing create key pair operation.
	- keyType: type of the key to be created.

func (*Wallet) Derive 

func (c *Wallet) Derive(authToken string, credential CredentialToDerive, options *DeriveOptions) (*verifiable.Credential, error)

Derive derives a credential and returns response credential. 

Args:
	- credential to derive (ID of the stored credential, raw credential or credential instance).
	- derive options.

func (*Wallet) Export 

func (c *Wallet) Export(auth string) (json.RawMessage, error)

Export produces a serialized exported wallet representation. Only ciphertext wallet contents can be exported. 

Args:
	- auth: token to be used to lock the wallet before exporting.

Returns exported locked wallet.

Supported data models:

func (*Wallet) Get 

func (c *Wallet) Get(authToken string, contentType ContentType, contentID string) (json.RawMessage, error)

Get fetches a wallet content by content ID.

Supported data models:

func (*Wallet) GetAll 

func (c *Wallet) GetAll(authToken string, contentType ContentType, options ...GetAllContentsOptions) (map[string]json.RawMessage, error)

GetAll fetches all wallet contents of given type. Returns map of key value from content store for given content type.

Supported data models:

func (*Wallet) Import 

func (c *Wallet) Import(auth string, contents json.RawMessage) error

Import Takes a serialized exported wallet representation as input and imports all contents into wallet. 

Args:
	- contents: wallet content to be imported.
	- auth: token used while exporting the wallet.

Supported data models:

func (*Wallet) Issue 

func (c *Wallet) Issue(authToken string, credential json.RawMessage,
	options *ProofOptions) (*verifiable.Credential, error)

Issue adds proof to a Verifiable Credential. 

Args:
	- auth token for unlocking kms.
	- A verifiable credential with or without proof.
	- Proof options.

func (*Wallet) Open 

func (c *Wallet) Open(options ...UnlockOptions) (string, error)

Open unlocks wallet's key manager instance & open wallet content store and returns a token for subsequent use of wallet features. 

Args:
	- unlock options for opening wallet.

Returns token with expiry that can be used for subsequent use of wallet features.

func (*Wallet) Prove 

func (c *Wallet) Prove(authToken string, proofOptions *ProofOptions, credentials ...ProveOptions) (*verifiable.Presentation, error)

Prove produces a Verifiable Presentation. 

Args:
	- auth token for unlocking kms.
	- list of interfaces (string of credential IDs which can be resolvable to stored credentials in wallet or
	raw credential or a presentation).
	- proof options

func (*Wallet) Query 

func (c *Wallet) Query(authToken string, params ...*QueryParams) ([]*verifiable.Presentation, error)

Query runs query against wallet credential contents and returns presentation containing credential results.

This function may return multiple presentations as query result based on combination of query types used.

https://w3c-ccg.github.io/universal-wallet-interop-spec/#query

Supported Query Types:

func (*Wallet) Remove 

func (c *Wallet) Remove(authToken string, contentType ContentType, contentID string) error

Remove removes wallet content by content ID.

Supported data models:

func (*Wallet) ResolveCredentialManifest added in v0.1.8 

func (c *Wallet) ResolveCredentialManifest(authToken string, manifest json.RawMessage, resolve ResolveManifestOption) ([]*cm.ResolvedDescriptor, error)

ResolveCredentialManifest resolves given credential manifest by credential response or credential. Supports: https://identity.foundation/credential-manifest/

Args:

  • authToken: authorization for performing operation.
  • manifest: Credential manifest data model in raw format.
  • resolve: options to provide credential response or credential to resolve.

Returns:

  • list of resolved descriptors.
  • error if operation fails.

func (*Wallet) SignJWT added in v0.1.9 

func (c *Wallet) SignJWT(authToken string, headers, claims map[string]interface{}, kid string) (string, error)

SignJWT creates a JWT signed by the wallet's KMS using a key from an owned DID. 

Args:
	- auth token for unlocking kms.
	- Headers to include in the created JWT.
	- Claims for the created JWT.
	- the ID of the key to use for signing, as a DID, either with a fragment identifier to specify a verification
	  method, or without, in which case the first Authentication or Assertion verification method is used.

func (*Wallet) Verify 

func (c *Wallet) Verify(authToken string, options VerificationOption) (bool, error)

Verify takes Takes a Verifiable Credential or Verifiable Presentation as input,. 

Args:
	- verification option for sending different models (stored credential ID, raw credential, raw presentation).

Returns: a boolean verified, and an error if verified is false.

func (*Wallet) VerifyJWT added in v0.1.9 

func (c *Wallet) VerifyJWT(compactJWT string) error

VerifyJWT verifies a JWT signed by a DID;

Args:

  • JWT to verify.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.