Struct indy::anoncreds::Issuer

source · 
pub struct Issuer {}

Implementations

Create credential schema entity that describes credential attributes list and allows credentials interoperability.

Schema is public and intended to be shared with all anoncreds workflow actors usually by publishing SCHEMA transaction to Indy distributed ledger.

It is IMPORTANT for current version POST Schema in Ledger and after that GET it from Ledger with correct seq_no to save compatibility with Ledger. After that can call Issuer::create_and_store_credential_def to build corresponding Credential Definition.

Arguments
  • pool_handle - pool handle (created by Pool::open_ledger).
  • issuer_did: DID of schema issuer
  • name: a name the schema
  • version: a version of the schema
  • attrs: a list of schema attributes descriptions
Returns
  • schema_id: identifier of created schema
  • schema_json: schema as json

Create credential schema entity that describes credential attributes list and allows credentials interoperability.

Schema is public and intended to be shared with all anoncreds workflow actors usually by publishing SCHEMA transaction to Indy distributed ledger.

It is IMPORTANT for current version POST Schema in Ledger and after that GET it from Ledger with correct seq_no to save compatibility with Ledger. After that can call Issuer::create_and_store_credential_def to build corresponding Credential Definition.

Arguments
  • pool_handle - pool handle (created by Pool::open_ledger).
  • issuer_did: DID of schema issuer
  • name: a name the schema
  • version: a version of the schema
  • attrs: a list of schema attributes descriptions
  • timeout - the maximum time this function waits for a response
Returns
  • schema_id: identifier of created schema
  • schema_json: schema as json

Create credential schema entity that describes credential attributes list and allows credentials interoperability.

Schema is public and intended to be shared with all anoncreds workflow actors usually by publishing SCHEMA transaction to Indy distributed ledger.

It is IMPORTANT for current version POST Schema in Ledger and after that GET it from Ledger with correct seq_no to save compatibility with Ledger. After that can call Issuer::create_and_store_credential_def to build corresponding Credential Definition.

Arguments
  • pool_handle - pool handle (created by Pool::open_ledger).
  • issuer_did: DID of schema issuer
  • name: a name the schema
  • version: a version of the schema
  • attrs: a list of schema attributes descriptions
  • closure - the closure that is called when finished
Returns
  • errorcode - errorcode from calling ffi function. The closure receives the return result

Create credential definition entity that encapsulates credentials issuer DID, credential schema, secrets used for signing credentials and secrets used for credentials revocation.

Credential definition entity contains private and public parts. Private part will be stored in the wallet. Public part will be returned as json intended to be shared with all anoncreds workflow actors usually by publishing CRED_DEF transaction to Indy distributed ledger.

It is IMPORTANT for current version GET Schema from Ledger with correct seq_no to save compatibility with Ledger.

Arguments
  • wallet_handle: wallet handler (created by Wallet::open_wallet).
  • issuer_did: a DID of the issuer signing cred_def transaction to the Ledger
  • schema_json: credential schema as a json
  • tag: allows to distinct between credential definitions for the same issuer and schema
  • signature_type: credential definition type (optional, ‘CL’ by default) that defines credentials signature and revocation math. Supported types are:
    • ‘CL’: Camenisch-Lysyanskaya credential signature type
  • config_json: (optional) type-specific configuration of credential definition as json:
    • ‘CL’:
      • support_revocation: whether to request non-revocation credential (optional, default false)
Returns
  • cred_def_id: identifier of created credential definition
  • cred_def_json: public part of created credential definition

Create credential definition entity that encapsulates credentials issuer DID, credential schema, secrets used for signing credentials and secrets used for credentials revocation.

Credential definition entity contains private and public parts. Private part will be stored in the wallet. Public part will be returned as json intended to be shared with all anoncreds workflow actors usually by publishing CRED_DEF transaction to Indy distributed ledger.

It is IMPORTANT for current version GET Schema from Ledger with correct seq_no to save compatibility with Ledger.

Arguments
  • wallet_handle: wallet handler (created by Wallet::open_wallet).
  • issuer_did: a DID of the issuer signing cred_def transaction to the Ledger
  • schema_json: credential schema as a json
  • tag: allows to distinct between credential definitions for the same issuer and schema
  • signature_type: credential definition type (optional, ‘CL’ by default) that defines credentials signature and revocation math. Supported types are:
    • ‘CL’: Camenisch-Lysyanskaya credential signature type
  • config_json: (optional) type-specific configuration of credential definition as json:
    • ‘CL’:
      • support_revocation: whether to request non-revocation credential (optional, default false)
  • timeout - the maximum time this function waits for a response
Returns
  • cred_def_id: identifier of created credential definition
  • cred_def_json: public part of created credential definition

Create credential definition entity that encapsulates credentials issuer DID, credential schema, secrets used for signing credentials and secrets used for credentials revocation.

Credential definition entity contains private and public parts. Private part will be stored in the wallet. Public part will be returned as json intended to be shared with all anoncreds workflow actors usually by publishing CRED_DEF transaction to Indy distributed ledger.

It is IMPORTANT for current version GET Schema from Ledger with correct seq_no to save compatibility with Ledger.

Arguments
  • wallet_handle: wallet handler (created by Wallet::open_wallet).
  • issuer_did: a DID of the issuer signing cred_def transaction to the Ledger
  • schema_json: credential schema as a json
  • tag: allows to distinct between credential definitions for the same issuer and schema
  • signature_type: credential definition type (optional, ‘CL’ by default) that defines credentials signature and revocation math. Supported types are:
    • ‘CL’: Camenisch-Lysyanskaya credential signature type
  • config_json: (optional) type-specific configuration of credential definition as json:
    • ‘CL’:
      • support_revocation: whether to request non-revocation credential (optional, default false)
  • closure - the closure that is called when finished
Returns
  • errorcode - errorcode from calling ffi function. The closure receives the return result

Create a new revocation registry for the given credential definition as tuple of entities

  • Revocation registry definition that encapsulates credentials definition reference, revocation type specific configuration and secrets used for credentials revocation
  • Revocation registry state that stores the information about revoked entities in a non-disclosing way. The state can be represented as ordered list of revocation registry entries were each entry represents the list of revocation or issuance operations.

Revocation registry definition entity contains private and public parts. Private part will be stored in the wallet. Public part will be returned as json intended to be shared with all anoncreds workflow actors usually by publishing REVOC_REG_DEF transaction to Indy distributed ledger.

Revocation registry state is stored on the wallet and also intended to be shared as the ordered list of REVOC_REG_ENTRY transactions. This call initializes the state in the wallet and returns the initial entry.

Some revocation registry types (for example, ‘CL_ACCUM’) can require generation of binary blob called tails used to hide information about revoked credentials in public revocation registry and intended to be distributed out of leger (REVOC_REG_DEF transaction will still contain uri and hash of tails). This call requires access to pre-configured blob storage writer instance handle that will allow to write generated tails.

Arguments
  • wallet_handle: wallet handler (created by Wallet::open_wallet).
  • issuer_did: a DID of the issuer signing transaction to the Ledger
  • revoc_def_type: revocation registry type (optional, default value depends on credential definition type). Supported types are:
    • ‘CL_ACCUM’: Type-3 pairing based accumulator. Default for ‘CL’ credential definition type
  • tag: allows to distinct between revocation registries for the same issuer and credential definition
  • cred_def_id: id of stored in ledger credential definition
  • config_json: type-specific configuration of revocation registry as json:
    • ‘CL_ACCUM’: { “issuance_type”: (optional) type of issuance. Currently supported: 1) ISSUANCE_BY_DEFAULT: all indices are assumed to be issued and initial accumulator is calculated over all indices; Revocation Registry is updated only during revocation. 2) ISSUANCE_ON_DEMAND: nothing is issued initially accumulator is 1 (used by default); “max_cred_num”: maximum number of credentials the new registry can process (optional, default 100000) }
  • tails_writer_handle: handle of blob storage to store tails
Returns
  • revoc_reg_id: identifier of created revocation registry definition
  • revoc_reg_def_json: public part of revocation registry definition
  • revoc_reg_entry_json: revocation registry entry that defines initial state of revocation registry

Create a new revocation registry for the given credential definition as tuple of entities

  • Revocation registry definition that encapsulates credentials definition reference, revocation type specific configuration and secrets used for credentials revocation
  • Revocation registry state that stores the information about revoked entities in a non-disclosing way. The state can be represented as ordered list of revocation registry entries were each entry represents the list of revocation or issuance operations.

Revocation registry definition entity contains private and public parts. Private part will be stored in the wallet. Public part will be returned as json intended to be shared with all anoncreds workflow actors usually by publishing REVOC_REG_DEF transaction to Indy distributed ledger.

Revocation registry state is stored on the wallet and also intended to be shared as the ordered list of REVOC_REG_ENTRY transactions. This call initializes the state in the wallet and returns the initial entry.

Some revocation registry types (for example, ‘CL_ACCUM’) can require generation of binary blob called tails used to hide information about revoked credentials in public revocation registry and intended to be distributed out of leger (REVOC_REG_DEF transaction will still contain uri and hash of tails). This call requires access to pre-configured blob storage writer instance handle that will allow to write generated tails.

Arguments
  • wallet_handle: wallet handler (created by Wallet::open_wallet).
  • issuer_did: a DID of the issuer signing transaction to the Ledger
  • revoc_def_type: revocation registry type (optional, default value depends on credential definition type). Supported types are:
    • ‘CL_ACCUM’: Type-3 pairing based accumulator. Default for ‘CL’ credential definition type
  • tag: allows to distinct between revocation registries for the same issuer and credential definition
  • cred_def_id: id of stored in ledger credential definition
  • config_json: type-specific configuration of revocation registry as json:
    • ‘CL_ACCUM’: { “issuance_type”: (optional) type of issuance. Currently supported: 1) ISSUANCE_BY_DEFAULT: all indices are assumed to be issued and initial accumulator is calculated over all indices; Revocation Registry is updated only during revocation. 2) ISSUANCE_ON_DEMAND: nothing is issued initially accumulator is 1 (used by default); “max_cred_num”: maximum number of credentials the new registry can process (optional, default 100000) }
  • tails_writer_handle: handle of blob storage to store tails
  • timeout - the maximum time this function waits for a response
Returns
  • revoc_reg_id: identifier of created revocation registry definition
  • revoc_reg_def_json: public part of revocation registry definition
  • revoc_reg_entry_json: revocation registry entry that defines initial state of revocation registry

Create a new revocation registry for the given credential definition as tuple of entities

  • Revocation registry definition that encapsulates credentials definition reference, revocation type specific configuration and secrets used for credentials revocation
  • Revocation registry state that stores the information about revoked entities in a non-disclosing way. The state can be represented as ordered list of revocation registry entries were each entry represents the list of revocation or issuance operations.

Revocation registry definition entity contains private and public parts. Private part will be stored in the wallet. Public part will be returned as json intended to be shared with all anoncreds workflow actors usually by publishing REVOC_REG_DEF transaction to Indy distributed ledger.

Revocation registry state is stored on the wallet and also intended to be shared as the ordered list of REVOC_REG_ENTRY transactions. This call initializes the state in the wallet and returns the initial entry.

Some revocation registry types (for example, ‘CL_ACCUM’) can require generation of binary blob called tails used to hide information about revoked credentials in public revocation registry and intended to be distributed out of leger (REVOC_REG_DEF transaction will still contain uri and hash of tails). This call requires access to pre-configured blob storage writer instance handle that will allow to write generated tails.

Arguments
  • wallet_handle: wallet handler (created by Wallet::open_wallet).
  • issuer_did: a DID of the issuer signing transaction to the Ledger
  • revoc_def_type: revocation registry type (optional, default value depends on credential definition type). Supported types are:
    • ‘CL_ACCUM’: Type-3 pairing based accumulator. Default for ‘CL’ credential definition type
  • tag: allows to distinct between revocation registries for the same issuer and credential definition
  • cred_def_id: id of stored in ledger credential definition
  • config_json: type-specific configuration of revocation registry as json:
    • ‘CL_ACCUM’: { “issuance_type”: (optional) type of issuance. Currently supported: 1) ISSUANCE_BY_DEFAULT: all indices are assumed to be issued and initial accumulator is calculated over all indices; Revocation Registry is updated only during revocation. 2) ISSUANCE_ON_DEMAND: nothing is issued initially accumulator is 1 (used by default); “max_cred_num”: maximum number of credentials the new registry can process (optional, default 100000) }
  • tails_writer_handle: handle of blob storage to store tails
  • closure - the closure that is called when finished
Returns
  • errorcode - errorcode from calling ffi function. The closure receives the return result

Create credential offer that will be used by Prover for credential request creation. Offer includes nonce and key correctness proof for authentication between protocol steps and integrity checking.

Arguments
  • wallet_handle: wallet handler (created by Wallet::open_wallet)
  • cred_def_id: id of credential definition stored in the wallet
Returns
  • credential_offer_json - { “schema_id”: string, “cred_def_id”: string, // Fields below can depend on Cred Def type “nonce”: string, “key_correctness_proof” : <key_correctness_proof> }

Create credential offer that will be used by Prover for credential request creation. Offer includes nonce and key correctness proof for authentication between protocol steps and integrity checking.

Arguments
  • wallet_handle: wallet handler (created by Wallet::open_wallet)
  • cred_def_id: id of credential definition stored in the wallet
  • timeout - the maximum time this function waits for a response
Returns
  • credential_offer_json - { “schema_id”: string, “cred_def_id”: string, // Fields below can depend on Cred Def type “nonce”: string, “key_correctness_proof” : <key_correctness_proof> }

Create credential offer that will be used by Prover for credential request creation. Offer includes nonce and key correctness proof for authentication between protocol steps and integrity checking.

Arguments
  • wallet_handle: wallet handler (created by Wallet::open_wallet)
  • cred_def_id: id of credential definition stored in the wallet
  • closure - the closure that is called when finished
Returns
  • errorcode - errorcode from calling ffi function. The closure receives the return result

Check Cred Request for the given Cred Offer and issue Credential for the given Cred Request.

Cred Request must match Cred Offer. The credential definition and revocation registry definition referenced in Cred Offer and Cred Request must be already created and stored into the wallet.

Information for this credential revocation will be store in the wallet as part of revocation registry under generated cred_revoc_id local for this wallet.

This call returns revoc registry delta as json file intended to be shared as REVOC_REG_ENTRY transaction. Note that it is possible to accumulate deltas to reduce ledger load.

Arguments
  • wallet_handle: wallet handler (created by Wallet::open_wallet).
  • cred_offer_json: a cred offer created by Issuer::create_credential_offer
  • cred_req_json: a credential request created by Prover::store_credential
  • cred_values_json: a credential containing attribute values for each of requested attribute names. Example: { “attr1” : {“raw”: “value1”, “encoded”: “value1_as_int” }, “attr2” : {“raw”: “value1”, “encoded”: “value1_as_int” } }
  • rev_reg_id: id of revocation registry stored in the wallet
  • blob_storage_reader_handle: configuration of blob storage reader handle that will allow to read revocation tails
Returns
  • cred_json: Credential json containing signed credential values { “schema_id”: string, “cred_def_id”: string, “rev_reg_def_id”, Optional, “values”: , // Fields below can depend on Cred Def type “signature”: , “signature_correctness_proof”: <signature_correctness_proof> }
  • cred_revoc_id: local id for revocation info (Can be used for revocation of this credential)
  • revoc_reg_delta_json: Revocation registry delta json with a newly issued credential

Check Cred Request for the given Cred Offer and issue Credential for the given Cred Request.

Cred Request must match Cred Offer. The credential definition and revocation registry definition referenced in Cred Offer and Cred Request must be already created and stored into the wallet.

Information for this credential revocation will be store in the wallet as part of revocation registry under generated cred_revoc_id local for this wallet.

This call returns revoc registry delta as json file intended to be shared as REVOC_REG_ENTRY transaction. Note that it is possible to accumulate deltas to reduce ledger load.

Arguments
  • wallet_handle: wallet handler (created by Wallet::open_wallet).
  • cred_offer_json: a cred offer created by Issuer::create_credential_offer
  • cred_req_json: a credential request created by Prover::store_credential
  • cred_values_json: a credential containing attribute values for each of requested attribute names. Example: { “attr1” : {“raw”: “value1”, “encoded”: “value1_as_int” }, “attr2” : {“raw”: “value1”, “encoded”: “value1_as_int” } }
  • rev_reg_id: id of revocation registry stored in the wallet
  • blob_storage_reader_handle: configuration of blob storage reader handle that will allow to read revocation tails
  • timeout - the maximum time this function waits for a response
Returns
  • cred_json: Credential json containing signed credential values { “schema_id”: string, “cred_def_id”: string, “rev_reg_def_id”, Optional, “values”: , // Fields below can depend on Cred Def type “signature”: , “signature_correctness_proof”: <signature_correctness_proof> }
  • cred_revoc_id: local id for revocation info (Can be used for revocation of this credential)
  • revoc_reg_delta_json: Revocation registry delta json with a newly issued credential

Check Cred Request for the given Cred Offer and issue Credential for the given Cred Request.

Cred Request must match Cred Offer. The credential definition and revocation registry definition referenced in Cred Offer and Cred Request must be already created and stored into the wallet.

Information for this credential revocation will be store in the wallet as part of revocation registry under generated cred_revoc_id local for this wallet.

This call returns revoc registry delta as json file intended to be shared as REVOC_REG_ENTRY transaction. Note that it is possible to accumulate deltas to reduce ledger load.

Arguments
  • wallet_handle: wallet handler (created by Wallet::open_wallet).
  • cred_offer_json: a cred offer created by Issuer::create_credential_offer
  • cred_req_json: a credential request created by Prover::store_credential
  • cred_values_json: a credential containing attribute values for each of requested attribute names. Example: { “attr1” : {“raw”: “value1”, “encoded”: “value1_as_int” }, “attr2” : {“raw”: “value1”, “encoded”: “value1_as_int” } }
  • rev_reg_id: id of revocation registry stored in the wallet
  • blob_storage_reader_handle: configuration of blob storage reader handle that will allow to read revocation tails
  • closure - the closure that is called when finished
Returns
  • errorcode - errorcode from calling ffi function. The closure receives the return result

Revoke a credential identified by a cred_revoc_id (returned by indy_issuer_create_credential).

The corresponding credential definition and revocation registry must be already created an stored into the wallet.

This call returns revoc registry delta as json file intended to be shared as REVOC_REG_ENTRY transaction. Note that it is possible to accumulate deltas to reduce ledger load.

Arguments
  • wallet_handle: wallet handler (created by Wallet::open_wallet).
  • blob_storage_reader_cfg_handle: configuration of blob storage reader handle that will allow to read revocation tails
  • rev_reg_id: id of revocation registry stored in wallet
  • cred_revoc_id: local id for revocation info
Returns
  • revoc_reg_delta_json: Revocation registry delta json with a revoked credential

Revoke a credential identified by a cred_revoc_id (returned by indy_issuer_create_credential).

The corresponding credential definition and revocation registry must be already created an stored into the wallet.

This call returns revoc registry delta as json file intended to be shared as REVOC_REG_ENTRY transaction. Note that it is possible to accumulate deltas to reduce ledger load.

Arguments
  • wallet_handle: wallet handler (created by Wallet::open_wallet).
  • blob_storage_reader_cfg_handle: configuration of blob storage reader handle that will allow to read revocation tails
  • rev_reg_id: id of revocation registry stored in wallet
  • cred_revoc_id: local id for revocation info
  • timeout - the maximum time this function waits for a response
Returns
  • revoc_reg_delta_json: Revocation registry delta json with a revoked credential

Revoke a credential identified by a cred_revoc_id (returned by indy_issuer_create_credential).

The corresponding credential definition and revocation registry must be already created an stored into the wallet.

This call returns revoc registry delta as json file intended to be shared as REVOC_REG_ENTRY transaction. Note that it is possible to accumulate deltas to reduce ledger load.

Arguments
  • wallet_handle: wallet handler (created by Wallet::open_wallet).
  • blob_storage_reader_cfg_handle: configuration of blob storage reader handle that will allow to read revocation tails
  • rev_reg_id: id of revocation registry stored in wallet
  • cred_revoc_id: local id for revocation info
  • closure - the closure that is called when finished
Returns
  • errorcode - errorcode from calling ffi function. The closure receives the return result

Merge two revocation registry deltas (returned by Issuer::create_credential or Issuer::revoke_credential) to accumulate common delta. Send common delta to ledger to reduce the load.

Arguments
  • rev_reg_delta_json: revocation registry delta.
  • other_rev_reg_delta_json: revocation registry delta for which PrevAccum value is equal to current accum value of rev_reg_delta_json.
Returns
  • merged_rev_reg_delta - Merged revocation registry delta

Merge two revocation registry deltas (returned by Issuer::create_credential or Issuer::revoke_credential) to accumulate common delta. Send common delta to ledger to reduce the load.

Arguments
  • rev_reg_delta_json: revocation registry delta.
  • other_rev_reg_delta_json: revocation registry delta for which PrevAccum value is equal to current accum value of rev_reg_delta_json.
  • timeout - the maximum time this function waits for a response
Returns
  • merged_rev_reg_delta - Merged revocation registry delta

Merge two revocation registry deltas (returned by Issuer::create_credential or Issuer::revoke_credential) to accumulate common delta. Send common delta to ledger to reduce the load.

Arguments
  • rev_reg_delta_json: revocation registry delta.
  • other_rev_reg_delta_json: revocation registry delta for which PrevAccum value is equal to current accum value of rev_reg_delta_json.
  • closure - the closure that is called when finished
Returns
  • errorcode - errorcode from calling ffi function. The closure receives the return result

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more
Immutably borrows from an owned value. Read more
Mutably borrows from an owned value. Read more

Returns the argument unchanged.

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.