Signify Core API¶
signify.core.authing¶
SIGNIFY signify.core.authing module
signify.core.keeping¶
SIGNIFY signify.core.keeping module
- class signify.core.keeping.SaltyKeeper(salter, pidx, kidx=0, tier='low', transferable=False, stem=None, code='A', count=1, icodes=None, ncode='A', ncount=1, ncodes=None, dcode='E', bran=None, sxlt=None)[source]¶
Keeper class for managing keys for an AID that uses a hierarchical deterministic key chain with a salt per AID. The passcode is used as an encryption key to encrypt and store the AID’s salt on the server. This class can either be instantiated with an encrypted salt or None which will create a random salt for this AID.
- incept(transferable)[source]¶
Create verfers and digers for inception event for AID represented by this Keeper
- Parameters:
transferable (bool) – True if the AID for this keeper can establish new keys
- Returns:
qualified base64 of signing public keys digers(list): qualified base64 of hash of rotation public keys
- Return type:
verfers(list)
- rotate(ncodes, transferable, **_)[source]¶
Rotate and return verfers and digers for next rotation event for AID represented by this Keeper
- Parameters:
ncodes (list) –
transferable (bool) – derivation codes for rotation key creation
- Returns:
qualified base64 of signing public keys digers(list): qualified base64 of hash of rotation public keys
- Return type:
verfers(list)
- sign(ser, indexed=True, indices=None, ondices=None)[source]¶
Sign provided data using the current signing keys for AID
- Parameters:
ser (bytes) – data to sign
indexed (bool) – True indicates the signatures are to be indexed signatures (indexed code)
indices (list) – specified signing indicies for each signature generated
ondices (list) – specified rotation indicies for each signature generated
- Returns:
qualified b64 CESR encoded signatures
- Return type:
list