BSV.Auth.MasterCertificate (bsv_sdk v1.1.0)

Copy Markdown View Source

A master certificate with encrypted symmetric keys for each field.

The master keyring maps field names to base64-encoded encrypted symmetric keys. These keys can decrypt the corresponding certificate fields, and can be re-encrypted for specific verifiers.

Summary

Types

t()

Functions

create_certificate_fields(wallet, counterparty, fields)

Encrypt certificate fields and generate a master keyring.

create_keyring_for_verifier(wallet, certifier, verifier, fields, fields_to_reveal, master_keyring, serial_number)

Create a keyring for a verifier to decrypt specific fields.

decrypt_field(wallet, master_keyring, field_name, encrypted_field_value, counterparty)

Decrypt a single field using the master keyring.

decrypt_fields(wallet, master_keyring, fields, counterparty)

Decrypt all fields using the master keyring.

new(cert, master_keyring)

Create a new MasterCertificate, validating the keyring covers all fields.

Types

t()

@type t() :: %BSV.Auth.MasterCertificate{
  certificate: BSV.Auth.Certificate.t(),
  master_keyring: %{required(String.t()) => String.t()}
}

Functions

create_certificate_fields(wallet, counterparty, fields)

@spec create_certificate_fields(
  BSV.Wallet.ProtoWallet.t(),
  BSV.Wallet.Types.Counterparty.t(),
  %{
    required(String.t()) => String.t()
  }
) ::
  {:ok, %{required(String.t()) => String.t()},
   %{required(String.t()) => String.t()}}
  | {:error, String.t()}

Encrypt certificate fields and generate a master keyring.

Takes a wallet, counterparty (certifier or subject), and plaintext fields. Returns {encrypted_fields, master_keyring}.

create_keyring_for_verifier(wallet, certifier, verifier, fields, fields_to_reveal, master_keyring, serial_number)

@spec create_keyring_for_verifier(
  BSV.Wallet.ProtoWallet.t(),
  BSV.Wallet.Types.Counterparty.t(),
  BSV.Wallet.Types.Counterparty.t(),
  %{required(String.t()) => String.t()},
  [String.t()],
  %{required(String.t()) => String.t()},
  String.t()
) :: {:ok, %{required(String.t()) => String.t()}} | {:error, String.t()}

Create a keyring for a verifier to decrypt specific fields.

Re-encrypts the field revelation keys for the verifier.

decrypt_field(wallet, master_keyring, field_name, encrypted_field_value, counterparty)

@spec decrypt_field(
  BSV.Wallet.ProtoWallet.t(),
  %{required(String.t()) => String.t()},
  String.t(),
  String.t(),
  BSV.Wallet.Types.Counterparty.t()
) :: {:ok, binary(), String.t()} | {:error, String.t()}

Decrypt a single field using the master keyring.

Returns {field_revelation_key, plaintext_value}.

decrypt_fields(wallet, master_keyring, fields, counterparty)

@spec decrypt_fields(
  BSV.Wallet.ProtoWallet.t(),
  %{required(String.t()) => String.t()},
  %{required(String.t()) => String.t()},
  BSV.Wallet.Types.Counterparty.t()
) :: {:ok, %{required(String.t()) => String.t()}} | {:error, String.t()}

Decrypt all fields using the master keyring.

new(cert, master_keyring)

@spec new(BSV.Auth.Certificate.t(), %{required(String.t()) => String.t()}) ::
  {:ok, t()} | {:error, String.t()}

Create a new MasterCertificate, validating the keyring covers all fields.