KeyManager class
Agent plugin that implements IKeyManager methods.
This plugin orchestrates various implementations of AbstractKeyManagementSystem, using a KeyStore to remember the link between a key reference, its metadata, and the respective key management system that provides the actual cryptographic capabilities.
The methods of this plugin are used automatically by other plugins, such as DIDManager, CredentialPlugin, or DIDComm to perform their required cryptographic operations using the managed keys.
Signature:
export declare class KeyManager implements IAgentPlugin
Implements: IAgentPlugin
Constructors
Constructor | Modifiers | Description |
---|---|---|
(constructor)(options) | Constructs a new instance of the KeyManager class |
Properties
Property | Modifiers | Type | Description |
---|---|---|---|
methods | readonly | IKeyManager | Plugin methods |
schema | readonly | { components: { schemas: { IKeyManagerCreateArgs: { type: string; properties: { type: { $ref: string; description: string; }; kms: { type: string; description: string; }; meta: { $ref: string; description: string; }; }; required: string[]; description: string; }; TKeyType: { type: string; enum: string[]; description: string; }; KeyMetadata: { type: string; properties: { algorithms: { type: string; items: { $ref: string; }; }; }; description: string; }; TAlg: { type: string; description: string; }; ManagedKeyInfo: { type: string; properties: { kid: { type: string; description: string; }; kms: { type: string; description: string; }; type: { $ref: string; description: string; }; publicKeyHex: { type: string; description: string; }; meta: { anyOf: ({ $ref: string; type?: undefined; } | { type: string; $ref?: undefined; })[]; description: string; }; }; required: string[]; description: string; }; IKeyManagerDecryptJWEArgs: { type: string; properties: { kid: { type: string; description: string; }; data: { type: string; description: string; }; }; required: string[]; description: string; }; IKeyManagerDeleteArgs: { type: string; properties: { kid: { type: string; description: string; }; }; required: string[]; description: string; }; IKeyManagerEncryptJWEArgs: { type: string; properties: { kid: { type: string; description: string; }; to: { type: string; properties: { kid: { type: string; description: string; }; type: { $ref: string; description: string; }; publicKeyHex: { type: string; description: string; }; privateKeyHex: { type: string; description: string; }; meta: { anyOf: ({ $ref: string; type?: undefined; } | { type: string; $ref?: undefined; })[]; description: string; }; }; required: string[]; description: string; }; data: { type: string; description: string; }; }; required: string[]; description: string; }; IKeyManagerGetArgs: { type: string; properties: { kid: { type: string; description: string; }; }; required: string[]; description: string; }; IKey: { type: string; properties: { kid: { type: string; description: string; }; kms: { type: string; description: string; }; type: { $ref: string; description: string; }; publicKeyHex: { type: string; description: string; }; privateKeyHex: { type: string; description: string; }; meta: { anyOf: ({ $ref: string; type?: undefined; } | { type: string; $ref?: undefined; })[]; description: string; }; }; required: string[]; description: string; }; MinimalImportableKey: { $ref: string; description: string; }; "RequireOnly<IKey,(\"privateKeyHex\"|\"type\"|\"kms\")>": { type: string; properties: { kid: { type: string; description: string; }; kms: { type: string; description: string; }; type: { $ref: string; description: string; }; publicKeyHex: { type: string; description: string; }; privateKeyHex: { type: string; description: string; }; meta: { anyOf: ({ $ref: string; type?: undefined; } | { type: string; $ref?: undefined; })[]; description: string; }; }; description: string; }; IKeyManagerSharedSecretArgs: { type: string; properties: { secretKeyRef: { type: string; description: string; }; publicKey: { type: string; properties: { publicKeyHex: { type: string; description: string; }; type: { $ref: string; description: string; }; }; required: string[]; description: string; }; }; required: string[]; description: string; }; IKeyManagerSignArgs: { type: string; properties: { keyRef: { type: string; description: string; }; algorithm: { type: string; description: string; }; data: { type: string; description: string; }; encoding: { type: string; enum: string[]; description: string; }; }; required: string[]; description: string; }; IKeyManagerSignEthTXArgs: { type: string; properties: { kid: { type: string; description: string; }; transaction: { type: string; description: string; }; }; required: string[]; description: string; }; IKeyManagerSignJWTArgs: { type: string; properties: { kid: { type: string; description: string; }; data: { anyOf: ({ type: string; properties?: undefined; required?: undefined; additionalProperties?: undefined; } | { type: string; properties: { BYTES_PER_ELEMENT: { type: string; }; buffer: { anyOf: ({ type: string; properties: { byteLength: { type: string; }; }; required: string[]; } | { type?: undefined; properties?: undefined; required?: undefined; })[]; }; byteLength: { type: string; }; byteOffset: { type: string; }; length: { type: string; }; }; required: string[]; additionalProperties: { type: string; }; })[]; description: string; }; }; required: string[]; description: string; }; }; methods: { keyManagerCreate: { description: string; arguments: { $ref: string; }; returnType: { $ref: string; }; }; keyManagerDecryptJWE: { description: string; arguments: { $ref: string; }; returnType: { type: string; }; }; keyManagerDelete: { description: string; arguments: { $ref: string; }; returnType: { type: string; }; }; keyManagerEncryptJWE: { description: string; arguments: { $ref: string; }; returnType: { type: string; }; }; keyManagerGet: { description: string; arguments: { $ref: string; }; returnType: { $ref: string; }; }; keyManagerGetKeyManagementSystems: { description: string; arguments: { type: string; }; returnType: { type: string; items: { type: string; }; }; }; keyManagerImport: { description: string; arguments: { $ref: string; }; returnType: { $ref: string; }; }; keyManagerSharedSecret: { description: string; arguments: { $ref: string; }; returnType: { type: string; }; }; keyManagerSign: { description: string; arguments: { $ref: string; }; returnType: { type: string; }; }; keyManagerSignEthTX: { description: string; arguments: { $ref: string; }; returnType: { type: string; }; }; keyManagerSignJWT: { description: string; arguments: { $ref: string; }; returnType: { type: string; }; }; }; }; } |
Methods
Method | Modifiers | Description |
---|---|---|
createX25519ECDH(secretKeyRef) | ||
keyManagerCreate(args) | Creates and returns a new key | |
keyManagerDecryptJWE({ kid, data }) | Decrypts data This API may change without a BREAKING CHANGE notice. | |
keyManagerDelete({ kid }) | Deletes a key | |
keyManagerEncryptJWE({ kid, to, data }) | Encrypts data This API may change without a BREAKING CHANGE notice. | |
keyManagerGet({ kid }) | Returns an existing key | |
keyManagerGetKeyManagementSystems() | Lists available key management systems | |
keyManagerImport(key) | Imports a created key | |
keyManagerSharedSecret(args) | Compute a shared secret with the public key of another party. This computes the raw shared secret (the result of a Diffie-Hellman computation) To use this for symmetric encryption you MUST apply a KDF on the result. | |
keyManagerSign(args) | Generates a signature according to the algorithm specified. | |
keyManagerSignEthTX({ kid, transaction }) | Signs Ethereum transaction | |
keyManagerSignJWT({ kid, data }) | Signs JWT |