azure.confidentialledger package¶

class azure.confidentialledger.ConfidentialLedgerCertificateCredential(certificate_path: str)[source]¶

A credential for authenticating with the Confidential Ledger using a certificate.

Parameters: certificate_path (str) – Path to the PEM-encoded certificate file including the private key.

class azure.confidentialledger.ConfidentialLedgerClient(endpoint: str, credential: Union[ConfidentialLedgerCertificateCredential, TokenCredential], ledger_certificate_path: str, **kwargs: Any)[source]¶

A client for putting data into and querying data from the Confidential Ledger service.

The transport parameter is typically accepted by Azure SDK clients to provide a custom transport stage in the pipeline. Since this client makes modifications to the default transport, using a custom transport will override and remove the following functionality:

Authentication using a client certificate.

TLS verification using the Confidential Ledger TLS certificate.

Parameters

endpoint (str) – URL of the Confidential Ledger service.
credential (ConfidentialLedgerCertificateCredential) – A credential object for authenticating with the Confidential Ledger.
ledger_certificate_path (str) – The path to the ledger’s TLS certificate.

Keyword Arguments

api_version –

Version of the Confidential Ledger API to use. Defaults to the most recent. Support API versions:

0.1-preview

append_to_ledger(entry_contents: str, **kwargs: Any) → AppendResult[source]¶

Appends an entry to the Confidential Ledger.

Parameters

entry_contents (str) – Text to write to the ledger.

Keyword Arguments

sub_ledger_id (str) – Identifies the sub-ledger to append to. If none is specified, the service will use the service-default sub-ledger id.
wait_for_commit (bool) – If True, this method will not return until the write is durably saved to the ledger.

close() → None ¶

Close sockets opened by the client.

Calling this method is unnecessary when using the client as a context manager.

create_or_update_user(user_id: str, role: Union[str, LedgerUserRole], **kwargs: Any) → LedgerUser[source]¶

Creates a new Confidential Ledger user, or updates an existing one.

Parameters

user_id (str) – Identifies the user to delete. This should be an AAD object id or certificate fingerprint.
role (str or LedgerUserRole) – Role to assigned to the user.

Returns

Details of the updated ledger user.

Return type

LedgerUser

Raises

~azure.core.exceptions.HttpResponseError

delete_user(user_id: str, **kwargs: Any) → None [source]¶

Deletes a user from the Confidential Ledger.

Parameters: user_id (str) – Identifies the user to delete. This should be an AAD object id or certificate fingerprint.
Returns: None
Return type: None
Raises: ~azure.core.exceptions.HttpResponseError

get_consortium(**kwargs: Any) → Consortium[source]¶

Gets the consortium members.

Consortium members can manage the Confidential Ledger.

Returns: Details about the consortium.
Return type: Consortium
Raises: ~azure.core.exceptions.HttpResponseError

get_constitution(**kwargs: Any) → Constitution[source]¶

Gets the constitution used for governance.

The constitution is a script that assesses and applies proposals from consortium members.

Returns: The contents of the constitution and its digest.
Return type: Constitution
Raises: ~azure.core.exceptions.HttpResponseError

get_enclave_quotes(**kwargs: Any) → LedgerEnclaves[source]¶

Gets enclave quotes from all nodes in the Confidential Ledger network.

Returns: Enclave quotes for nodes in the Confidential Ledger.
Return type: LedgerEnclaves
Raises: ~azure.core.exceptions.HttpResponseError

get_ledger_entries(**kwargs: Any) → ItemPaged[LedgerEntry][source]¶

Gets a range of entries in the ledger.

Keyword Arguments

from_transaction_id (str) – Transaction identifier from which to start the query. If this is not specified, the query begins from the first transaction.
to_transaction_id (str) – Transaction identifier at which to end the query (inclusive). If this is not specified, the query ends at the end of the ledger.
sub_ledger_id (str) – Identifies the sub-ledger to fetch the ledger entry from.

Returns

An iterable for iterating over the entries in the range.

Return type

ItemPaged[LedgerEntry]

Raises

~azure.core.exceptions.HttpResponseError

get_ledger_entry(**kwargs: Any) → LedgerEntry[source]¶

Gets an entry in the ledger. The query may need to be retried while the service is loading results.

Keyword Arguments

interval (float) – Interval, in seconds, between retries while waiting for results, defaults to 0.5.
max_tries (int) – Maximum number of times to try the query, defaults to 6. Retries are attempted if the result is not Ready.
transaction_id (str) – A transaction identifier. If not specified, the latest transaction is fetched.
sub_ledger_id – Identifies the sub-ledger to fetch the ledger entry from.

Returns

The corresponding ledger entry.

Return type

LedgerEntry

Raises

~azure.core.exceptions.HttpResponseError

get_transaction_receipt(transaction_id: str, **kwargs: Any) → TransactionReceipt[source]¶

Get a receipt for a specific transaction. The query may need to be retried while the service is loading results.

Parameters

transaction_id (str) – Transaction identifier.

Keyword Arguments

interval (float) – Interval, in seconds, between retries while waiting for results, defaults to 0.5.
max_tries (int) – Maximum number of times to try the query, defaults to 6. Retries are attempted if the result is not Ready.

Returns

Receipt certifying the specified transaction.

Return type

TransactionReceipt

Raises

~azure.core.exceptions.HttpResponseError

get_transaction_status(transaction_id: str, **kwargs: Any) → TransactionStatus[source]¶

Gets the status of a transaction.

Parameters: transaction_id (str) – Identifier for the transaction to get the status of.
Returns: Status object describing the transaction status.
Return type: TransactionStatus
Raises: ~azure.core.exceptions.HttpResponseError

get_user(user_id: str, **kwargs: Any) → LedgerUser[source]¶

Gets a Confidential Ledger user.

Parameters: user_id (str) – Identifies the user to delete. This should be an AAD object id or certificate fingerprint.
Returns: Details about the user.
Return type: LedgerUser
Raises: ~azure.core.exceptions.HttpResponseError

wait_until_durable(transaction_id: str, **kwargs: Any) → None [source]¶

Queries the status of the specified transaction until it is Committed, indicating that the transaction is durably stored in the Confidential Ledger. If this state is not reached by max_queries, a TimeoutError is raised.

Parameters

transaction_id (str) – Identifies the transaction to wait for.

Keyword Arguments

interval (float) – Interval, in seconds, between retries while waiting for results, defaults to 0.5.
max_queries (int) – Maximum number of queries to make for durability, defaults to 3.

Returns

None.

Return type

None

Raises

~azure.core.exceptions.HttpResponseError

Raises

TimeoutError

property endpoint¶: The URL this client is connected to.

class azure.confidentialledger.LedgerUserRole[source]¶

User roles assignable in a Confidential Ledger.

ADMINISTRATOR = 'Administrator'¶

CONTRIBUTOR = 'Contributor'¶

READER = 'Reader'¶

class azure.confidentialledger.TransactionState[source]¶

Indicates the status of a transaction.

COMMITTED = 'Committed'¶

PENDING = 'Pending'¶

class azure.confidentialledger.AppendResult[source]¶

Result of appending to the ledger.

Variables

transaction_id (str) – Identifier for when the append transaction was registered.
sub_ledger_id (str) – Identifies the sub-ledger the entry was appended to.

Create new instance of AppendResult(sub_ledger_id, transaction_id)

count(value) → integer – return number of occurrences of value¶

index(value[, start[, stop]]) → integer – return first index of value.¶: Raises ValueError if the value is not present.

property sub_ledger_id¶: Alias for field number 0

property transaction_id¶: Alias for field number 1

class azure.confidentialledger.Consortium(members)[source]¶

Describes the consortium.

Parameters: members (List[ConsortiumMember]) – List of members of the consortium.

property members¶: Members of the consortium.

class azure.confidentialledger.ConsortiumMember(certificate, member_id)[source]¶

Describes a member of the consortium.

Parameters

certificate (str) – Certificate used by the member.
id (str) – The member’s assigned identifier.

property certificate¶: The member’s certificate.

property id¶: The member’s identifier.

class azure.confidentialledger.Constitution(script, digest)[source]¶

Governance script for the Confidential Ledger.

Parameters

script (str) – Contents of the constitution script.
digest (str) – SHA256 digest of the script.

property contents¶: The contents of the constitution.

property digest¶: SHA256 of the constitution.

class azure.confidentialledger.EnclaveQuote(node_id, mrenclave, raw_quote, version)[source]¶

Quote of an SGX enclave.

Parameters

node_id (int) – ID assigned to this node by CCF.
mrenclave (str) – MRENCLAVE value of the code running in the enclave.
raw_quote (str) – Raw SGX quote, parsable by tools like Open Enclave’s oeverify.
version (str) – Version of the quote.

property mrenclave¶: The MRENCLAVE value for this enclave.

property node_id¶: The ID of the node identified by this quote.

property raw_quote¶: The raw quote for this enclave.

property version¶: The version of the quote.

class azure.confidentialledger.LedgerEnclaves(quotes, source_node)[source]¶

Collection of enclaves in the ledger.

Parameters

quotes (Dict[str, EnclaveQuote]) – Dictionary of enclaves in the Confidential Ledger.
source_node (str) – Id of the node providing the quotes.

property quotes¶: Get a dictionary of enclaves quotes.

property source_node¶: Identifies the node that returned the contained quotes.

class azure.confidentialledger.LedgerEntry(transaction_id, contents, sub_ledger_id)[source]¶

An entry in the ledger.

Parameters

transaction_id (str) – Identifier for the transaction containing this ledger entry.
contents (str) – Contents of the ledger entry.
sub_ledger_id (str) – Identifies the sub-ledger the entry is a part of.

property contents¶: Contents of the ledger entry.

property sub_ledger_id¶: Identifies the sub-ledger this entry is a part of.

property transaction_id¶: Id of the ledger entry.

class azure.confidentialledger.LedgerUser(user_id, role)[source]¶

Models a Confidential Ledger user.

Parameters

user_id (str) – Identifier of the user.
role (LedgerUserRole) – Role assigned to the user.

property id¶: Returns the id of this user.

property role¶: Returns the role assigned to this user.

class azure.confidentialledger.TransactionReceipt(transaction_id: int, receipt: List[int])[source]¶

Contains a receipt certifying a transaction.

Parameters

transaction_id (str) – Unique identifier for a transaction.
receipt (List[int]) – The receipt, which is a list of integers comprising a Merkle proof.

property contents¶: Contents of the receipt.

property transaction_id¶: Identifier for the transaction certified by this receipt.

class azure.confidentialledger.TransactionStatus(transaction_id, state)[source]¶

Represents the status of a transaction.

Parameters

transaction_id (str) – Identifier for the transaction.
state (TransactionState) – State of the transation.

property state¶: The state of the transaction.

property transaction_id¶: The identifier for this transaction.

azure.confidentialledger package¶

Subpackages¶