ereuse
/
pyvckit
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add did web

This commit is contained in:
Cayo Puigdefabregas 2024-05-30 11:11:37 +02:00
parent fb324caebf
commit 1c14e11d73
3 changed files with 104 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
did.py
View File

@ -1,16 +1,19 @@
import json import json
import argparse import argparse
import requests
import multicodec import multicodec
import multiformats import multiformats
import nacl.signing import nacl.signing
import nacl.encoding import nacl.encoding
from jwcrypto import jwk from jwcrypto import jwk
from urllib.parse import urlparse
from nacl.signing import SigningKey from nacl.signing import SigningKey
from nacl.encoding import RawEncoder from nacl.encoding import RawEncoder
from templates import did_document_tmpl
def key_to_did(public_key_bytes, type_did): def key_to_did(public_key_bytes, url):
"""did-key-format := """did-key-format :=
did:key:MULTIBASE(base58-btc, MULTICODEC(public-key-type, raw-public-key-bytes))""" did:key:MULTIBASE(base58-btc, MULTICODEC(public-key-type, raw-public-key-bytes))"""
@ -19,8 +22,11 @@ def key_to_did(public_key_bytes, type_did):
# Multibase encode the hashed bytes # Multibase encode the hashed bytes
did = multiformats.multibase.encode(mc, 'base58btc') did = multiformats.multibase.encode(mc, 'base58btc')
if type_did == "web": if url:
return f"did:web:{did}" u = urlparse(url)
domain = u.netloc
path = u.path.strip("/").replace("/", ":")
return f"did:web:{domain}:{path}:{did}"
return f"did:key:{did}" return f"did:key:{did}"
@ -45,13 +51,13 @@ def get_signing_key(jwk_pr):
return signing_key return signing_key
def generate_did(jwk_pr, type_did=None): def generate_did(jwk_pr, url=None):
signing_key = get_signing_key(jwk_pr) signing_key = get_signing_key(jwk_pr)
verify_key = signing_key.verify_key verify_key = signing_key.verify_key
public_key_bytes = verify_key.encode() public_key_bytes = verify_key.encode()
# Generate the DID # Generate the DID
did = key_to_did(public_key_bytes, type_did) did = key_to_did(public_key_bytes, url)
return did return did
def generate_keys(): def generate_keys():
@ -62,10 +68,44 @@ def generate_keys():
return json.dumps(key_json) return json.dumps(key_json)
def gen_did_document(did, keys):
if did[:8] != "did:web:":
return "", ""
document = did_document_tmpl.copy()
webdid_owner = did+"#owner"
webdid_revocation = did+"#revocation"
document["id"] = did
document["verificationMethod"][0]["id"] = webdid_owner
document["verificationMethod"][0]["controller"] = did
document["verificationMethod"][0]["publicKeyJwk"]["x"] = keys["x"]
document["authentication"].append(webdid_owner)
document["assertionMethod"].append(webdid_owner)
document["service"][0]["id"] = webdid_revocation
document_fixed_serialized = json.dumps(document)
url = "https://" + "/".join(did.split(":")[2:]) + "/did.json"
return url, document_fixed_serialized
def resolve_did(did):
if did[:8] != "did:web:":
return
try:
url = "https://" + "/".join(did.split(":")[2:]) + "/did.json"
response = requests.get(url)
except Exception:
url = "http://" + "/".join(did.split(":")[2:]) + "/did.json"
response = requests.get(url)
if 200 <= response.status_code < 300:
return response.json()
def main(): def main():
parser=argparse.ArgumentParser(description='Generates a new did or key pair') parser=argparse.ArgumentParser(description='Generates a new did or key pair')
parser.add_argument("-k", "--key-path", required=False) parser.add_argument("-k", "--key-path", required=False)
parser.add_argument("-n", "--new", choices=['keys', 'did']) parser.add_argument("-n", "--new", choices=['keys', 'did'])
parser.add_argument("-u", "--url")
parser.add_argument("-g", "--gen-doc")
args=parser.parse_args() args=parser.parse_args()
if args.new == 'keys': if args.new == 'keys':
@ -77,12 +117,32 @@ def main():
print("error: argument --key-path: expected one argument") print("error: argument --key-path: expected one argument")
return return
if args.new == 'did' and args.url:
key = key_read(args.key_path)
did = generate_did(key, args.url)
print(did)
return
if args.new == 'did': if args.new == 'did':
key = key_read(args.key_path) key = key_read(args.key_path)
did = generate_did(key) did = generate_did(key)
print(did) print(did)
return return
if args.gen_doc and not args.key_path:
print("error: argument --key-path: expected one argument")
return
if args.gen_doc:
keys = json.loads(key_read(args.key_path))
if not keys.get("x"):
print("error: argument --key-path: not is valid")
return
url, doc = gen_did_document(args.gen_doc, keys)
# print(url)
print(doc)
return
if __name__ == "__main__": if __name__ == "__main__":
main() main()

1
requirements.txt
View File

@ -25,3 +25,4 @@ Pillow
multiformats multiformats
PyNaCl PyNaCl
py-multicodec py-multicodec
pyroaring

38
templates.py
View File

@ -27,3 +27,41 @@ presentation_tmpl = {
"holder": "", "holder": "",
"verifiableCredential": [] "verifiableCredential": []
} }
did_document_tmpl = {
"@context": [
"https://www.w3.org/ns/did/v1",
{
"Ed25519VerificationKey2018": "https://w3id.org/security#Ed25519VerificationKey2018",
"publicKeyJwk": {
"@id": "https://w3id.org/security#publicKeyJwk",
"@type": "@json"
}
}
],
"id": "",
"verificationMethod": [
{
"id": "",
"type": "Ed25519VerificationKey2018",
"controller": "",
"publicKeyJwk": {
"kty": "OKP",
"crv": "Ed25519",
"x": ""
}
}
],
"authentication": [
],
"assertionMethod": [
],
"service": [
{
"id": "",
"type": "RevocationBitmap2022",
"serviceEndpoint": "data:application/octet-stream;base64,eJyzMmAAAwADKABr"
}
]
}