sign credentials with pyvckit

This commit is contained in:
Cayo Puigdefabregas 2024-06-06 11:40:26 +02:00
parent 32ad6edd9d
commit 5d2724eeab
2 changed files with 32 additions and 19 deletions

View File

@ -6,16 +6,18 @@ import datetime
from collections import OrderedDict from collections import OrderedDict
from django.db import models from django.db import models
from django.conf import settings from django.conf import settings
from django.urls import reverse
from django.template.loader import get_template from django.template.loader import get_template
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from pyvckit.did import (
from utils.idhub_ssikit import ( generate_keys,
generate_did_controller_key, generate_did,
keydid_from_controller_key, gen_did_document,
sign_credential, get_signing_key
webdid_from_controller_key,
verify_credential,
) )
from pyvckit.sign_vc import sign
from pyvckit.verify import verify_vc
from oidc4vp.models import Organization from oidc4vp.models import Organization
from idhub_auth.models import User from idhub_auth.models import User
@ -469,15 +471,22 @@ class DID(models.Model):
self.key_material = user.encrypt_data(value) self.key_material = user.encrypt_data(value)
def set_did(self): def set_did(self):
new_key_material = generate_did_controller_key() new_key_material = generate_keys()
self.set_key_material(new_key_material) self.set_key_material(new_key_material)
if self.type == self.Types.KEY: if self.type == self.Types.KEY:
self.did = keydid_from_controller_key(new_key_material) self.did = generate_did(new_key_material)
elif self.type == self.Types.WEB: elif self.type == self.Types.WEB:
didurl, document = webdid_from_controller_key(new_key_material, settings.DOMAIN) url = "https://{}".format(settings.DOMAIN)
self.did = didurl path = reverse("idhub:serve_did", args=["a"])
self.didweb_document = document
if path:
path = path.split("/a/did.json")[0]
url = "https://{}/{}".format(settings.DOMAIN, path)
self.did = generate_did(new_key_material, url)
key = json.loads(new_key_material)
url, self.didweb_document = gen_did_document(self.did, key)
def get_key(self): def get_key(self):
return json.loads(self.key_material) return json.loads(self.key_material)
@ -681,15 +690,19 @@ class VerificableCredential(models.Model):
# hash of credential without sign # hash of credential without sign
self.hash = hashlib.sha3_256(self.render(domain).encode()).hexdigest() self.hash = hashlib.sha3_256(self.render(domain).encode()).hexdigest()
data = sign_credential(
self.render(domain), key = self.issuer_did.get_key_material()
self.issuer_did.get_key_material() signing_key = get_signing_key(key)
) credential = self.render(domain)
valid, reason = verify_credential(data)
vc = sign(credential, signing_key, self.issuer_did.did)
vc_str = json.dumps(vc)
valid = verify_vc(vc_str)
if not valid: if not valid:
return return
self.data = self.user.encrypt_data(data) self.data = self.user.encrypt_data(vc_str)
self.status = self.Status.ISSUED self.status = self.Status.ISSUED

View File

@ -30,7 +30,7 @@ weasyprint==60.2
ujson==5.9.0 ujson==5.9.0
openpyxl==3.1.2 openpyxl==3.1.2
jsonpath_ng==1.6.1 jsonpath_ng==1.6.1
./didkit-0.3.2-cp311-cp311-manylinux_2_34_x86_64.whl
pyroaring==0.4.5 pyroaring==0.4.5
coverage==7.4.3 coverage==7.4.3
gunicorn==21.2.0 gunicorn==21.2.0
pyvckit