pyvckit/did.py

import json
import argparse
import requests
import multicodec
import multiformats
import nacl.signing
import nacl.encoding

from jwcrypto import jwk
from urllib.parse import urlparse
from nacl.signing import SigningKey
from nacl.encoding import RawEncoder
from templates import did_document_tmpl


def key_to_did(public_key_bytes, url):
    """did-key-format := 
       did:key:MULTIBASE(base58-btc, MULTICODEC(public-key-type, raw-public-key-bytes))"""

    mc = multicodec.add_prefix('ed25519-pub', public_key_bytes)

    # Multibase encode the hashed bytes
    did = multiformats.multibase.encode(mc, 'base58btc')

    if url:
        u = urlparse(url)
        domain = u.netloc
        path = u.path.strip("/").replace("/", ":")
        return f"did:web:{domain}:{path}:{did}"

    return f"did:key:{did}"


def key_read(path_keys):
  # Save the private JWK to a file
  with open(path_keys, 'r') as f:
      private_jwk = f.read()

  return private_jwk


def get_signing_key(jwk_pr):
    key = json.loads(jwk_pr)
    private_key_material_str = key['d']
    missing_padding = len(private_key_material_str) % 4
    if missing_padding:
      private_key_material_str += '=' * (4 - missing_padding)

    private_key_material = nacl.encoding.URLSafeBase64Encoder.decode(private_key_material_str)
    signing_key = SigningKey(private_key_material, encoder=RawEncoder)
    return signing_key


def generate_did(jwk_pr, url=None):
    signing_key = get_signing_key(jwk_pr)
    verify_key = signing_key.verify_key
    public_key_bytes = verify_key.encode()

    # Generate the DID
    did = key_to_did(public_key_bytes, url)
    return did

def generate_keys():
    # Generate an Ed25519 key pair
    key = jwk.JWK.generate(kty='OKP', crv='Ed25519')
    key['kid'] = 'Generated'
    key_json = key.export_private(True)
    return json.dumps(key_json)


def gen_did_document(did, keys):
    if did[:8] != "did:web:":
        return "", ""
    document = did_document_tmpl.copy()
    webdid_owner = did+"#owner"
    webdid_revocation = did+"#revocation"
    document["id"] = did
    document["verificationMethod"][0]["id"] = webdid_owner
    document["verificationMethod"][0]["controller"] = did
    document["verificationMethod"][0]["publicKeyJwk"]["x"] = keys["x"]
    document["authentication"].append(webdid_owner)
    document["assertionMethod"].append(webdid_owner)
    document["service"][0]["id"] = webdid_revocation
    document_fixed_serialized = json.dumps(document)
    url = "https://" + "/".join(did.split(":")[2:]) + "/did.json"

    return url, document_fixed_serialized
    

def resolve_did(did):
    if did[:8] != "did:web:":
        return
    try:
        url = "https://" + "/".join(did.split(":")[2:]) + "/did.json"
        response = requests.get(url)
    except Exception:
        url = "http://" + "/".join(did.split(":")[2:]) + "/did.json"
        response = requests.get(url)
    if 200 <= response.status_code < 300:
        return response.json()
    

def main():
    parser=argparse.ArgumentParser(description='Generates a new did or key pair')
    parser.add_argument("-k", "--key-path", required=False)
    parser.add_argument("-n", "--new", choices=['keys', 'did'])
    parser.add_argument("-u", "--url")
    parser.add_argument("-g", "--gen-doc")
    args=parser.parse_args()

    if args.new == 'keys':
        keyspair = generate_keys()
        print(keyspair)
        return

    if not args.key_path and args.new == 'did':
        print("error: argument --key-path: expected one argument")
        return

    if args.new == 'did' and args.url:
        key = key_read(args.key_path)
        did = generate_did(key, args.url)
        print(did)
        return

    if args.new == 'did':
        key = key_read(args.key_path)
        did = generate_did(key)
        print(did)
        return
    
    if args.gen_doc and not args.key_path:
        print("error: argument --key-path: expected one argument")
        return

    if args.gen_doc:
        keys = json.loads(key_read(args.key_path))
        if not keys.get("x"):
            print("error: argument --key-path: not is valid")
            return

        url, doc = gen_did_document(args.gen_doc, keys)
        # print(url)
        print(doc)
        return

if __name__ == "__main__":
    main()
commandline args for generate keypairs and did 2024-05-24 12:25:45 +00:00			`import json`
			`import argparse`
add did web 2024-05-30 09:11:37 +00:00			`import requests`
init status 2024-05-24 10:38:48 +00:00			`import multicodec`
			`import multiformats`
			`import nacl.signing`
			`import nacl.encoding`

			`from jwcrypto import jwk`
add did web 2024-05-30 09:11:37 +00:00			`from urllib.parse import urlparse`
init status 2024-05-24 10:38:48 +00:00			`from nacl.signing import SigningKey`
			`from nacl.encoding import RawEncoder`
add did web 2024-05-30 09:11:37 +00:00			`from templates import did_document_tmpl`
init status 2024-05-24 10:38:48 +00:00

add did web 2024-05-30 09:11:37 +00:00			`def key_to_did(public_key_bytes, url):`
init status 2024-05-24 10:38:48 +00:00			`"""did-key-format :=`
			`did:key:MULTIBASE(base58-btc, MULTICODEC(public-key-type, raw-public-key-bytes))"""`

			`mc = multicodec.add_prefix('ed25519-pub', public_key_bytes)`

			`# Multibase encode the hashed bytes`
			`did = multiformats.multibase.encode(mc, 'base58btc')`

add did web 2024-05-30 09:11:37 +00:00			`if url:`
			`u = urlparse(url)`
			`domain = u.netloc`
			`path = u.path.strip("/").replace("/", ":")`
			`return f"did:web:{domain}:{path}:{did}"`
init status 2024-05-24 10:38:48 +00:00
			`return f"did:key:{did}"`


commandline args for generate keypairs and did 2024-05-24 12:25:45 +00:00			`def key_read(path_keys):`
init status 2024-05-24 10:38:48 +00:00			`# Save the private JWK to a file`
commandline args for generate keypairs and did 2024-05-24 12:25:45 +00:00			`with open(path_keys, 'r') as f:`
init status 2024-05-24 10:38:48 +00:00			`private_jwk = f.read()`

fix did comand line 2024-05-28 11:40:39 +00:00			`return private_jwk`
init status 2024-05-24 10:38:48 +00:00

			`def get_signing_key(jwk_pr):`
fix flow did 2024-05-27 09:41:33 +00:00			`key = json.loads(jwk_pr)`
			`private_key_material_str = key['d']`
init status 2024-05-24 10:38:48 +00:00			`missing_padding = len(private_key_material_str) % 4`
			`if missing_padding:`
			`private_key_material_str += '=' * (4 - missing_padding)`

			`private_key_material = nacl.encoding.URLSafeBase64Encoder.decode(private_key_material_str)`
			`signing_key = SigningKey(private_key_material, encoder=RawEncoder)`
			`return signing_key`


add did web 2024-05-30 09:11:37 +00:00			`def generate_did(jwk_pr, url=None):`
init status 2024-05-24 10:38:48 +00:00			`signing_key = get_signing_key(jwk_pr)`
			`verify_key = signing_key.verify_key`
			`public_key_bytes = verify_key.encode()`

			`# Generate the DID`
add did web 2024-05-30 09:11:37 +00:00			`did = key_to_did(public_key_bytes, url)`
init status 2024-05-24 10:38:48 +00:00			`return did`

			`def generate_keys():`
			`# Generate an Ed25519 key pair`
			`key = jwk.JWK.generate(kty='OKP', crv='Ed25519')`
			`key['kid'] = 'Generated'`
fix flow did 2024-05-27 09:41:33 +00:00			`key_json = key.export_private(True)`
			`return json.dumps(key_json)`
init status 2024-05-24 10:38:48 +00:00

add did web 2024-05-30 09:11:37 +00:00			`def gen_did_document(did, keys):`
			`if did[:8] != "did:web:":`
			`return "", ""`
			`document = did_document_tmpl.copy()`
			`webdid_owner = did+"#owner"`
			`webdid_revocation = did+"#revocation"`
			`document["id"] = did`
			`document["verificationMethod"][0]["id"] = webdid_owner`
			`document["verificationMethod"][0]["controller"] = did`
			`document["verificationMethod"][0]["publicKeyJwk"]["x"] = keys["x"]`
			`document["authentication"].append(webdid_owner)`
			`document["assertionMethod"].append(webdid_owner)`
			`document["service"][0]["id"] = webdid_revocation`
			`document_fixed_serialized = json.dumps(document)`
			`url = "https://" + "/".join(did.split(":")[2:]) + "/did.json"`

			`return url, document_fixed_serialized`


			`def resolve_did(did):`
			`if did[:8] != "did:web:":`
			`return`
			`try:`
			`url = "https://" + "/".join(did.split(":")[2:]) + "/did.json"`
			`response = requests.get(url)`
			`except Exception:`
			`url = "http://" + "/".join(did.split(":")[2:]) + "/did.json"`
			`response = requests.get(url)`
			`if 200 <= response.status_code < 300:`
			`return response.json()`


commandline args for generate keypairs and did 2024-05-24 12:25:45 +00:00			`def main():`
			`parser=argparse.ArgumentParser(description='Generates a new did or key pair')`
			`parser.add_argument("-k", "--key-path", required=False)`
			`parser.add_argument("-n", "--new", choices=['keys', 'did'])`
add did web 2024-05-30 09:11:37 +00:00			`parser.add_argument("-u", "--url")`
			`parser.add_argument("-g", "--gen-doc")`
commandline args for generate keypairs and did 2024-05-24 12:25:45 +00:00			`args=parser.parse_args()`
init status 2024-05-24 10:38:48 +00:00
commandline args for generate keypairs and did 2024-05-24 12:25:45 +00:00			`if args.new == 'keys':`
refactor sign VCs 2024-05-24 15:22:35 +00:00			`keyspair = generate_keys()`
fix did comand line 2024-05-28 11:40:39 +00:00			`print(keyspair)`
commandline args for generate keypairs and did 2024-05-24 12:25:45 +00:00			`return`

			`if not args.key_path and args.new == 'did':`
			`print("error: argument --key-path: expected one argument")`
			`return`

add did web 2024-05-30 09:11:37 +00:00			`if args.new == 'did' and args.url:`
			`key = key_read(args.key_path)`
			`did = generate_did(key, args.url)`
			`print(did)`
			`return`

commandline args for generate keypairs and did 2024-05-24 12:25:45 +00:00			`if args.new == 'did':`
			`key = key_read(args.key_path)`
refactor sign VCs 2024-05-24 15:22:35 +00:00			`did = generate_did(key)`
fix did comand line 2024-05-28 11:40:39 +00:00			`print(did)`
commandline args for generate keypairs and did 2024-05-24 12:25:45 +00:00			`return`

add did web 2024-05-30 09:11:37 +00:00			`if args.gen_doc and not args.key_path:`
			`print("error: argument --key-path: expected one argument")`
			`return`

			`if args.gen_doc:`
			`keys = json.loads(key_read(args.key_path))`
			`if not keys.get("x"):`
			`print("error: argument --key-path: not is valid")`
			`return`

			`url, doc = gen_did_document(args.gen_doc, keys)`
			`# print(url)`
			`print(doc)`
			`return`
commandline args for generate keypairs and did 2024-05-24 12:25:45 +00:00
			`if __name__ == "__main__":`
			`main()`