From 17b0bb85361e2f0cc277ec43eea5f7801fb341bd Mon Sep 17 00:00:00 2001 From: Cayo Puigdefabregas Date: Thu, 6 Jun 2024 14:12:09 +0200 Subject: [PATCH] simplify and clean code --- pyvckit/sign.py | 17 +++++++++++++ pyvckit/sign_vc.py | 21 +++------------- pyvckit/sign_vp.py | 24 ++++++------------ pyvckit/verify.py | 17 +++++++++++-- pyvckit/verify_vp.py | 18 ++------------ tests/test_certificate.py | 45 ++++++++++++++-------------------- tests/test_interoperability.py | 26 +++++++++----------- 7 files changed, 76 insertions(+), 92 deletions(-) diff --git a/pyvckit/sign.py b/pyvckit/sign.py index 5b563bc..4ce7a6a 100644 --- a/pyvckit/sign.py +++ b/pyvckit/sign.py @@ -1,7 +1,11 @@ +import json import hashlib import nacl.signing import nacl.encoding from pyld import jsonld +from pyvckit.utils import now +from pyvckit.did import get_signing_key +from pyvckit.templates import proof_tmpl from pyvckit.document_loader import requests_document_loader @@ -68,3 +72,16 @@ def sign_proof(document, proof, key): return proof +def sign(credential, key, issuer_did): + signing_key = get_signing_key(key) + document = json.loads(credential) + _did = issuer_did + "#" + issuer_did.split(":")[-1] + proof = json.loads(proof_tmpl) + proof['verificationMethod'] = _did + proof['created'] = now() + + sign_proof(document, proof, signing_key) + del proof['@context'] + document['proof'] = proof + return document + diff --git a/pyvckit/sign_vc.py b/pyvckit/sign_vc.py index e203ae3..f7ceca4 100644 --- a/pyvckit/sign_vc.py +++ b/pyvckit/sign_vc.py @@ -1,25 +1,13 @@ import json import argparse from pyvckit.utils import now -from pyvckit.did import generate_did, get_signing_key, key_read -from pyvckit.templates import credential_tmpl, proof_tmpl -from pyvckit.sign import sign_proof +from pyvckit.did import generate_did, key_read +from pyvckit.templates import credential_tmpl +from pyvckit.sign import sign # source: https://github.com/mmlab-aueb/PyEd25519Signature2018/blob/master/signer.py -def sign(credential, key, issuer_did): - document = json.loads(credential) - _did = issuer_did + "#" + issuer_did.split(":")[-1] - proof = json.loads(proof_tmpl) - proof['verificationMethod'] = _did - proof['created'] = now() - - sign_proof(document, proof, key) - del proof['@context'] - document['proof'] = proof - return document - def main(): parser=argparse.ArgumentParser(description='Generates a new credential') @@ -29,14 +17,13 @@ def main(): if args.key_path: key = key_read(args.key_path) did = generate_did(key) - signing_key = get_signing_key(key) credential = json.loads(credential_tmpl) credential["issuer"]["id"] = did credential["issuanceDate"] = now() cred = json.dumps(credential) - vc = sign(cred, signing_key, did) + vc = sign(cred, key, did) print(json.dumps(vc, separators=(',', ':'))) diff --git a/pyvckit/sign_vp.py b/pyvckit/sign_vp.py index eed0661..dd7ae18 100644 --- a/pyvckit/sign_vp.py +++ b/pyvckit/sign_vp.py @@ -1,26 +1,16 @@ import json import argparse -from pyvckit.utils import now -from pyvckit.templates import presentation_tmpl, proof_tmpl -from pyvckit.did import key_read, generate_did, get_signing_key -from pyvckit.sign import sign_proof +from pyvckit.templates import presentation_tmpl +from pyvckit.did import key_read, generate_did +from pyvckit.sign import sign -def sign_vp(signing_key, holder_did, vc): +def get_presentation(vc, holder_did): presentation = json.loads(presentation_tmpl) presentation["verifiableCredential"].append(json.loads(vc)) presentation["holder"] = holder_did - - _did = holder_did + "#" + holder_did.split(":")[-1] - proof = json.loads(proof_tmpl) - proof['verificationMethod'] = _did - proof['created'] = now() - - sign_proof(presentation, proof, signing_key) - del proof['@context'] - presentation['proof'] = proof - return presentation + return json.dumps(presentation) def main(): @@ -39,8 +29,8 @@ def main(): key = key_read(args.key_path) did = generate_did(key) - signing_key = get_signing_key(key) - vp = sign_vp(signing_key, did, vc) + unsigned_vp = get_presentation(vc, did) + vp = sign(unsigned_vp, key, did) print(json.dumps(vp, separators=(',', ':'))) return diff --git a/pyvckit/verify.py b/pyvckit/verify.py index 99232b7..d945def 100644 --- a/pyvckit/verify.py +++ b/pyvckit/verify.py @@ -44,7 +44,7 @@ def jws_split(jws): signature = nacl.encoding.URLSafeBase64Encoder.decode(sig_b64.encode()) return header.encode(), signature - + def verify_vc(credential): vc = json.loads(credential) header = {"alg": "EdDSA", "crit": ["b64"], "b64": False} @@ -62,7 +62,7 @@ def verify_vc(credential): header_b64, signature = get_signing_input(message) header_jws, signature_jws = jws_split(jws) - + if header_jws != header_b64: return False @@ -108,3 +108,16 @@ def verify_vc(credential): return True + +def verify_vp(presentation): + vp = json.loads(presentation) + + if not verify_vc(presentation): + return False + + for vc in vp['verifiableCredential']: + vc_str = json.dumps(vc) + if not verify_vc(vc_str): + return False + + return True diff --git a/pyvckit/verify_vp.py b/pyvckit/verify_vp.py index fce1ca6..cc9c2e8 100644 --- a/pyvckit/verify_vp.py +++ b/pyvckit/verify_vp.py @@ -1,6 +1,6 @@ -import json import argparse -from pyvckit.verify import verify_vc + +from pyvckit.verify import verify_vp def get_presentation(path_presentation): @@ -9,20 +9,6 @@ def get_presentation(path_presentation): return vc -def verify_vp(presentation): - vp = json.loads(presentation) - - if not verify_vc(presentation): - return False - - for vc in vp['verifiableCredential']: - vc_str = json.dumps(vc) - if not verify_vc(vc_str): - return False - - return True - - def main(): parser=argparse.ArgumentParser(description='Verify a presentation') parser.add_argument("presentation_path") diff --git a/tests/test_certificate.py b/tests/test_certificate.py index 009bb35..fe50e98 100644 --- a/tests/test_certificate.py +++ b/tests/test_certificate.py @@ -3,11 +3,11 @@ import multicodec import multiformats import nacl.encoding -from pyvckit.did import generate_keys, generate_did, get_signing_key, gen_did_document -from pyvckit.sign_vc import sign -from pyvckit.sign_vp import sign_vp +from pyvckit.did import generate_keys, generate_did, gen_did_document +from pyvckit.sign import sign +from pyvckit.sign_vp import get_presentation from pyvckit.verify import verify_vc -from pyvckit.verify_vp import verify_vp +from pyvckit.verify import verify_vp from pyvckit.utils import now @@ -71,7 +71,6 @@ def test_generated_did_document(): def test_credential(): key = generate_keys() did = generate_did(key) - signing_key = get_signing_key(key) credential = { "@context": "https://www.w3.org/2018/credentials/v1", @@ -89,7 +88,7 @@ def test_credential(): cred = json.dumps(credential) - vc = sign(cred, signing_key, did) + vc = sign(cred, key, did) header = 'eyJhbGciOiJFZERTQSIsImNyaXQiOlsiYjY0Il0sImI2NCI6ZmFsc2V9' assert vc.get('proof', {}).get('jws') is not None assert header in vc.get('proof', {}).get('jws') @@ -99,7 +98,6 @@ def test_credential(): def test_presentation(): key = generate_keys() did = generate_did(key) - signing_key = get_signing_key(key) credential = { "@context": "https://www.w3.org/2018/credentials/v1", @@ -117,13 +115,13 @@ def test_presentation(): cred = json.dumps(credential) - vc = sign(cred, signing_key, did) + vc = sign(cred, key, did) vc_json = json.dumps(vc) holder_key = generate_keys() holder_did = generate_did(holder_key) - holder_signing_key = get_signing_key(holder_key) - vp = sign_vp(holder_signing_key, holder_did, vc_json) + unsigned_vp = get_presentation(vc_json, holder_did) + vp = sign(unsigned_vp, holder_key, holder_did) header = 'eyJhbGciOiJFZERTQSIsImNyaXQiOlsiYjY0Il0sImI2NCI6ZmFsc2V9' assert vp.get('proof', {}).get('jws') is not None assert header in vp.get('proof', {}).get('jws') @@ -133,7 +131,6 @@ def test_presentation(): def test_verifiable_credential(): key = generate_keys() did = generate_did(key) - signing_key = get_signing_key(key) credential = { "@context": "https://www.w3.org/2018/credentials/v1", @@ -151,7 +148,7 @@ def test_verifiable_credential(): cred = json.dumps(credential) - vc = sign(cred, signing_key, did) + vc = sign(cred, key, did) verified = verify_vc(json.dumps(vc)) assert verified @@ -159,7 +156,6 @@ def test_verifiable_credential(): def test_verifiable_presentation(): key = generate_keys() did = generate_did(key) - signing_key = get_signing_key(key) credential = { "@context": "https://www.w3.org/2018/credentials/v1", @@ -177,14 +173,14 @@ def test_verifiable_presentation(): cred = json.dumps(credential) - vc = sign(cred, signing_key, did) + vc = sign(cred, key, did) vc_json = json.dumps(vc) assert verify_vc(json.dumps(vc)) holder_key = generate_keys() holder_did = generate_did(holder_key) - holder_signing_key = get_signing_key(holder_key) - vp = sign_vp(holder_signing_key, holder_did, vc_json) + unsigned_vp = get_presentation(vc_json, holder_did) + vp = sign(unsigned_vp, holder_key, holder_did) verified = verify_vp(json.dumps(vp)) assert verified @@ -192,7 +188,6 @@ def test_verifiable_presentation(): def test_verifiable_credential_fail(): key = generate_keys() did = generate_did(key) - signing_key = get_signing_key(key) credential = { "@context": "https://www.w3.org/2018/credentials/v1", @@ -210,7 +205,7 @@ def test_verifiable_credential_fail(): cred = json.dumps(credential) - vc = sign(cred, signing_key, did) + vc = sign(cred, key, did) vc["id"] = "bar" verified = verify_vc(json.dumps(vc)) assert not verified @@ -219,7 +214,6 @@ def test_verifiable_credential_fail(): def test_verifiable_presentation_fail1(): key = generate_keys() did = generate_did(key) - signing_key = get_signing_key(key) credential = { "@context": "https://www.w3.org/2018/credentials/v1", @@ -237,13 +231,13 @@ def test_verifiable_presentation_fail1(): cred = json.dumps(credential) - vc = sign(cred, signing_key, did) + vc = sign(cred, key, did) vc_json = json.dumps(vc) holder_key = generate_keys() holder_did = generate_did(holder_key) - holder_signing_key = get_signing_key(holder_key) - vp = sign_vp(holder_signing_key, holder_did, vc_json) + unsigned_vp = get_presentation(vc_json, holder_did) + vp = sign(unsigned_vp, holder_key, holder_did) vp["verifiableCredential"][0]["id"] = "bar" verified = verify_vp(json.dumps(vp)) assert not verified @@ -252,7 +246,6 @@ def test_verifiable_presentation_fail1(): def test_verifiable_presentation_fail2(): key = generate_keys() did = generate_did(key) - signing_key = get_signing_key(key) credential = { "@context": "https://www.w3.org/2018/credentials/v1", @@ -270,13 +263,13 @@ def test_verifiable_presentation_fail2(): cred = json.dumps(credential) - vc = sign(cred, signing_key, did) + vc = sign(cred, key, did) vc_json = json.dumps(vc) holder_key = generate_keys() holder_did = generate_did(holder_key) - holder_signing_key = get_signing_key(holder_key) - vp = sign_vp(holder_signing_key, holder_did, vc_json) + unsigned_vp = get_presentation(vc_json, holder_did) + vp = sign(unsigned_vp, holder_key, holder_did) vp["id"] = "http://example.org/presentations/3732" verified = verify_vp(json.dumps(vp)) assert not verified diff --git a/tests/test_interoperability.py b/tests/test_interoperability.py index ae61daf..6d0598d 100644 --- a/tests/test_interoperability.py +++ b/tests/test_interoperability.py @@ -6,12 +6,13 @@ import didkit # import nacl.encoding from ast import literal_eval -from pyvckit.sign_vc import sign -from pyvckit.sign_vp import sign_vp +# from pyvckit.sign_vc import sign +from pyvckit.sign import sign +from pyvckit.sign_vp import get_presentation from pyvckit.verify import verify_vc -from pyvckit.verify_vp import verify_vp +from pyvckit.verify import verify_vp from pyvckit.utils import now -from pyvckit.did import generate_keys, generate_did, get_signing_key +from pyvckit.did import generate_keys, generate_did def verify_credential(vc): @@ -96,7 +97,6 @@ def test_key_from_pyvckit(): def test_pyvckit_credential_validated_from_didkit(): key = generate_keys() did = generate_did(key) - signing_key = get_signing_key(key) credential = { "@context": "https://www.w3.org/2018/credentials/v1", @@ -113,7 +113,7 @@ def test_pyvckit_credential_validated_from_didkit(): cred = json.dumps(credential) - vc = sign(cred, signing_key, did) + vc = sign(cred, key, did) result = verify_credential(json.dumps(vc)) assert result == '{"checks":["proof"],"warnings":[],"errors":[]}' @@ -144,7 +144,6 @@ def test_didkit_credential_validated_from_pyvckit(): def test_pyvckit_presentation_validated_from_didkit(): key = generate_keys() did = generate_did(key) - signing_key = get_signing_key(key) credential = { "@context": "https://www.w3.org/2018/credentials/v1", @@ -161,13 +160,13 @@ def test_pyvckit_presentation_validated_from_didkit(): cred = json.dumps(credential) - vc = sign(cred, signing_key, did) + vc = sign(cred, key, did) vc_json = json.dumps(vc) holder_key = generate_keys() holder_did = generate_did(holder_key) - holder_signing_key = get_signing_key(holder_key) - vp = sign_vp(holder_signing_key, holder_did, vc_json) + unsigned_vp = get_presentation(vc_json, holder_did) + vp = sign(unsigned_vp, holder_key, holder_did) result = verify_presentation(json.dumps(vp)) assert result @@ -176,7 +175,6 @@ def test_pyvckit_presentation_validated_from_didkit(): def test_fail_pyvckit_presentation_validated_from_didkit(): key = generate_keys() did = generate_did(key) - signing_key = get_signing_key(key) credential = { "@context": "https://www.w3.org/2018/credentials/v1", @@ -193,13 +191,13 @@ def test_fail_pyvckit_presentation_validated_from_didkit(): cred = json.dumps(credential) - vc = sign(cred, signing_key, did) + vc = sign(cred, key, did) vc_json = json.dumps(vc) holder_key = generate_keys() holder_did = generate_did(holder_key) - holder_signing_key = get_signing_key(holder_key) - vp = sign_vp(holder_signing_key, holder_did, vc_json) + unsigned_vp = get_presentation(vc_json, holder_did) + vp = sign(unsigned_vp, holder_key, holder_did) vp["verifiableCredential"][0]["id"] = "bar" vp_fail = json.dumps(vp)