add did web in README

README.md

@@ -29,10 +29,17 @@ The mode of use under the command line would be the following:
 ```
 
 ## generate a did identifier:
+
+### did key
 ```sh
   python did.py -n did -k keypair.json
 ```
 
+### did web
+```sh
+  python did.py -n did -k keypair.json -u https://localhost/user1/dids/
+```
+
 ## generate an example signed credential:
 An example of a credential is generated, which is the one that appears in the credential_tmpl template in the file [templates.py](templates.py)
 ```sh
@@ -54,7 +61,7 @@ An example of a credential is generated, which is the one that appears in the cr
     python verify_vp.py presentation_signed.json
 ```
 
-# Use as a lib
+# Use as a library
 In the tests you can find examples of use. Now I will explain the usual cases
 
 ## generate a key pair:
@@ -64,12 +71,22 @@ In the tests you can find examples of use. Now I will explain the usual cases
 ```
 
 ## generate a did identifier:
+
+### did key
 ```python
     from pyvckit.did import generate_keys, generate_did
     key = generate_keys()
     did = generate_did(key)
 ```
 
+### did web
+```python
+    from pyvckit.did import generate_keys, generate_did
+    key = generate_keys()
+    url = "https://localhost/user1/dids/"
+    did = generate_did(key, url)
+```
+
 ## generate a signed credential:
 Assuming **credential** is a valid credential.
 **credential** is a string variable
@@ -108,3 +125,15 @@ Assuming **vc** is a properly signed verifiable credential
     from pyvckit.verify_vp import verify_vp
     verified = verify_vp(json.dumps(vp))
 ```
+
+## creation of did document:
+This command will create a json document and a url path where to place this document. The did must be a web did.
+This document is an example and in production it must be adapted to contain the revoked verifiable credentials.
+```python
+    from pyvckit.did import generate_keys, generate_did, gen_did_document
+
+    key = generate_keys()
+    url = "https://localhost/did-registry"
+    did = generate_did(key, url)
+    definitive_url, document = gen_did_document(did, key)
+```

README_es.md

@@ -29,10 +29,17 @@ El modo de uso bajo la linea de comandos seria el siguiente:
 ```
 
 ## generar un identificador did:
+
+### did key
 ```sh
   python did.py -n did -k keypair.json
 ```
 
+### did web
+```sh
+  python did.py -n did -k keypair.json -u https://localhost/user1/dids/
+```
+
 ## generar una credencial firmada de ejemplo:
 Se genera un ejemplo de credencial que es el que aparece en la plantilla credential_tmpl del fichero [templates.py](templates.py)
 ```sh
@@ -54,6 +61,12 @@ Se genera un ejemplo de credencial que es el que aparece en la plantilla credent
   python verify_vp.py presentation_signed.json
 ```
 
+## creación del documento did:
+Este comando creara un documento json y una ruta url donde colocar este documento. El did tiene que ser un did web.
+```sh
+  python did.py -k keypair.json -g did:web:localhost:did-registry:z6MkiNc8xqJLcG7QR1wzD9HPs5oPQEaWNcVf92QsbppNiB7C
+```
+
 # Uso como librería
 En los test podras encontrar ejemplos de uso. Ahora explicare los casos habituales
 
@@ -64,12 +77,22 @@ En los test podras encontrar ejemplos de uso. Ahora explicare los casos habitual
 ```
 
 ## generar un identificador did:
+
+### did key
 ```python
     from pyvckit.did import generate_keys, generate_did
     key = generate_keys()
     did = generate_did(key)
 ```
 
+### did web
+```python
+    from pyvckit.did import generate_keys, generate_did
+    key = generate_keys()
+    url = "https://localhost/user1/dids/"
+    did = generate_did(key, url)
+```
+
 ## generar una credencial firmada:
 Suponiendo que **credential** es una credencial válida.
 **credential** es una variable de tipo string
@@ -108,3 +131,15 @@ Suponiendo que **vc** es una credencial verificable correctamente firmada
     from pyvckit.verify_vp import verify_vp
     verified = verify_vp(json.dumps(vp))
 ```
+
+## creación del documento did:
+Este comando creara un documento json y una ruta url donde colocar este documento. El did tiene que ser un did web.
+Este documento es un ejemplo y en producción hay que adaptarlo para contener las credenciales verificables revocadas.
+```python
+    from pyvckit.did import generate_keys, generate_did, gen_did_document
+
+    key = generate_keys()
+    url = "https://localhost/did-registry"
+    did = generate_did(key, url)
+    definitive_url, document = gen_did_document(did, key)
+```

did.py

@@ -1,16 +1,19 @@
 import json
 import argparse
+import requests
 import multicodec
 import multiformats
 import nacl.signing
 import nacl.encoding
 
 from jwcrypto import jwk
+from urllib.parse import urlparse
 from nacl.signing import SigningKey
 from nacl.encoding import RawEncoder
+from templates import did_document_tmpl
 
 
-def key_to_did(public_key_bytes, type_did):
+def key_to_did(public_key_bytes, url):
     """did-key-format := 
        did:key:MULTIBASE(base58-btc, MULTICODEC(public-key-type, raw-public-key-bytes))"""
 
@@ -19,8 +22,11 @@ def key_to_did(public_key_bytes, type_did):
     # Multibase encode the hashed bytes
     did = multiformats.multibase.encode(mc, 'base58btc')
 
-    if type_did == "web":
+    if url:
-        return f"did:web:{did}"
+        u = urlparse(url)
+        domain = u.netloc
+        path = u.path.strip("/").replace("/", ":")
+        return f"did:web:{domain}:{path}:{did}"
 
     return f"did:key:{did}"
 
@@ -45,13 +51,13 @@ def get_signing_key(jwk_pr):
     return signing_key
 
 
-def generate_did(jwk_pr, type_did=None):
+def generate_did(jwk_pr, url=None):
     signing_key = get_signing_key(jwk_pr)
     verify_key = signing_key.verify_key
     public_key_bytes = verify_key.encode()
 
     # Generate the DID
-    did = key_to_did(public_key_bytes, type_did)
+    did = key_to_did(public_key_bytes, url)
     return did
 
 def generate_keys():
@@ -62,10 +68,44 @@ def generate_keys():
     return json.dumps(key_json)
 
 
+def gen_did_document(did, keys):
+    if did[:8] != "did:web:":
+        return "", ""
+    document = did_document_tmpl.copy()
+    webdid_owner = did+"#owner"
+    webdid_revocation = did+"#revocation"
+    document["id"] = did
+    document["verificationMethod"][0]["id"] = webdid_owner
+    document["verificationMethod"][0]["controller"] = did
+    document["verificationMethod"][0]["publicKeyJwk"]["x"] = keys["x"]
+    document["authentication"].append(webdid_owner)
+    document["assertionMethod"].append(webdid_owner)
+    document["service"][0]["id"] = webdid_revocation
+    document_fixed_serialized = json.dumps(document)
+    url = "https://" + "/".join(did.split(":")[2:]) + "/did.json"
+
+    return url, document_fixed_serialized
+    
+
+def resolve_did(did):
+    if did[:8] != "did:web:":
+        return
+    try:
+        url = "https://" + "/".join(did.split(":")[2:]) + "/did.json"
+        response = requests.get(url)
+    except Exception:
+        url = "http://" + "/".join(did.split(":")[2:]) + "/did.json"
+        response = requests.get(url)
+    if 200 <= response.status_code < 300:
+        return response.json()
+    
+
 def main():
     parser=argparse.ArgumentParser(description='Generates a new did or key pair')
     parser.add_argument("-k", "--key-path", required=False)
     parser.add_argument("-n", "--new", choices=['keys', 'did'])
+    parser.add_argument("-u", "--url")
+    parser.add_argument("-g", "--gen-doc")
     args=parser.parse_args()
 
     if args.new == 'keys':
@@ -77,12 +117,32 @@ def main():
         print("error: argument --key-path: expected one argument")
         return
 
+    if args.new == 'did' and args.url:
+        key = key_read(args.key_path)
+        did = generate_did(key, args.url)
+        print(did)
+        return
+
     if args.new == 'did':
         key = key_read(args.key_path)
         did = generate_did(key)
         print(did)
         return
     
+    if args.gen_doc and not args.key_path:
+        print("error: argument --key-path: expected one argument")
+        return
+
+    if args.gen_doc:
+        keys = json.loads(key_read(args.key_path))
+        if not keys.get("x"):
+            print("error: argument --key-path: not is valid")
+            return
+
+        url, doc = gen_did_document(args.gen_doc, keys)
+        # print(url)
+        print(doc)
+        return
 
 if __name__ == "__main__":
     main()

requirements.txt

@@ -25,3 +25,4 @@ Pillow
 multiformats
 PyNaCl
 py-multicodec
+pyroaring

templates.py

@@ -27,3 +27,41 @@ presentation_tmpl = {
     "holder": "",
     "verifiableCredential": []
 }
+
+
+did_document_tmpl = {
+  "@context": [
+    "https://www.w3.org/ns/did/v1",
+    {
+      "Ed25519VerificationKey2018": "https://w3id.org/security#Ed25519VerificationKey2018",
+      "publicKeyJwk": {
+        "@id": "https://w3id.org/security#publicKeyJwk",
+        "@type": "@json"
+      }
+    }
+  ],
+  "id": "",
+  "verificationMethod": [
+    {
+      "id": "",
+      "type": "Ed25519VerificationKey2018",
+      "controller": "",
+      "publicKeyJwk": {
+        "kty": "OKP",
+        "crv": "Ed25519",
+        "x": ""
+      }
+    }
+  ],
+  "authentication": [
+  ],
+  "assertionMethod": [
+  ],
+  "service": [
+    {
+      "id": "",
+      "type": "RevocationBitmap2022",
+      "serviceEndpoint": "data:application/octet-stream;base64,eJyzMmAAAwADKABr"
+    }
+  ]
+}