def verifiable_credentials(self, vcs: [str]): if not isinstance(vcs, list): raise ValidationError(param='verifiable_credentials', type_name=list) for vc in vcs: if not isinstance(vc, str): raise ValidationError(param='raw_vc', type_name=str) if not vc.count('.') == 2: raise ValueError("VC format unrecognized") self._verifiable_credentials = vcs
def expiration_date(self, e: datetime.datetime): if e is not None: if not isinstance(e, datetime.datetime): raise ValidationError(param='expiration_date', type_name=datetime.datetime) if self.issuance_date and (e < self.issuance_date): raise RangeError(param='expiration_date', range='expiration_date < issuance_date') self._expiration_date = e
def __verify(token: str, algorithm: str, key: JWK, return_claims=False): if not isinstance(key, JWK): raise InvalidJWKType if not algorithm or not isinstance(algorithm, str): raise ValidationError(param='algorithm', type_name=str) verifier = jwt.JWT(algs=[algorithm]) verifier.deserialize(jwt=token, key=key) if return_claims: return verifier.claims return verifier
def __sign(verifiable: Verifiable, algorithm: str, kid: str, nonce: str, key: JWK, is_serialize=False): if not isinstance(verifiable, (VerifiableCredential, VerifiablePresentation)): raise ValidationError(param='verifiable', type_name=Verifiable) claims = verifiable.to_jwt_claims(nonce=nonce) if not kid or not isinstance(kid, str): raise ValidationError(param='kid', type_name=str) if not algorithm or not isinstance(algorithm, str): raise ValidationError(param='algorithm', type_name=str) header = {"kid": kid, "typ": "JWT", "alg": algorithm} jwts = jwt.JWT(header=header, claims=claims, algs=[algorithm]) jwts.make_signed_token(key) if is_serialize: return jwts.serialize() return jwts
def public_key_from_signature(message: str, signature: str) -> PublicKey: if signature.startswith("0x"): signature = signature[2:] bytes_sig = bytes.fromhex(signature) if not len(bytes_sig) == 65: raise ValidationError(param='signature', type_name='65 bytes') vrs = ( big_endian_to_int(bytes_sig[64:65]) - 27, big_endian_to_int(bytes_sig[0:32]), big_endian_to_int(bytes_sig[32:64]), ) sig = eth_keys.keys.Signature(vrs=vrs) pub_key = eth_keys.keys.ecdsa_recover(Web3.keccak(text=message), sig) return pub_key
def validate_did_format(did: str) -> str: if not isinstance(did, str): raise ValidationError(param='did', type_name=str) if not did.startswith("did:meta"): raise ValueError("invalid did format") return did
def credential_subject(self, c: dict): if not isinstance(c, dict): raise ValidationError(param='credential_subject', type_name=dict) self._credential_subject = c
def issuance_date(self, i: datetime.datetime): if not isinstance(i, datetime.datetime): raise ValidationError(param='issuance_date', type_name=datetime.datetime) if self.expiration_date and (i > self.expiration_date): raise RangeError(param='issuance_date', range='issuance_date > expiration_date') self._issuance_date = i
def issuer(self, i: str): if not isinstance(i, str): raise ValidationError(param='issuer', type_name=str) self._issuer = validate_did_format(i)
def contexts(self, c: dict): if not isinstance(c, dict): raise ValidationError(param='contexts', type_name=dict) self._contexts = c
def types(self, t: [str]): for data in t: if not isinstance(data, str): raise ValidationError(param='types', type_name=str) self._types = t
def id_(self, i: str): if i is not None: if not isinstance(i, str): raise ValidationError(param='id_', type_name=str) self._id = i