def verifiable_credentials(self, vcs: [str]):
if not isinstance(vcs, list):
raise ValidationError(param='verifiable_credentials',
type_name=list)
for vc in vcs:
if not isinstance(vc, str):
raise ValidationError(param='raw_vc', type_name=str)
if not vc.count('.') == 2:
raise ValueError("VC format unrecognized")
self._verifiable_credentials = vcs
def expiration_date(self, e: datetime.datetime):
if e is not None:
if not isinstance(e, datetime.datetime):
raise ValidationError(param='expiration_date', type_name=datetime.datetime)
if self.issuance_date and (e < self.issuance_date):
raise RangeError(param='expiration_date', range='expiration_date < issuance_date')
self._expiration_date = e
def __verify(token: str, algorithm: str, key: JWK, return_claims=False):
if not isinstance(key, JWK):
raise InvalidJWKType
if not algorithm or not isinstance(algorithm, str):
raise ValidationError(param='algorithm', type_name=str)
verifier = jwt.JWT(algs=[algorithm])
verifier.deserialize(jwt=token, key=key)
if return_claims:
return verifier.claims
return verifier
def __sign(verifiable: Verifiable,
algorithm: str,
kid: str,
nonce: str,
key: JWK,
is_serialize=False):
if not isinstance(verifiable,
(VerifiableCredential, VerifiablePresentation)):
raise ValidationError(param='verifiable', type_name=Verifiable)
claims = verifiable.to_jwt_claims(nonce=nonce)
if not kid or not isinstance(kid, str):
raise ValidationError(param='kid', type_name=str)
if not algorithm or not isinstance(algorithm, str):
raise ValidationError(param='algorithm', type_name=str)
header = {"kid": kid, "typ": "JWT", "alg": algorithm}
jwts = jwt.JWT(header=header, claims=claims, algs=[algorithm])
jwts.make_signed_token(key)
if is_serialize:
return jwts.serialize()
return jwts
def public_key_from_signature(message: str, signature: str) -> PublicKey:
if signature.startswith("0x"):
signature = signature[2:]
bytes_sig = bytes.fromhex(signature)
if not len(bytes_sig) == 65:
raise ValidationError(param='signature', type_name='65 bytes')
vrs = (
big_endian_to_int(bytes_sig[64:65]) - 27,
big_endian_to_int(bytes_sig[0:32]),
big_endian_to_int(bytes_sig[32:64]),
)
sig = eth_keys.keys.Signature(vrs=vrs)
pub_key = eth_keys.keys.ecdsa_recover(Web3.keccak(text=message), sig)
return pub_key
def validate_did_format(did: str) -> str:
if not isinstance(did, str):
raise ValidationError(param='did', type_name=str)
if not did.startswith("did:meta"):
raise ValueError("invalid did format")
return did
def credential_subject(self, c: dict):
if not isinstance(c, dict):
raise ValidationError(param='credential_subject', type_name=dict)
self._credential_subject = c
def issuance_date(self, i: datetime.datetime):
if not isinstance(i, datetime.datetime):
raise ValidationError(param='issuance_date', type_name=datetime.datetime)
if self.expiration_date and (i > self.expiration_date):
raise RangeError(param='issuance_date', range='issuance_date > expiration_date')
self._issuance_date = i
def issuer(self, i: str):
if not isinstance(i, str):
raise ValidationError(param='issuer', type_name=str)
self._issuer = validate_did_format(i)
def contexts(self, c: dict):
if not isinstance(c, dict):
raise ValidationError(param='contexts', type_name=dict)
self._contexts = c
def types(self, t: [str]):
for data in t:
if not isinstance(data, str):
raise ValidationError(param='types', type_name=str)
self._types = t
def id_(self, i: str):
if i is not None:
if not isinstance(i, str):
raise ValidationError(param='id_', type_name=str)
self._id = i