Skip to main content

signature and validation of verifiable credential and verifiable presentation

Project description

PyVckit

PyVckit is a library for:

  • sign verifiable credentials
  • verify verifiable credentials
  • generate verifiable presentations
  • verify verifiable submissions

This library is strongly inspired by SpruceId didkit and aims to maintain compatibility with it.

For now the supported cryptography is only EdDSA with a signature Ed25519Signature2018.

Install

For now the installation is from the repository:

    python -m venv env
    source env/bin/activate
    git clone https://github.com/eReuse/pyvckit.git
    cd pyvckit
    pip install -r requirements.txt
    pip install -e .

Cli

The mode of use under the command line would be the following:

generate a key pair:

    python pyvckit/did.py -n keys > keypair.json

generate a did identifier:

did key

  python pyvckit/did.py -n did -k keypair.json

did web

  python pyvckit/did.py -n did -k keypair.json -u https://localhost/user1/dids/

generate an example signed credential:

An example of a credential is generated, which is the one that appears in the credential_tmpl template in the file templates.py

    python pyvckit/sign_vc.py -k keypair.json > credential_signed.json

verify a signed credential:

    python pyvckit/verify_vc.py credential_signed.json

generate a verifiable presentation:

    python pyvckit/sign_vp.py -k keypair.json -c credential_signed.json > presentation_signed.json

verify a verifiable presentation:

    python pyvckit/verify_vp.py presentation_signed.json

creation of did document:

This command will create a json document and a url path where to place this document. The did must be a web did. This document is an example and in production it must be adapted to contain the revoked verifiable credentials.

  python pyvckit/did.py -k keypair.json -g did:web:localhost:did-registry:z6MkiNc8xqJLcG7QR1wzD9HPs5oPQEaWNcVf92QsbppNiB7C

Use as a library

In the tests you can find examples of use. Now I will explain the usual cases

generate a key pair:

    from pyvckit.did import generate_keys
    key = generate_keys()

generate a did identifier:

did key

    from pyvckit.did import generate_keys, generate_did
    key = generate_keys()
    did = generate_did(key)

did web

    from pyvckit.did import generate_keys, generate_did
    key = generate_keys()
    url = "https://localhost/user1/dids/"
    did = generate_did(key, url)

generate a signed credential:

Assuming credential is a valid credential. credential is a string variable

    from pyvckit.did import generate_keys, generate_did, get_signing_key
    from pyvckit.sign_vc import sign

    key = generate_keys()
    did = generate_did(key)
    signing_key = get_signing_key(key)
    vc = sign(credential, signing_key, did)

verify a signed credential:

Assuming vc is a properly signed verifiable credential

    import json
    from pyvckit.verify import verify_vc

    verified = verify_vc(json.dumps(vc))

generate a verifiable presentation:

    from pyvckit.did import generate_keys, generate_did, get_signing_key
    from pyvckit.sign_vp import sign_vp

    holder_key = generate_keys()
    holder_did = generate_did(holder_key)
    holder_signing_key = get_signing_key(holder_key)
    vp = sign_vp(holder_signing_key, holder_did, vc_string)

verify a verifiable presentation:

    from pyvckit.verify_vp import verify_vp
    verified = verify_vp(json.dumps(vp))

creation of did document:

This command will create a json document and a url path where to place this document. The did must be a web did. This document is an example and in production it must be adapted to contain the revoked verifiable credentials.

    from pyvckit.did import generate_keys, generate_did, gen_did_document

    key = generate_keys()
    url = "https://localhost/did-registry"
    did = generate_did(key, url)
    definitive_url, document = gen_did_document(did, key)

Differences with didkit from spruceId:

Although there is didkit support, there are some small differences in behavior.

Namespaces:

In didkit it is necessary to define in the context every name, (key) used in the credential or else both the signature and the verification will fail. In pyvckit if a name, (key) is used but is not defined in the context, then that signature or verification will filter out that part of the credential and ignore it as if it did not exist. The signature will be made by deleting that undefined part.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pyvckit-0.0.19.tar.gz (26.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

pyvckit-0.0.19-py3-none-any.whl (26.8 kB view details)

Uploaded Python 3

File details

Details for the file pyvckit-0.0.19.tar.gz.

File metadata

  • Download URL: pyvckit-0.0.19.tar.gz
  • Upload date:
  • Size: 26.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.13

File hashes

Hashes for pyvckit-0.0.19.tar.gz
Algorithm Hash digest
SHA256 45be9c384b14f470c8add8d42a0e28c48bcb819f133fa97f004896416affa2cf
MD5 a62fda230207ce8bc908f5cc729c5106
BLAKE2b-256 d0453c72b6169f1dfa58ced469dc84a504a75c80e4966b3c17d032e0618db176

See more details on using hashes here.

File details

Details for the file pyvckit-0.0.19-py3-none-any.whl.

File metadata

  • Download URL: pyvckit-0.0.19-py3-none-any.whl
  • Upload date:
  • Size: 26.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.13

File hashes

Hashes for pyvckit-0.0.19-py3-none-any.whl
Algorithm Hash digest
SHA256 db5bd673f31727f69a935eac67b5875a19c0baae3b8f2c08d3f23641b005cbc0
MD5 45fafe721312b02623a4252c388d8749
BLAKE2b-256 0d6954e2d6f0f7eb69dc1cf3dbff292f01532508c4ff0e18dcfb5a1ac1225bf5

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page