Merge pull request #98 from sicpa-dlab/main

Publish v0.3.2

Author: yvgny

tox.ini .flake8

@@ -1,15 +1,3 @@
-[tox]
-isolated_build = true
-envlist =
-    py{310,39,38,37}
-skip_missing_interpreters = true
-
-[testenv]
-whitelist_externals = poetry
-commands =
-    poetry install -v
-    poetry run pytest
-
 [flake8]
 # set the same as 'black' uses
 max-line-length = 88

.github/workflows/verify.yml

@@ -88,30 +88,23 @@ jobs:
   unit:
     strategy:
       matrix:
-        python-version: [ '3.7', '3.8', '3.9', '3.10' ]
+        python-version: [ '3.7', '3.8', '3.9', '3.10', '3.11' ]
         os: [ ubuntu-latest, windows-latest, macos-latest ]
-        include:
-          - {python-version: '3.10', toxenv: py310}
-          - {python-version: '3.9', toxenv: py39}
-          - {python-version: '3.8', toxenv: py38}
-          - {python-version: '3.7', toxenv: py37}
     runs-on: ${{ matrix.os }}
     steps:
       - uses: actions/checkout@v3
 
-      - name: Install poetry
-        run: pipx install poetry
-
       - name: Set up Python ${{ matrix.python-version }}
         id: setup
         uses: actions/setup-python@v4
         with:
           python-version: ${{ matrix.python-version }}
-          cache: 'poetry'
+
+      - name: Install poetry
+        run: pipx install poetry --python ${{ steps.setup.outputs.python-path }}
 
       - name: Install dependencies
-        if: steps.setup.outputs.cache-hit != 'true'
         run: poetry install
 
       - name: Test with pytest
-        run: poetry run tox -e ${{ matrix.toxenv }}
+        run: poetry run pytest

README.md

@@ -74,34 +74,66 @@ See `pack_encrypted` documentation for more details.
 
 ```
 # ALICE
-message = Message(body={"aaa": 1, "bbb": 2},
-                  id="1234567890", type="my-protocol/1.0",
-                  frm=ALICE_DID, to=[BOB_DID])
-pack_result = await pack_encrypted(message=message, frm=ALICE_DID, to=BOB_DID)
+message = Message(
+    body={"aaa": 1, "bbb": 2},
+    id="1234567890",
+    type="my-protocol/1.0",
+    frm=ALICE_DID,
+    to=[BOB_DID],
+)
+pack_result = await pack_encrypted(
+    resolvers_config=resolvers_config_alice,
+    message=message,
+    frm=ALICE_DID,
+    to=BOB_DID,
+    pack_config=PackEncryptedConfig(),
+)
 packed_msg = pack_result.packed_msg
 print(f"Sending ${packed_msg} to ${pack_result.service_metadata.service_endpoint}")
 
 # BOB
-unpack_result = await unpack(packed_msg)
+unpack_result = await unpack(resolvers_config_bob, packed_msg)
 print(f"Got ${unpack_result.message} message")
 ```
 
 **Anonymous encryption** example:
 
 ```
-message = Message(body={"aaa": 1, "bbb": 2},
-                  id="1234567890", type="my-protocol/1.0",
-                  frm=ALICE_DID, to=[BOB_DID])
-pack_result = await pack_encrypted(message=message, to=BOB_DID)
+message = Message(
+    body={"aaa": 1, "bbb": 2},
+    id="1234567890",
+    type="my-protocol/1.0",
+    frm=ALICE_DID,
+    to=[BOB_DID],
+)
+
+pack_result = await pack_encrypted(
+    resolvers_config=resolvers_config_alice,
+    message=message,
+    to=BOB_DID,
+    pack_config=PackEncryptedConfig(),
+)
 ```
 
 **Encryption with non-repudiation** example:
 
 ```
-message = Message(body={"aaa": 1, "bbb": 2},
-                  id="1234567890", type="my-protocol/1.0",
-                  frm=ALICE_DID, to=[BOB_DID])
-pack_result = await pack_encrypted(message=message, frm=ALICE_DID, to=BOB_DID, sign_frm=ALICE_DID)
+message = Message(
+    body={"aaa": 1, "bbb": 2},
+    id="1234567890",
+    type="my-protocol/1.0",
+    frm=ALICE_DID,
+    to=[BOB_DID],
+)
+
+pack_result = await pack_encrypted(
+    resolvers_config=resolvers_config_alice,
+    message=message,
+    frm=ALICE_DID,
+    sign_frm=ALICE_DID,
+    to=BOB_DID,
+    pack_config=PackEncryptedConfig(),
+)
 ```
 
 ### 2. Build an unencrypted but Signed DIDComm message
@@ -118,15 +150,23 @@ See `pack_signed` documentation for more details.
 
 ```
 # ALICE
-message = Message(body={"aaa": 1, "bbb": 2},
-                  id="1234567890", type="my-protocol/1.0",
-                  frm=ALICE_DID, to=[BOB_DID])
-packed_msg = await pack_signed(message=message, sign_frm=ALICE_DID)
+message = Message(
+    body={"aaa": 1, "bbb": 2},
+    id="1234567890",
+    type="my-protocol/1.0",
+    frm=ALICE_DID,
+    to=[BOB_DID],
+)
+pack_result = await pack_signed(
+    resolvers_config=resolvers_config_alice,
+    message=message,
+    sign_frm=ALICE_DID
+)
 packed_msg = pack_result.packed_msg
 print(f"Publishing ${packed_msg}")
 
 # BOB
-unpack_result = await unpack(packed_msg)
+unpack_result = await unpack(resolvers_config_bob, packed_msg)
 print(f"Got ${unpack_result.message} message signed as ${unpack_result.metadata.signed_message}")
 ```
 
@@ -141,15 +181,19 @@ They are therefore not normally transported across security boundaries.
 
 ```
 # ALICE
-message = Message(body={"aaa": 1, "bbb": 2},
-                  id="1234567890", type="my-protocol/1.0",
-                  frm=ALICE_DID, to=[BOB_DID])
-packed_msg = await pack_plaintext(message)
-print(f"Publishing ${packed_msg}")
+message = Message(
+    body={"aaa": 1, "bbb": 2},
+    id="1234567890",
+    type="my-protocol/1.0",
+    frm=ALICE_DID,
+    to=[BOB_DID],
+)
+pack_result = await pack_plaintext(resolvers_config=resolvers_config_alice, message)
+print(f"Publishing ${pack_result.packed_msg}")
 
 # BOB
-unpack_result = await unpack(packed_msg)
-print(f"Got ${unpack_result.plaintext} message")
+unpack_result = await unpack(resolvers_config_bob, pack_result.packed_msg)
+print(f"Got ${unpack_result.message} message")
 ```
 
 ## Contribution

didcomm/__init__.py

@@ -1 +1,113 @@
-__version__ = "0.3.0"
+__version__ = "0.3.1"
+
+from didcomm.common.algorithms import AnonCryptAlg, AuthCryptAlg, SignAlg
+from didcomm.common.resolvers import ResolversConfig
+from didcomm.common.types import (
+    DIDCommMessageMediaTypes,
+    DIDCommMessageProtocolTypes,
+    DIDCommMessageTypes,
+    DIDDocServiceTypes,
+    VerificationMethodType,
+    VerificationMaterial,
+    VerificationMaterialFormat,
+)
+from didcomm.did_doc.did_doc import DIDDoc, DIDCommService, VerificationMethod
+from didcomm.did_doc.did_resolver import DIDResolver
+from didcomm.did_doc.did_resolver_in_memory import DIDResolverInMemory
+from didcomm.message import (
+    Attachment,
+    AttachmentDataBase64,
+    AttachmentDataJson,
+    AttachmentDataLinks,
+    FromPrior,
+    GenericMessage,
+    Message,
+)
+from didcomm.pack_encrypted import (
+    pack_encrypted,
+    PackEncryptedConfig,
+    PackEncryptedParameters,
+    PackEncryptedResult,
+)
+from didcomm.pack_plaintext import (
+    pack_plaintext,
+    PackPlaintextParameters,
+    PackPlaintextResult,
+)
+from didcomm.pack_signed import pack_signed, PackSignedParameters, PackSignedResult
+from didcomm.protocols.routing.forward import (
+    is_forward,
+    unpack_forward,
+    wrap_in_forward,
+    ForwardBody,
+    ForwardMessage,
+    ForwardPackResult,
+    ForwardResult,
+)
+from didcomm.unpack import unpack, Metadata, UnpackConfig, UnpackResult
+from didcomm.secrets.secrets_resolver import Secret, SecretsResolver
+from didcomm.secrets.secrets_resolver_in_memory import SecretsResolverInMemory
+
+__all__ = [
+    # didcomm.common.algorithms
+    "AnonCryptAlg",
+    "AuthCryptAlg",
+    "SignAlg",
+    # didcomm.common.resolvers
+    "ResolversConfig",
+    # didcomm.common.types
+    "DIDCommMessageMediaTypes",
+    "DIDCommMessageProtocolTypes",
+    "DIDCommMessageTypes",
+    "DIDDocServiceTypes",
+    "VerificationMethodType",
+    "VerificationMaterial",
+    "VerificationMaterialFormat",
+    # didcomm.did_doc.did_doc
+    "DIDDoc",
+    "DIDCommService",
+    "VerificationMethod",
+    # didcomm.did_doc.did_resolver
+    "DIDResolver",
+    # did_resolver_in_memory
+    "DIDResolverInMemory",
+    # didcomm.message
+    "Attachment",
+    "AttachmentDataBase64",
+    "AttachmentDataJson",
+    "AttachmentDataLinks",
+    "FromPrior",
+    "GenericMessage",
+    "Message",
+    # didcomm.pack_encrypted
+    "pack_encrypted",
+    "PackEncryptedConfig",
+    "PackEncryptedParameters",
+    "PackEncryptedResult",
+    # didcomm.pack_plaintext
+    "pack_plaintext",
+    "PackPlaintextParameters",
+    "PackPlaintextResult",
+    # didcomm.pack_signed
+    "pack_signed",
+    "PackSignedParameters",
+    "PackSignedResult",
+    # didcomm.protocols.routing.forward
+    "is_forward",
+    "unpack_forward",
+    "wrap_in_forward",
+    "ForwardBody",
+    "ForwardMessage",
+    "ForwardPackResult",
+    "ForwardResult",
+    # didcomm.unpack
+    "unpack",
+    "Metadata",
+    "UnpackConfig",
+    "UnpackResult",
+    # didcomm.secrets.secrets_resolver
+    "Secret",
+    "SecretsResolver",
+    # didcomm.secrets.secrets_resolver_in_memory
+    "SecretsResolverInMemory",
+]

didcomm/common/types.py

@@ -3,26 +3,26 @@
 from dataclasses import dataclass
 from enum import Enum
 from typing import Dict, Any, Union, List
+from pydid.did import DID, DIDUrl
 
 JSON_OBJ = Dict[str, Any]
-JSON_VALUE = Union[None, str, int, bool, float, JSON_OBJ, List[Any]]
+JSON_VALUE = Union[type(None), str, int, bool, float, Dict, List]
 JSON = str
 JWK = JSON
 JWT = JSON
 JWS = JSON
-DID = str
-DID_URL = str
+DID_URL = DIDUrl
 DID_OR_DID_URL = Union[DID, DID_URL]
 
 
-class VerificationMethodType(Enum):
-    JSON_WEB_KEY_2020 = 1
-    X25519_KEY_AGREEMENT_KEY_2019 = 2
-    ED25519_VERIFICATION_KEY_2018 = 3
-    X25519_KEY_AGREEMENT_KEY_2020 = 4
-    ED25519_VERIFICATION_KEY_2020 = 5
-    # ECDSA_SECP_256K1_VERIFICATION_KEY_2019 = 6 - not supported now
-    OTHER = 1000
+class VerificationMethodType:
+    JSON_WEB_KEY_2020 = "JsonWebKey2020"
+    X25519_KEY_AGREEMENT_KEY_2019 = "X25519KeyAgreementKey2019"
+    ED25519_VERIFICATION_KEY_2018 = "Ed25519VerificationKey2018"
+    X25519_KEY_AGREEMENT_KEY_2020 = "X25519KeyAgreementKey2020"
+    ED25519_VERIFICATION_KEY_2020 = "Ed25519VerificationKey2020"
+    # ECDSA_SECP_256K1_VERIFICATION_KEY_2019 = "EcdsaSecp256k1VerificationKey2019" - not supported now
+    OTHER = "Other"
 
 
 class VerificationMaterialFormat(Enum):
@@ -65,7 +65,6 @@ class DIDCommMessageProtocolTypes(Enum):
 
 
 class JOSEFields:
-
     # JOSE Header fields as defined in JWS and JWE specs
     # (RFCs 7515, 7516, 7518, 7519, 7797, 8225, 8555)
     # https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-header-parameters

didcomm/core/defaults.py

@@ -2,4 +2,4 @@
 
 
 DEF_ENC_ALG_AUTH: AuthCryptAlg = AuthCryptAlg.A256CBC_HS512_ECDH_1PU_A256KW
-DEF_ENC_ALG_ANON: AuthCryptAlg = AnonCryptAlg.XC20P_ECDH_ES_A256KW
+DEF_ENC_ALG_ANON: AnonCryptAlg = AnonCryptAlg.XC20P_ECDH_ES_A256KW

didcomm/core/from_prior.py

@@ -7,7 +7,12 @@
 from didcomm.common.resolvers import ResolversConfig
 from didcomm.common.types import DID_URL
 from didcomm.core.keys.sign_keys_selector import find_signing_key, find_verification_key
-from didcomm.core.utils import extract_key, extract_sign_alg, is_did_url, get_did
+from didcomm.core.utils import (
+    extract_key,
+    extract_sign_alg,
+    is_did_with_uri_fragment,
+    get_did,
+)
 from didcomm.errors import (
     MalformedMessageError,
     MalformedMessageCode,
@@ -121,9 +126,9 @@ def __extract_from_prior_kid(from_prior_jwt: str) -> DID_URL:
         from_prior_jwt = to_bytes(from_prior_jwt)
         protected_segment = from_prior_jwt.split(b".")[0]
         protected = json_loads(urlsafe_b64decode(protected_segment).decode("utf-8"))
-        if not is_did_url(protected.get("kid")):
+        if not is_did_with_uri_fragment(protected.get("kid")):
             raise DIDCommValueError(
-                f"from_prior `kid` value is not a valid DID URL: {protected.get('kid')}"
+                f"from_prior `kid` value is not a valid DID URL containing a fragment: {protected.get('kid')}"
             )
         return protected["kid"]
     except Exception as exc:

didcomm/core/keys/anoncrypt_keys_selector.py

@@ -59,7 +59,7 @@ async def _find_anoncrypt_pack_recipient_public_keys_by_kid(
     if did_doc is None:
         raise DIDDocNotResolvedError(to_did)
 
-    if to_kid not in did_doc.key_agreement_kids:
+    if not did_doc.key_agreement or to_kid not in did_doc.key_agreement:
         raise DIDUrlNotFoundError(
             f"DID URL `{to_kid}` is not found in keyAgreement verification relationships of DID `{to_did}`"
         )
@@ -78,7 +78,7 @@ async def _find_anoncrypt_pack_recipient_public_keys_by_did(
     if did_doc is None:
         raise DIDDocNotResolvedError(to_did)
 
-    kids = did_doc.key_agreement_kids
+    kids = did_doc.key_agreement
     if not kids:
         raise DIDUrlNotFoundError(
             f"No keyAgreement verification relationships are found for DID `{to_did}`"