Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: external signature suite provider interface #2835

Merged

Conversation

dbluhm
Copy link
Contributor

@dbluhm dbluhm commented Mar 13, 2024

This PR adds a pluggable component enabling usage of an externally provided signature suite. This is a refinement on previous attempts to make this aspect of ACA-Py more flexible; namely, #2706 which was later reverted due to issues with including profile in the context and multi-tenancy. This approach minimizes the "surface area" of the interface that the plugin must fulfill (at least when compared to what was proposed in #2706).

This is an advanced use case requiring some fairly deep knowledge of the management of DIDs and VCs. I have an example implementation of using an external KMS for signing JSON-LD creds that can be found here: https://github.com/dbluhm/acapy-ld-signer

@dbluhm
Copy link
Contributor Author

dbluhm commented Mar 13, 2024

Presently, this external provider is only used for signing. Since verification can of course be done by anyone, there's no need to verify through a KMS, for instance. But that might be overlooking other scenarios that could be of interest. I'll leave this off for now and if a clear use case arises, it can be revisited then.

@swcurran
Copy link
Contributor

Haven’t looked too carefully at this, but I think at minimum some sort of document is needed (likely in docs/features) that covers this and at least a start at how to use it.

@ianco
Copy link
Contributor

ianco commented Mar 18, 2024

The update looks pretty straightforward but agree with @swcurran we need a doc describing the feature

@dbluhm dbluhm force-pushed the feature/external-ld-signer branch from 5052634 to d3ee92b Compare March 22, 2024 19:51
@dbluhm
Copy link
Contributor Author

dbluhm commented Mar 22, 2024

Basic docs, with a link to an example project, added!

dbluhm added 3 commits March 25, 2024 14:27
To make signing mechanisms for JSON-LD pluggable.

Signed-off-by: Daniel Bluhm <dbluhm@pm.me>
Signed-off-by: Daniel Bluhm <dbluhm@pm.me>
@dbluhm dbluhm force-pushed the feature/external-ld-signer branch from ebb86bf to e95e1d6 Compare March 25, 2024 18:27
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

@dbluhm dbluhm merged commit 3067337 into openwallet-foundation:main Mar 25, 2024
8 checks passed
@swcurran swcurran changed the title feat: external suite provider interface feat: external signature suite provider interface Apr 8, 2024
@jamshale jamshale mentioned this pull request Jul 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants