Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

wallet provider APIs / remote signature #2713

Open
ThierryThevenet opened this issue Jun 10, 2024 · 0 comments
Open

wallet provider APIs / remote signature #2713

ThierryThevenet opened this issue Jun 10, 2024 · 0 comments
Assignees
@ThierryThevenet

Comments

@ThierryThevenet
Copy link
Member

ThierryThevenet commented Jun 10, 2024
edited
Loading

IN PROGRESS

This ticket allows user to sign with a key stored in a remote HSM (for business wallet or individual wallet).

Wallet request remote signing

Check the flow https://swimlanes.io/u/Rt5vg-FWI

  1. issuance or presentation of VC requests a remote signature
  2. Wallet calls nonce endpoint
    see Update of the wallet provider APIs / Initalisation, authentication and configuration update #2704
  3. Wallet authenticates to the wallet provider back end
    see Update of the wallet provider APIs / Initalisation, authentication and configuration update #2704
  4. Wallet calls the sign endpoint

Use DPoP built and signed as previously (see API update-configuration). DPoP must integrate the specific attributes as hash of the token, url of the request endpoint,...

In the body of the POST :
message is the message to sign in base64url safe format (usually a hash)
kid is the identifier of the key to be used to sign

POST /signHash HTTP/1.1
Host: wallet-provider.talao.co 
Authorization: Bearer <token>
DPoP: eyljhlkjghlkjgh56....
Content-Type: 'application/x-www-form-urlencoded'

message=<base64 url safe (message)>
&kid=LKJGFFFJ567875VJKHG

Wallet provider portal responds with signed message or 401

HTTP/1.1 200 OK
Content-Type: application/json

{
  "signed_message": "d2JhY2NhbG91cmVqdWFuZGFt"
}
@ThierryThevenet ThierryThevenet self-assigned this Jun 10, 2024
@ThierryThevenet ThierryThevenet changed the title Update of the wallet provider APIs / Signature wallet provider APIs / remote signature Jun 11, 2024
@ThierryThevenet ThierryThevenet mentioned this issue Jun 12, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ThierryThevenet ThierryThevenet

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ThierryThevenet