oydid 0.2.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 84460bc149df8e10a4f5094879894399bd3d6670ff5ef1fc8c500811af5fb5e2
+  data.tar.gz: 3515b7f22cf286b3abda13299fd15a6a713f39a2048c8f1d3553f36832577e24
+SHA512:
+  metadata.gz: 1eadd2c6dfba9ef8788e72514b3c12561e8628a20c6fc14bb21172d3777227bde42accb6dfe5cda14ccdeb027cb53415c179193cbd70bf1fa637b1bfe1208078
+  data.tar.gz: 9e0f47ca1316e508faf65af727afb8a61de3a89e023d789d21ce69ca9328da46f4d1c9a197ee7486aba3c460476112bebf919803c26b7f0c06896f911b1ecfa6

data/AUTHORS

@@ -0,0 +1 @@
+* Christoph Fabianek <christoph@ownyourdata.eu>

data/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2022 OwnYourData
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,5 @@
+# OYDID Gem
+
+[![Gem Version](https://badge.fury.io/rb/oydid.png)](http://badge.fury.io/rb/oydid)
+[![Build Status](https://github.com/ownyourdata/oydid/workflows/CI/badge.svg)](https://github.com/ownyourdata/oydid/actions?query=workflow%3ACI)
+[![Coverage Status](https://coveralls.io/repos/github/OwnYourData/oydid/badge.svg?branch=main)](https://coveralls.io/github/OwnYourData/oydid?branch=main)

data/VERSION

@@ -0,0 +1 @@
+0.2.0

data/lib/oydid/basic.rb

@@ -0,0 +1,212 @@
+# -*- encoding: utf-8 -*-
+# frozen_string_literal: true
+
+class Oydid
+
+    # basic functions ---------------------------
+    def self.encode(message, method = "base58btc")
+        Multibases.pack(method, message).to_s
+    end
+
+    def self.decode(message)
+        Multibases.unpack(message).decode.to_s('ASCII-8BIT')
+    end
+
+    def self.hash(message)
+        encode(Multihashes.encode(RbNaCl::Hash.sha256(message), "sha2-256").unpack('C*'))
+    end
+
+    def self.canonical(message)
+        if message.is_a? String
+            message = JSON.parse(message) rescue message
+        else
+            message = JSON.parse(message.to_json) rescue message
+        end
+        message.to_json_c14n
+    end
+
+    # key management ----------------------------
+    def self.generate_private_key(input, method = "ed25519-priv")
+        begin
+            omc = Multicodecs[method].code
+        rescue
+            return [nil, "unknown key codec"]
+        end
+        
+        case Multicodecs[method].name 
+        when 'ed25519-priv'
+            if input != ""
+                raw_key = Ed25519::SigningKey.new(RbNaCl::Hash.sha256(input)).to_bytes
+            else
+                raw_key = Ed25519::SigningKey.generate.to_bytes
+            end
+        else
+            return [nil, "unsupported key codec"]
+        end
+        length = raw_key.bytesize
+        return [encode([omc, length, raw_key].pack("SCa#{length}")), ""]
+    end
+
+    def self.public_key(private_key)
+        code, length, digest = decode(private_key).unpack('SCa*')
+        case Multicodecs[code].name
+        when 'ed25519-priv'
+            public_key = Ed25519::SigningKey.new(digest).verify_key
+            length = public_key.to_bytes.bytesize
+            return [encode([Multicodecs['ed25519-pub'].code, length, public_key].pack("CCa#{length}")), ""]
+        else
+            return [nil, "unsupported key codec"]
+        end
+    end
+
+    def self.sign(message, private_key)
+        code, length, digest = decode(private_key).unpack('SCa*')
+        case Multicodecs[code].name
+        when 'ed25519-priv'
+            return [encode(Ed25519::SigningKey.new(digest).sign(message)), ""]
+        else
+            return [nil, "unsupported key codec"]
+        end
+    end
+
+    def self.verify(message, signature, public_key)
+        begin
+            code, length, digest = decode(public_key).unpack('CCa*')
+            case Multicodecs[code].name
+            when 'ed25519-pub'
+                verify_key = Ed25519::VerifyKey.new(digest)
+                signature_verification = false
+                begin
+                    verify_key.verify(decode(signature), message)
+                    signature_verification = true
+                rescue Ed25519::VerifyError
+                    signature_verification = false
+                end
+                return [signature_verification, ""]
+            else
+                return [nil, "unsupported key codec"]
+            end
+        rescue
+            return [nil, "unknown key codec"]
+        end
+    end
+
+    def self.read_private_key(filename)
+        begin
+            f = File.open(filename)
+            key_encoded = f.read
+            f.close
+        rescue
+            return [nil, "cannot read file"]
+        end
+        decode_private_key(key_encoded)
+    end
+
+    def self.decode_private_key(key_encoded)
+        begin
+            code, length, digest = decode(key_encoded).unpack('SCa*')
+            case Multicodecs[code].name
+            when 'ed25519-priv'
+                private_key = Ed25519::SigningKey.new(digest).to_bytes
+            else
+                return [nil, "unsupported key codec"]
+            end
+            length = private_key.bytesize
+            return [Oydid.encode([code, length, private_key].pack("SCa#{length}")), ""]
+        rescue
+            return [nil, "invalid key"]
+        end
+    end
+
+    # storage functions -----------------------------
+    def self.write_private_storage(payload, filename)
+        File.open(filename, 'w') {|f| f.write(payload)}
+    end
+
+    def self.read_private_storage(filename)
+        File.open(filename, 'r') { |f| f.read }
+    end
+
+    def self.get_location(id)
+        if id.include?(LOCATION_PREFIX)
+            id_split = id.split(LOCATION_PREFIX)
+            return id_split[1]
+        else
+            if id.include?(CGI.escape(LOCATION_PREFIX))
+                id_split = id.split(CGI.escape(LOCATION_PREFIX))
+                return id_split[1]
+            else
+                return DEFAULT_LOCATION
+            end
+        end
+    end
+
+    def self.retrieve_document(doc_hash, doc_file, doc_location, options)
+        if doc_location == ""
+            doc_location = DEFAULT_LOCATION
+        end
+        if !(doc_location == "" || doc_location == "local")
+            if !doc_location.start_with?("http")
+                doc_location = "https://" + doc_location
+            end
+        end
+
+        case doc_location
+        when /^http/
+            retVal = HTTParty.get(doc_location + "/doc/" + doc_hash)
+            if retVal.code != 200
+                msg = retVal.parsed_response("error").to_s rescue "invalid response from " + doc_location.to_s + "/doc/" + doc_hash.to_s
+                return [nil, msg]
+            end
+            if options.transform_keys(&:to_s)["trace"]
+                if options[:silent].nil? || !options[:silent]
+                    puts "GET " + doc_hash + " from " + doc_location
+                end
+            end
+            return [retVal.parsed_response, ""]
+        when "", "local"
+            doc = JSON.parse(read_private_storage(doc_file)) rescue {}
+            if doc == {}
+                return [nil, "cannot read file"]
+            else
+                return [doc, ""]
+            end
+        end
+    end
+
+    def self.retrieve_document_raw(doc_hash, doc_file, doc_location, options)
+        if doc_location == ""
+            doc_location = DEFAULT_LOCATION
+        end
+        if !(doc_location == "" || doc_location == "local")
+            if !doc_location.start_with?("http")
+                doc_location = "https://" + doc_location
+            end
+        end
+
+        case doc_location
+        when /^http/
+            retVal = HTTParty.get(doc_location + "/doc_raw/" + doc_hash)
+            if retVal.code != 200
+                msg = retVal.parsed_response("error").to_s rescue "invalid response from " + doc_location.to_s + "/doc/" + doc_hash.to_s
+                return [nil, msg]
+            end
+            if options.transform_keys(&:to_s)["trace"]
+                if options[:silent].nil? || !options[:silent]
+                    puts "GET " + doc_hash + " from " + doc_location
+                end
+            end
+            return [retVal.parsed_response, ""]
+        when "", "local"
+            doc = JSON.parse(read_private_storage(doc_file)) rescue {}
+            log = JSON.parse(read_private_storage(doc_file.sub(".doc", ".log"))) rescue {}
+            if doc == {}
+                return [nil, "cannot read file"]
+            else
+                obj = {"doc" => doc, "log" => log}
+                return [obj, ""]
+            end
+        end
+    end
+
+end

data/lib/oydid/log.rb

@@ -0,0 +1,391 @@
+# -*- encoding: utf-8 -*-
+# frozen_string_literal: true
+
+class Oydid
+    # log functions -----------------------------
+    def self.add_hash(log)
+        log.map do |item|
+            i = item.dup
+            i.delete("previous")
+            item["entry-hash"] = hash(canonical(item))
+            if item.transform_keys(&:to_s)["op"] == 1
+                item["sub-entry-hash"] = hash(canonical(i))
+            end
+            item
+        end
+    end
+
+    # check if signature matches current document
+    # check if signature in log is correct
+    def self.match_log_did?(log, doc)
+        message = log["doc"].to_s
+        signature = log["sig"].to_s
+        public_keys = doc["key"].to_s
+        public_key = public_keys.split(":")[0] rescue ""
+        return verify(message, signature, public_key).first
+    end
+
+    def self.retrieve_log(did_hash, log_file, log_location, options)
+        if log_location == ""
+            log_location = DEFAULT_LOCATION
+        end
+        if !(log_location == "" || log_location == "local")
+            if !log_location.start_with?("http")
+                log_location = "https://" + log_location
+            end
+        end
+
+        case log_location
+        when /^http/
+            retVal = HTTParty.get(log_location + "/log/" + did_hash)
+            if retVal.code != 200
+                msg = retVal.parsed_response("error").to_s rescue 
+                        "invalid response from " + log_location.to_s + "/log/" + did_hash.to_s
+
+                return [nil, msg]
+            end
+            if options.transform_keys(&:to_s)["trace"]
+                if options[:silent].nil? || !options[:silent]
+                    puts "GET log for " + did_hash + " from " + log_location
+                end
+            end
+            retVal = JSON.parse(retVal.to_s) rescue nil
+            return [retVal, ""]
+        when "", "local"
+            doc = JSON.parse(read_private_storage(log_file)) rescue {}
+            if doc == {}
+                return [nil, "cannot read file '" + log_file + "'"]
+            end
+            return [doc, ""]
+        end
+    end
+
+    def self.dag_did(logs, options)
+        dag = DAG.new
+        dag_log = []
+        log_hash = []
+        
+        # calculate hash values for each entry and build vertices
+        i = 0
+        create_entries = 0
+        create_index = nil
+        terminate_indices = []
+        logs.each do |el|
+            if el["op"].to_i == 2
+                create_entries += 1
+                create_index = i
+            end
+            if el["op"].to_i == 0
+                terminate_indices << i
+            end
+            log_hash << Oydid.hash(Oydid.canonical(el))
+            dag_log << dag.add_vertex(id: i)
+            i += 1
+        end unless logs.nil?
+
+        if create_entries != 1
+            return [nil, nil, nil, "wrong number of CREATE entries (" + create_entries.to_s + ") in log" ]
+        end
+        if terminate_indices.length == 0
+            return [nil, nil, nil, "missing TERMINATE entries" ]
+        end 
+
+        # create edges between vertices
+        i = 0
+        logs.each do |el|
+            el["previous"].each do |p|
+                position = log_hash.find_index(p)
+                if !position.nil?
+                    dag.add_edge from: dag_log[position], to: dag_log[i]
+                end
+            end unless el["previous"] == []
+            i += 1
+        end unless logs.nil?
+
+        # identify tangling TERMINATE entry
+        i = 0
+        terminate_entries = 0
+        terminate_overall = 0
+        terminate_index = nil
+        logs.each do |el|
+            if el["op"].to_i == 0
+                if dag.vertices[i].successors.length == 0
+                    terminate_entries += 1
+                    terminate_index = i
+                end
+                terminate_overall += 1
+            end
+            i += 1
+        end unless logs.nil?
+
+        if terminate_entries != 1 && !options[:log_complete]
+            if options[:silent].nil? || !options[:silent]
+                return [nil, nil, nil, "cannot resolve DID" ]
+            end
+        end 
+        return [dag, create_index, terminate_index, ""]
+    end
+
+    def self.dag2array(dag, log_array, index, result, options)
+        if options.transform_keys(&:to_s)["trace"]
+            if options[:silent].nil? || !options[:silent]
+                puts "    vertex " + index.to_s + " at " + log_array[index]["ts"].to_s + " op: " + log_array[index]["op"].to_s + " doc: " + log_array[index]["doc"].to_s
+            end
+        end
+        result << log_array[index]
+        dag.vertices[index].successors.each do |s|
+            # check if successor has predecessor that is not self (i.e. REVOKE with TERMINATE)
+            s.predecessors.each do |p|
+                if p[:id] != index
+                    if options.transform_keys(&:to_s)["trace"]
+                        if options[:silent].nil? || !options[:silent]
+                            puts "    vertex " + p[:id].to_s + " at " + log_array[p[:id]]["ts"].to_s + " op: " + log_array[p[:id]]["op"].to_s + " doc: " + log_array[p[:id]]["doc"].to_s
+                        end
+                    end
+                    result << log_array[p[:id]]
+                end
+            end unless s.predecessors.length < 2
+            dag2array(dag, log_array, s[:id], result, options)
+        end unless dag.vertices[index].successors.count == 0
+        result
+    end
+
+    def self.dag_update(currentDID, options)
+        i = 0
+        initial_did = currentDID["did"].to_s
+        initial_did = initial_did.delete_prefix("did:oyd:")
+        initial_did = initial_did.split("@").first
+        current_public_doc_key = ""
+        verification_output = false
+        currentDID["log"].each do |el|
+            case el["op"]
+            when 2,3 # CREATE, UPDATE
+                currentDID["doc_log_id"] = i
+
+                doc_did = el["doc"]
+                doc_location = get_location(doc_did)
+                did_hash = doc_did.delete_prefix("did:oyd:")
+                did_hash = did_hash.split("@").first
+                did10 = did_hash[0,10]
+                doc = retrieve_document_raw(doc_did, did10 + ".doc", doc_location, {})
+                if doc.first.nil?
+                    currentDID["error"] = 2
+                    msg = doc.last.to_s
+                    if msg == ""
+                        msg = "cannot retrieve " + doc_did.to_s
+                    end
+                    currentDID["message"] = msg
+                    return currentDID
+                end
+                doc = doc.first["doc"]
+                if el["op"] == 2 # CREATE
+                    if !match_log_did?(el, doc)
+                        currentDID["error"] = 1
+                        currentDID["message"] = "Signatures in log don't match"
+                        return currentDID
+                    end
+                end
+                currentDID["did"] = doc_did
+                currentDID["doc"] = doc
+                # since hash is guaranteed during retrieve_document this check is not necessary
+                # if hash(canonical(doc)) != did_hash
+                #     currentDID["error"] = 1
+                #     currentDID["message"] = "DID identifier and DID document don't match"
+                #     if did_hash == initial_did
+                #         verification_output = true
+                #     end
+                #     if verification_output
+                #         currentDID["verification"] += "identifier: " + did_hash.to_s + "\n"
+                #         currentDID["verification"] += "⛔ does not match DID Document:" + "\n"
+                #         currentDID["verification"] += JSON.pretty_generate(doc) + "\n"
+                #         currentDID["verification"] += "(Details: https://ownyourdata.github.io/oydid/#calculate_hash)" + "\n\n"
+                #     end
+                #     return currentDID
+                # end
+                if did_hash == initial_did
+                    verification_output = true
+                end
+                if verification_output
+                    currentDID["verification"] += "identifier: " + did_hash.to_s + "\n"
+                    currentDID["verification"] += "✅ is hash of DID Document:" + "\n"
+                    currentDID["verification"] += JSON.pretty_generate(doc) + "\n"
+                    currentDID["verification"] += "(Details: https://ownyourdata.github.io/oydid/#calculate_hash)" + "\n\n"
+                end
+                current_public_doc_key = currentDID["doc"]["key"].split(":").first rescue ""
+
+            when 0 # TERMINATE
+                currentDID["termination_log_id"] = i
+
+                doc_did = currentDID["did"]
+                doc_location = get_location(doc_did)
+                did_hash = doc_did.delete_prefix("did:oyd:")
+                did_hash = did_hash.split("@").first
+                did10 = did_hash[0,10]
+                doc = retrieve_document_raw(doc_did, did10 + ".doc", doc_location, {})
+                # since it retrieves a DID that previously existed, this test is not necessary
+                # if doc.first.nil?
+                #     currentDID["error"] = 2
+                #     currentDID["message"] = doc.last.to_s
+                #     return currentDID
+                # end
+                doc = doc.first["doc"]
+                term = doc["log"]
+                log_location = term.split("@")[1] rescue ""
+                if log_location.to_s == ""
+                    log_location = DEFAULT_LOCATION
+                end
+                term = term.split("@").first
+                if hash(canonical(el)) != term
+                    currentDID["error"] = 1
+                    currentDID["message"] = "Log reference and record don't match"
+                    if verification_output
+                        currentDID["verification"] += "'log' reference in DID Document: " + term.to_s + "\n"
+                        currentDID["verification"] += "⛔ does not match TERMINATE log record:" + "\n"
+                        currentDID["verification"] += JSON.pretty_generate(el) + "\n"
+                        currentDID["verification"] += "(Details: https://ownyourdata.github.io/oydid/#calculate_hash)" + "\n\n"
+                    end
+                    return currentDID
+                end
+                if verification_output
+                    currentDID["verification"] += "'log' reference in DID Document: " + term.to_s + "\n"
+                    currentDID["verification"] += "✅ is hash of TERMINATE log record:" + "\n"
+                    currentDID["verification"] += JSON.pretty_generate(el) + "\n"
+                    currentDID["verification"] += "(Details: https://ownyourdata.github.io/oydid/#calculate_hash)" + "\n\n"
+                end
+
+                # check if there is a revocation entry
+                revocation_record = {}
+                revoc_term = el["doc"]
+                revoc_term = revoc_term.split("@").first
+                revoc_term_found = false
+                log_array, msg = retrieve_log(did_hash, did10 + ".log", log_location, options)
+                log_array.each do |log_el|
+                    log_el_structure = log_el.dup
+                    if log_el["op"].to_i == 1 # TERMINATE
+                        log_el_structure.delete("previous")
+                    end
+                    if hash(canonical(log_el_structure)) == revoc_term
+                        revoc_term_found = true
+                        revocation_record = log_el.dup
+                        if verification_output
+                            currentDID["verification"] += "'doc' reference in TERMINATE log record: " + revoc_term.to_s + "\n"
+                            currentDID["verification"] += "✅ is hash of REVOCATION log record (without 'previous' attribute):" + "\n"
+                            currentDID["verification"] += JSON.pretty_generate(log_el) + "\n"
+                            currentDID["verification"] += "(Details: https://ownyourdata.github.io/oydid/#calculate_hash)" + "\n\n"
+                        end
+                        break
+                    end
+                end unless log_array.nil?
+                # this should actually be covered by retrieve_log in the block above
+                # (actually I wasn't able to craft a test case covering this part...)
+                # if !options.transform_keys(&:to_s)["log_location"].nil?
+                #     log_array, msg = retrieve_log(revoc_term, did10 + ".log", options.transform_keys(&:to_s)["log_location"], options)
+                #     log_array.each do |log_el|
+                #         if log_el["op"] == 1 # TERMINATE
+                #             log_el_structure = log_el.delete("previous")
+                #         else
+                #             log_el_structure = log_el
+                #         end
+                #         if hash(canonical(log_el_structure)) == revoc_term
+                #             revoc_term_found = true
+                #             revocation_record = log_el.dup
+                #             if verification_output
+                #                 currentDID["verification"] += "'doc' reference in TERMINATE log record: " + revoc_term.to_s + "\n"
+                #                 currentDID["verification"] += "✅ is hash of REVOCATION log record (without 'previous' attribute):" + "\n"
+                #                 currentDID["verification"] += JSON.pretty_generate(log_el) + "\n"
+                #                 currentDID["verification"] += "(Details: https://ownyourdata.github.io/oydid/#calculate_hash)" + "\n\n"
+                #             end
+                #             break
+                #         end
+                #     end
+                # end
+
+                if revoc_term_found
+                    update_term_found = false
+                    log_array.each do |log_el|
+                        if log_el["op"].to_i == 3
+                            if log_el["previous"].include?(hash(canonical(revocation_record)))
+                                update_term_found = true
+                                message = log_el["doc"].to_s
+
+                                signature = log_el["sig"]
+                                public_key = current_public_doc_key.to_s
+                                signature_verification = verify(message, signature, public_key).first
+                                if signature_verification
+                                    if verification_output
+                                        currentDID["verification"] += "found UPDATE log record:" + "\n"
+                                        currentDID["verification"] += JSON.pretty_generate(log_el) + "\n"
+                                        currentDID["verification"] += "✅ public key from last DID Document: " + current_public_doc_key.to_s + "\n"
+                                        currentDID["verification"] += "verifies 'doc' reference of new DID Document: " + log_el["doc"].to_s + "\n"
+                                        currentDID["verification"] += log_el["sig"].to_s + "\n"
+                                        currentDID["verification"] += "of next DID Document (Details: https://ownyourdata.github.io/oydid/#verify_signature)" + "\n"
+
+                                        next_doc_did = log_el["doc"].to_s
+                                        next_doc_location = get_location(next_doc_did)
+                                        next_did_hash = next_doc_did.delete_prefix("did:oyd:")
+                                        next_did_hash = next_did_hash.split("@").first
+                                        next_did10 = next_did_hash[0,10]
+                                        next_doc = retrieve_document_raw(next_doc_did, next_did10 + ".doc", next_doc_location, {})
+                                        if next_doc.first.nil?
+                                            currentDID["error"] = 2
+                                            currentDID["message"] = next_doc.last
+                                            return currentDID
+                                        end
+                                        next_doc = next_doc.first["doc"]
+                                        if public_key == next_doc["key"].split(":").first
+                                            currentDID["verification"] += "⚠️  no key rotation in updated DID Document" + "\n"
+                                        end
+                                        currentDID["verification"] += "\n"
+                                    end
+                                else
+                                    currentDID["error"] = 1
+                                    currentDID["message"] = "Signature does not match"
+                                    if verification_output
+                                        new_doc_did = log_el["doc"].to_s
+                                        new_doc_location = get_location(new_doc_did)
+                                        new_did_hash = new_doc_did.delete_prefix("did:oyd:")
+                                        new_did_hash = new_did_hash.split("@").first
+                                        new_did10 = new_did_hash[0,10]
+                                        new_doc = retrieve_document(new_doc_did, new_did10 + ".doc", new_doc_location, {}).first
+                                        currentDID["verification"] += "found UPDATE log record:" + "\n"
+                                        currentDID["verification"] += JSON.pretty_generate(log_el) + "\n"
+                                        currentDID["verification"] += "⛔ public key from last DID Document: " + current_public_doc_key.to_s + "\n"
+                                        currentDID["verification"] += "does not verify 'doc' reference of new DID Document: " + log_el["doc"].to_s + "\n"
+                                        currentDID["verification"] += log_el["sig"].to_s + "\n"
+                                        currentDID["verification"] += "next DID Document (Details: https://ownyourdata.github.io/oydid/#verify_signature)" + "\n"
+                                        currentDID["verification"] += JSON.pretty_generate(new_doc) + "\n\n"
+                                    end
+                                    return currentDID
+                                end
+                                break
+                            end
+                        end
+                    end
+
+                else
+                    if verification_output
+                        currentDID["verification"] += "Revocation reference in log record: " + revoc_term.to_s + "\n"
+                        currentDID["verification"] += "✅ cannot find revocation record searching at" + "\n"
+                        currentDID["verification"] += "- " + log_location + "\n"
+                        if !options.transform_keys(&:to_s)["log_location"].nil?
+                            currentDID["verification"] += "- " + options.transform_keys(&:to_s)["log_location"].to_s + "\n"
+                        end
+                        currentDID["verification"] += "(Details: https://ownyourdata.github.io/oydid/#retrieve_log)" + "\n\n"
+                    end
+                    break
+                end
+            when 1 # revocation log entry
+                # do nothing
+            else
+                currentDID["error"] = 2
+                currentDID["message"] = "FATAL ERROR: op code '" + el["op"].to_s + "' not implemented"
+                return currentDID
+
+            end
+            i += 1
+        end unless currentDID["log"].nil?
+
+        return currentDID
+    end
+
+end