oydid 0.3.6 → 0.4.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/lib/oydid/didcomm.rb +101 -0
- data/lib/oydid/log.rb +16 -14
- data/lib/oydid.rb +8 -7
- metadata +17 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 20d91a8c36a05670346244339ea68ec0288c1550994a421e51d4eeb4c6906234
|
|
4
|
+
data.tar.gz: 32722af4d3ab83842ad7cc3428834bccecdf0a987c3cb5c86683c7b5208fabe8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 965132e50470d2423fce55a6f9cef44c34747585c3a46646f4ed1d546f9acfb25058bfe1cff3dcef1cd151e7ed40964f4f5f5cb55943872534c55610fc90ed1f
|
|
7
|
+
data.tar.gz: 06e4978da7ae725b69ae07e95fd92638b966c4ae3a111d5a18202739ba4bb0a9496c85f3cd4aae76041958f321d8a3337f94a5774d3df3600287677338442f76
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.3
|
|
1
|
+
0.4.3
|
|
@@ -0,0 +1,101 @@
|
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
|
2
|
+
# frozen_string_literal: true
|
|
3
|
+
|
|
4
|
+
class Oydid
|
|
5
|
+
|
|
6
|
+
# DIDComm Plain Message ---------------------
|
|
7
|
+
def self.dcpm(payload, options)
|
|
8
|
+
dcDoc = {}
|
|
9
|
+
dcDoc["id"] = SecureRandom.random_number(10e14).to_i
|
|
10
|
+
dcDoc["type"] = options[:didcomm_type]
|
|
11
|
+
if !options[:didcomm_from_did].nil?
|
|
12
|
+
dcDoc["from"] = options[:didcomm_from_did]
|
|
13
|
+
end
|
|
14
|
+
dcDoc["to"] = [options[:didcomm_to_did]]
|
|
15
|
+
dcDoc["created_time"] = Time.now.utc.to_i
|
|
16
|
+
dcDoc["body"] = payload
|
|
17
|
+
return [dcDoc, ""]
|
|
18
|
+
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
# DIDComm Signed Message --------------------
|
|
22
|
+
def self.dcsm(payload, private_key_encoded, options)
|
|
23
|
+
error = ""
|
|
24
|
+
code, length, digest = decode(private_key_encoded).unpack('SCa*')
|
|
25
|
+
case Multicodecs[code].name
|
|
26
|
+
when 'ed25519-priv'
|
|
27
|
+
private_key = RbNaCl::Signatures::Ed25519::SigningKey.new(digest)
|
|
28
|
+
token = JWT.encode payload, private_key, 'ED25519', { typ: 'JWM', kid: options[:sign_did].to_s, alg: 'ED25519' }
|
|
29
|
+
else
|
|
30
|
+
token = nil
|
|
31
|
+
error = "unsupported key codec"
|
|
32
|
+
end
|
|
33
|
+
return [token, error]
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
def self.dcsm_verify(token, options)
|
|
37
|
+
error = ""
|
|
38
|
+
decoded_payload = JWT.decode token, nil, false
|
|
39
|
+
pubkey_did = decoded_payload.last["kid"]
|
|
40
|
+
result, msg = Oydid.read(pubkey_did, options)
|
|
41
|
+
public_key_encoded = Oydid.w3c(result, options)["authentication"].first["publicKeyMultibase"]
|
|
42
|
+
begin
|
|
43
|
+
code, length, digest = Oydid.decode(public_key_encoded).unpack('CCa*')
|
|
44
|
+
case Multicodecs[code].name
|
|
45
|
+
when 'ed25519-pub'
|
|
46
|
+
public_key = RbNaCl::Signatures::Ed25519::VerifyKey.new(digest)
|
|
47
|
+
payload = JWT.decode token.to_s, public_key, true, { algorithm: 'ED25519' }
|
|
48
|
+
else
|
|
49
|
+
payload = nil
|
|
50
|
+
error = "unsupported key codec"
|
|
51
|
+
end
|
|
52
|
+
return [payload, error]
|
|
53
|
+
rescue
|
|
54
|
+
return [nil, "verification failed"]
|
|
55
|
+
end
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
# encryption -----------------------------------
|
|
59
|
+
def self.msg_encrypt(payload, private_key_encoded, did)
|
|
60
|
+
error = ""
|
|
61
|
+
code, length, digest = decode(private_key_encoded).unpack('SCa*')
|
|
62
|
+
case Multicodecs[code].name
|
|
63
|
+
when 'ed25519-priv'
|
|
64
|
+
private_key = RbNaCl::Signatures::Ed25519::SigningKey.new(digest)
|
|
65
|
+
token = JWT.encode payload, private_key, 'ED25519'
|
|
66
|
+
else
|
|
67
|
+
token = nil
|
|
68
|
+
error = "unsupported key codec"
|
|
69
|
+
end
|
|
70
|
+
return [token, error]
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
def self.msg_decrypt(token, public_key_encoded)
|
|
74
|
+
error = ""
|
|
75
|
+
code, length, digest = Oydid.decode(public_key_encoded).unpack('CCa*')
|
|
76
|
+
case Multicodecs[code].name
|
|
77
|
+
when 'ed25519-pub'
|
|
78
|
+
public_key = RbNaCl::Signatures::Ed25519::VerifyKey.new(digest)
|
|
79
|
+
payload = JWT.decode token.to_s, public_key, true, { algorithm: 'ED25519' }
|
|
80
|
+
else
|
|
81
|
+
payload = nil
|
|
82
|
+
error = "unsupported key codec"
|
|
83
|
+
end
|
|
84
|
+
return [payload, error]
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
# signing for JWS ---------------------------
|
|
88
|
+
def self.msg_sign(payload, hmac_secret)
|
|
89
|
+
token = JWT.encode payload, hmac_secret, 'HS256'
|
|
90
|
+
return [token, ""]
|
|
91
|
+
end
|
|
92
|
+
|
|
93
|
+
def self.msg_verify_jws(token, hmac_secret)
|
|
94
|
+
begin
|
|
95
|
+
decoded_token = JWT.decode token, hmac_secret, true, { algorithm: 'HS256' }
|
|
96
|
+
return [decoded_token, ""]
|
|
97
|
+
rescue
|
|
98
|
+
return [nil, "verification failed"]
|
|
99
|
+
end
|
|
100
|
+
end
|
|
101
|
+
end
|
data/lib/oydid/log.rb
CHANGED
|
@@ -152,20 +152,23 @@ class Oydid
|
|
|
152
152
|
|
|
153
153
|
def self.dag_update(currentDID, options)
|
|
154
154
|
i = 0
|
|
155
|
-
|
|
155
|
+
doc_location = ""
|
|
156
|
+
initial_did = currentDID["did"].to_s.dup
|
|
156
157
|
initial_did = initial_did.delete_prefix("did:oyd:")
|
|
157
|
-
|
|
158
|
+
if initial_did.include?(LOCATION_PREFIX)
|
|
159
|
+
tmp = initial_did.split(LOCATION_PREFIX)
|
|
160
|
+
initial_did = tmp[0]
|
|
161
|
+
doc_location = tmp[1]
|
|
162
|
+
end
|
|
158
163
|
current_public_doc_key = ""
|
|
159
164
|
verification_output = false
|
|
160
165
|
currentDID["log"].each do |el|
|
|
161
166
|
case el["op"]
|
|
162
167
|
when 2,3 # CREATE, UPDATE
|
|
163
168
|
currentDID["doc_log_id"] = i
|
|
164
|
-
|
|
165
169
|
doc_did = el["doc"]
|
|
166
|
-
doc_location = get_location(doc_did)
|
|
167
170
|
did_hash = doc_did.delete_prefix("did:oyd:")
|
|
168
|
-
did_hash = did_hash.split(
|
|
171
|
+
did_hash = did_hash.split(LOCATION_PREFIX).first
|
|
169
172
|
did10 = did_hash[0,10]
|
|
170
173
|
doc = retrieve_document_raw(doc_did, did10 + ".doc", doc_location, {})
|
|
171
174
|
if doc.first.nil?
|
|
@@ -217,9 +220,8 @@ class Oydid
|
|
|
217
220
|
currentDID["termination_log_id"] = i
|
|
218
221
|
|
|
219
222
|
doc_did = currentDID["did"]
|
|
220
|
-
doc_location = get_location(doc_did)
|
|
221
223
|
did_hash = doc_did.delete_prefix("did:oyd:")
|
|
222
|
-
did_hash = did_hash.split(
|
|
224
|
+
did_hash = did_hash.split(LOCATION_PREFIX).first
|
|
223
225
|
did10 = did_hash[0,10]
|
|
224
226
|
doc = retrieve_document_raw(doc_did, did10 + ".doc", doc_location, {})
|
|
225
227
|
# since it retrieves a DID that previously existed, this test is not necessary
|
|
@@ -230,11 +232,11 @@ class Oydid
|
|
|
230
232
|
# end
|
|
231
233
|
doc = doc.first["doc"]
|
|
232
234
|
term = doc["log"]
|
|
233
|
-
log_location = term.split(
|
|
235
|
+
log_location = term.split(LOCATION_PREFIX)[1] rescue ""
|
|
234
236
|
if log_location.to_s == ""
|
|
235
237
|
log_location = DEFAULT_LOCATION
|
|
236
238
|
end
|
|
237
|
-
term = term.split(
|
|
239
|
+
term = term.split(LOCATION_PREFIX).first
|
|
238
240
|
if hash(canonical(el)) != term
|
|
239
241
|
currentDID["error"] = 1
|
|
240
242
|
currentDID["message"] = "Log reference and record don't match"
|
|
@@ -256,7 +258,7 @@ class Oydid
|
|
|
256
258
|
# check if there is a revocation entry
|
|
257
259
|
revocation_record = {}
|
|
258
260
|
revoc_term = el["doc"]
|
|
259
|
-
revoc_term = revoc_term.split(
|
|
261
|
+
revoc_term = revoc_term.split(LOCATION_PREFIX).first
|
|
260
262
|
revoc_term_found = false
|
|
261
263
|
log_array, msg = retrieve_log(did_hash, did10 + ".log", log_location, options)
|
|
262
264
|
log_array.each do |log_el|
|
|
@@ -321,9 +323,9 @@ class Oydid
|
|
|
321
323
|
currentDID["verification"] += "of next DID Document (Details: https://ownyourdata.github.io/oydid/#verify_signature)" + "\n"
|
|
322
324
|
|
|
323
325
|
next_doc_did = log_el["doc"].to_s
|
|
324
|
-
next_doc_location =
|
|
326
|
+
next_doc_location = doc_location
|
|
325
327
|
next_did_hash = next_doc_did.delete_prefix("did:oyd:")
|
|
326
|
-
next_did_hash = next_did_hash.split(
|
|
328
|
+
next_did_hash = next_did_hash.split(LOCATION_PREFIX).first
|
|
327
329
|
next_did10 = next_did_hash[0,10]
|
|
328
330
|
next_doc = retrieve_document_raw(next_doc_did, next_did10 + ".doc", next_doc_location, {})
|
|
329
331
|
if next_doc.first.nil?
|
|
@@ -342,9 +344,9 @@ class Oydid
|
|
|
342
344
|
currentDID["message"] = "Signature does not match"
|
|
343
345
|
if verification_output
|
|
344
346
|
new_doc_did = log_el["doc"].to_s
|
|
345
|
-
new_doc_location =
|
|
347
|
+
new_doc_location = doc_location
|
|
346
348
|
new_did_hash = new_doc_did.delete_prefix("did:oyd:")
|
|
347
|
-
new_did_hash = new_did_hash.split(
|
|
349
|
+
new_did_hash = new_did_hash.split(LOCATION_PREFIX).first
|
|
348
350
|
new_did10 = new_did_hash[0,10]
|
|
349
351
|
new_doc = retrieve_document(new_doc_did, new_did10 + ".doc", new_doc_location, {}).first
|
|
350
352
|
currentDID["verification"] += "found UPDATE log record:" + "\n"
|
data/lib/oydid.rb
CHANGED
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'dag'
|
|
5
|
+
require 'jwt'
|
|
5
6
|
require 'rbnacl'
|
|
6
7
|
require 'ed25519'
|
|
7
8
|
require 'httparty'
|
|
@@ -11,6 +12,7 @@ require 'multicodecs'
|
|
|
11
12
|
require 'json/canonicalization'
|
|
12
13
|
require 'oydid/basic'
|
|
13
14
|
require 'oydid/log'
|
|
15
|
+
require 'oydid/didcomm'
|
|
14
16
|
|
|
15
17
|
class Oydid
|
|
16
18
|
|
|
@@ -147,7 +149,7 @@ class Oydid
|
|
|
147
149
|
log_old = nil
|
|
148
150
|
prev_hash = []
|
|
149
151
|
revoc_log = nil
|
|
150
|
-
doc_location = options[:
|
|
152
|
+
doc_location = options[:location]
|
|
151
153
|
if options[:ts].nil?
|
|
152
154
|
ts = Time.now.to_i
|
|
153
155
|
else
|
|
@@ -671,16 +673,15 @@ class Oydid
|
|
|
671
673
|
wd["@context"] = "https://www.w3.org/ns/did/v1"
|
|
672
674
|
wd["id"] = did
|
|
673
675
|
wd["verificationMethod"] = [{
|
|
674
|
-
"id": did,
|
|
676
|
+
"id": did + "#key-doc",
|
|
675
677
|
"type": "Ed25519VerificationKey2020",
|
|
676
678
|
"controller": did,
|
|
677
|
-
"
|
|
678
|
-
}
|
|
679
|
-
|
|
680
|
-
"id": did,
|
|
679
|
+
"publicKeyMultibase": pubDocKey
|
|
680
|
+
},{
|
|
681
|
+
"id": did + "#key-rev",
|
|
681
682
|
"type": "Ed25519VerificationKey2020",
|
|
682
683
|
"controller": did,
|
|
683
|
-
"
|
|
684
|
+
"publicKeyMultibase": pubRevKey
|
|
684
685
|
}]
|
|
685
686
|
|
|
686
687
|
if didDoc["@context"].to_s == "https://www.w3.org/ns/did/v1"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: oydid
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3
|
|
4
|
+
version: 0.4.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Christoph Fabianek
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-06-
|
|
11
|
+
date: 2022-06-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dag
|
|
@@ -24,6 +24,20 @@ dependencies:
|
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
26
|
version: 0.0.9
|
|
27
|
+
- !ruby/object:Gem::Dependency
|
|
28
|
+
name: jwt
|
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
|
30
|
+
requirements:
|
|
31
|
+
- - "~>"
|
|
32
|
+
- !ruby/object:Gem::Version
|
|
33
|
+
version: 2.4.1
|
|
34
|
+
type: :runtime
|
|
35
|
+
prerelease: false
|
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
37
|
+
requirements:
|
|
38
|
+
- - "~>"
|
|
39
|
+
- !ruby/object:Gem::Version
|
|
40
|
+
version: 2.4.1
|
|
27
41
|
- !ruby/object:Gem::Dependency
|
|
28
42
|
name: rbnacl
|
|
29
43
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -148,6 +162,7 @@ files:
|
|
|
148
162
|
- VERSION
|
|
149
163
|
- lib/oydid.rb
|
|
150
164
|
- lib/oydid/basic.rb
|
|
165
|
+
- lib/oydid/didcomm.rb
|
|
151
166
|
- lib/oydid/log.rb
|
|
152
167
|
- spec/input/basic/arrays.json
|
|
153
168
|
- spec/input/basic/french.json
|