oydid 0.3.6 → 0.4.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/VERSION +1 -1
- data/lib/oydid/didcomm.rb +101 -0
- data/lib/oydid/log.rb +16 -14
- data/lib/oydid.rb +8 -7
- metadata +17 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 20d91a8c36a05670346244339ea68ec0288c1550994a421e51d4eeb4c6906234
|
|
4
|
+
data.tar.gz: 32722af4d3ab83842ad7cc3428834bccecdf0a987c3cb5c86683c7b5208fabe8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 965132e50470d2423fce55a6f9cef44c34747585c3a46646f4ed1d546f9acfb25058bfe1cff3dcef1cd151e7ed40964f4f5f5cb55943872534c55610fc90ed1f
|
|
7
|
+
data.tar.gz: 06e4978da7ae725b69ae07e95fd92638b966c4ae3a111d5a18202739ba4bb0a9496c85f3cd4aae76041958f321d8a3337f94a5774d3df3600287677338442f76
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.3
|
|
1
|
+
0.4.3
|
|
@@ -0,0 +1,101 @@
|
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
|
2
|
+
# frozen_string_literal: true
|
|
3
|
+
|
|
4
|
+
class Oydid
|
|
5
|
+
|
|
6
|
+
# DIDComm Plain Message ---------------------
|
|
7
|
+
def self.dcpm(payload, options)
|
|
8
|
+
dcDoc = {}
|
|
9
|
+
dcDoc["id"] = SecureRandom.random_number(10e14).to_i
|
|
10
|
+
dcDoc["type"] = options[:didcomm_type]
|
|
11
|
+
if !options[:didcomm_from_did].nil?
|
|
12
|
+
dcDoc["from"] = options[:didcomm_from_did]
|
|
13
|
+
end
|
|
14
|
+
dcDoc["to"] = [options[:didcomm_to_did]]
|
|
15
|
+
dcDoc["created_time"] = Time.now.utc.to_i
|
|
16
|
+
dcDoc["body"] = payload
|
|
17
|
+
return [dcDoc, ""]
|
|
18
|
+
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
# DIDComm Signed Message --------------------
|
|
22
|
+
def self.dcsm(payload, private_key_encoded, options)
|
|
23
|
+
error = ""
|
|
24
|
+
code, length, digest = decode(private_key_encoded).unpack('SCa*')
|
|
25
|
+
case Multicodecs[code].name
|
|
26
|
+
when 'ed25519-priv'
|
|
27
|
+
private_key = RbNaCl::Signatures::Ed25519::SigningKey.new(digest)
|
|
28
|
+
token = JWT.encode payload, private_key, 'ED25519', { typ: 'JWM', kid: options[:sign_did].to_s, alg: 'ED25519' }
|
|
29
|
+
else
|
|
30
|
+
token = nil
|
|
31
|
+
error = "unsupported key codec"
|
|
32
|
+
end
|
|
33
|
+
return [token, error]
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
def self.dcsm_verify(token, options)
|
|
37
|
+
error = ""
|
|
38
|
+
decoded_payload = JWT.decode token, nil, false
|
|
39
|
+
pubkey_did = decoded_payload.last["kid"]
|
|
40
|
+
result, msg = Oydid.read(pubkey_did, options)
|
|
41
|
+
public_key_encoded = Oydid.w3c(result, options)["authentication"].first["publicKeyMultibase"]
|
|
42
|
+
begin
|
|
43
|
+
code, length, digest = Oydid.decode(public_key_encoded).unpack('CCa*')
|
|
44
|
+
case Multicodecs[code].name
|
|
45
|
+
when 'ed25519-pub'
|
|
46
|
+
public_key = RbNaCl::Signatures::Ed25519::VerifyKey.new(digest)
|
|
47
|
+
payload = JWT.decode token.to_s, public_key, true, { algorithm: 'ED25519' }
|
|
48
|
+
else
|
|
49
|
+
payload = nil
|
|
50
|
+
error = "unsupported key codec"
|
|
51
|
+
end
|
|
52
|
+
return [payload, error]
|
|
53
|
+
rescue
|
|
54
|
+
return [nil, "verification failed"]
|
|
55
|
+
end
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
# encryption -----------------------------------
|
|
59
|
+
def self.msg_encrypt(payload, private_key_encoded, did)
|
|
60
|
+
error = ""
|
|
61
|
+
code, length, digest = decode(private_key_encoded).unpack('SCa*')
|
|
62
|
+
case Multicodecs[code].name
|
|
63
|
+
when 'ed25519-priv'
|
|
64
|
+
private_key = RbNaCl::Signatures::Ed25519::SigningKey.new(digest)
|
|
65
|
+
token = JWT.encode payload, private_key, 'ED25519'
|
|
66
|
+
else
|
|
67
|
+
token = nil
|
|
68
|
+
error = "unsupported key codec"
|
|
69
|
+
end
|
|
70
|
+
return [token, error]
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
def self.msg_decrypt(token, public_key_encoded)
|
|
74
|
+
error = ""
|
|
75
|
+
code, length, digest = Oydid.decode(public_key_encoded).unpack('CCa*')
|
|
76
|
+
case Multicodecs[code].name
|
|
77
|
+
when 'ed25519-pub'
|
|
78
|
+
public_key = RbNaCl::Signatures::Ed25519::VerifyKey.new(digest)
|
|
79
|
+
payload = JWT.decode token.to_s, public_key, true, { algorithm: 'ED25519' }
|
|
80
|
+
else
|
|
81
|
+
payload = nil
|
|
82
|
+
error = "unsupported key codec"
|
|
83
|
+
end
|
|
84
|
+
return [payload, error]
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
# signing for JWS ---------------------------
|
|
88
|
+
def self.msg_sign(payload, hmac_secret)
|
|
89
|
+
token = JWT.encode payload, hmac_secret, 'HS256'
|
|
90
|
+
return [token, ""]
|
|
91
|
+
end
|
|
92
|
+
|
|
93
|
+
def self.msg_verify_jws(token, hmac_secret)
|
|
94
|
+
begin
|
|
95
|
+
decoded_token = JWT.decode token, hmac_secret, true, { algorithm: 'HS256' }
|
|
96
|
+
return [decoded_token, ""]
|
|
97
|
+
rescue
|
|
98
|
+
return [nil, "verification failed"]
|
|
99
|
+
end
|
|
100
|
+
end
|
|
101
|
+
end
|
data/lib/oydid/log.rb
CHANGED
|
@@ -152,20 +152,23 @@ class Oydid
|
|
|
152
152
|
|
|
153
153
|
def self.dag_update(currentDID, options)
|
|
154
154
|
i = 0
|
|
155
|
-
|
|
155
|
+
doc_location = ""
|
|
156
|
+
initial_did = currentDID["did"].to_s.dup
|
|
156
157
|
initial_did = initial_did.delete_prefix("did:oyd:")
|
|
157
|
-
|
|
158
|
+
if initial_did.include?(LOCATION_PREFIX)
|
|
159
|
+
tmp = initial_did.split(LOCATION_PREFIX)
|
|
160
|
+
initial_did = tmp[0]
|
|
161
|
+
doc_location = tmp[1]
|
|
162
|
+
end
|
|
158
163
|
current_public_doc_key = ""
|
|
159
164
|
verification_output = false
|
|
160
165
|
currentDID["log"].each do |el|
|
|
161
166
|
case el["op"]
|
|
162
167
|
when 2,3 # CREATE, UPDATE
|
|
163
168
|
currentDID["doc_log_id"] = i
|
|
164
|
-
|
|
165
169
|
doc_did = el["doc"]
|
|
166
|
-
doc_location = get_location(doc_did)
|
|
167
170
|
did_hash = doc_did.delete_prefix("did:oyd:")
|
|
168
|
-
did_hash = did_hash.split(
|
|
171
|
+
did_hash = did_hash.split(LOCATION_PREFIX).first
|
|
169
172
|
did10 = did_hash[0,10]
|
|
170
173
|
doc = retrieve_document_raw(doc_did, did10 + ".doc", doc_location, {})
|
|
171
174
|
if doc.first.nil?
|
|
@@ -217,9 +220,8 @@ class Oydid
|
|
|
217
220
|
currentDID["termination_log_id"] = i
|
|
218
221
|
|
|
219
222
|
doc_did = currentDID["did"]
|
|
220
|
-
doc_location = get_location(doc_did)
|
|
221
223
|
did_hash = doc_did.delete_prefix("did:oyd:")
|
|
222
|
-
did_hash = did_hash.split(
|
|
224
|
+
did_hash = did_hash.split(LOCATION_PREFIX).first
|
|
223
225
|
did10 = did_hash[0,10]
|
|
224
226
|
doc = retrieve_document_raw(doc_did, did10 + ".doc", doc_location, {})
|
|
225
227
|
# since it retrieves a DID that previously existed, this test is not necessary
|
|
@@ -230,11 +232,11 @@ class Oydid
|
|
|
230
232
|
# end
|
|
231
233
|
doc = doc.first["doc"]
|
|
232
234
|
term = doc["log"]
|
|
233
|
-
log_location = term.split(
|
|
235
|
+
log_location = term.split(LOCATION_PREFIX)[1] rescue ""
|
|
234
236
|
if log_location.to_s == ""
|
|
235
237
|
log_location = DEFAULT_LOCATION
|
|
236
238
|
end
|
|
237
|
-
term = term.split(
|
|
239
|
+
term = term.split(LOCATION_PREFIX).first
|
|
238
240
|
if hash(canonical(el)) != term
|
|
239
241
|
currentDID["error"] = 1
|
|
240
242
|
currentDID["message"] = "Log reference and record don't match"
|
|
@@ -256,7 +258,7 @@ class Oydid
|
|
|
256
258
|
# check if there is a revocation entry
|
|
257
259
|
revocation_record = {}
|
|
258
260
|
revoc_term = el["doc"]
|
|
259
|
-
revoc_term = revoc_term.split(
|
|
261
|
+
revoc_term = revoc_term.split(LOCATION_PREFIX).first
|
|
260
262
|
revoc_term_found = false
|
|
261
263
|
log_array, msg = retrieve_log(did_hash, did10 + ".log", log_location, options)
|
|
262
264
|
log_array.each do |log_el|
|
|
@@ -321,9 +323,9 @@ class Oydid
|
|
|
321
323
|
currentDID["verification"] += "of next DID Document (Details: https://ownyourdata.github.io/oydid/#verify_signature)" + "\n"
|
|
322
324
|
|
|
323
325
|
next_doc_did = log_el["doc"].to_s
|
|
324
|
-
next_doc_location =
|
|
326
|
+
next_doc_location = doc_location
|
|
325
327
|
next_did_hash = next_doc_did.delete_prefix("did:oyd:")
|
|
326
|
-
next_did_hash = next_did_hash.split(
|
|
328
|
+
next_did_hash = next_did_hash.split(LOCATION_PREFIX).first
|
|
327
329
|
next_did10 = next_did_hash[0,10]
|
|
328
330
|
next_doc = retrieve_document_raw(next_doc_did, next_did10 + ".doc", next_doc_location, {})
|
|
329
331
|
if next_doc.first.nil?
|
|
@@ -342,9 +344,9 @@ class Oydid
|
|
|
342
344
|
currentDID["message"] = "Signature does not match"
|
|
343
345
|
if verification_output
|
|
344
346
|
new_doc_did = log_el["doc"].to_s
|
|
345
|
-
new_doc_location =
|
|
347
|
+
new_doc_location = doc_location
|
|
346
348
|
new_did_hash = new_doc_did.delete_prefix("did:oyd:")
|
|
347
|
-
new_did_hash = new_did_hash.split(
|
|
349
|
+
new_did_hash = new_did_hash.split(LOCATION_PREFIX).first
|
|
348
350
|
new_did10 = new_did_hash[0,10]
|
|
349
351
|
new_doc = retrieve_document(new_doc_did, new_did10 + ".doc", new_doc_location, {}).first
|
|
350
352
|
currentDID["verification"] += "found UPDATE log record:" + "\n"
|
data/lib/oydid.rb
CHANGED
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
4
|
require 'dag'
|
|
5
|
+
require 'jwt'
|
|
5
6
|
require 'rbnacl'
|
|
6
7
|
require 'ed25519'
|
|
7
8
|
require 'httparty'
|
|
@@ -11,6 +12,7 @@ require 'multicodecs'
|
|
|
11
12
|
require 'json/canonicalization'
|
|
12
13
|
require 'oydid/basic'
|
|
13
14
|
require 'oydid/log'
|
|
15
|
+
require 'oydid/didcomm'
|
|
14
16
|
|
|
15
17
|
class Oydid
|
|
16
18
|
|
|
@@ -147,7 +149,7 @@ class Oydid
|
|
|
147
149
|
log_old = nil
|
|
148
150
|
prev_hash = []
|
|
149
151
|
revoc_log = nil
|
|
150
|
-
doc_location = options[:
|
|
152
|
+
doc_location = options[:location]
|
|
151
153
|
if options[:ts].nil?
|
|
152
154
|
ts = Time.now.to_i
|
|
153
155
|
else
|
|
@@ -671,16 +673,15 @@ class Oydid
|
|
|
671
673
|
wd["@context"] = "https://www.w3.org/ns/did/v1"
|
|
672
674
|
wd["id"] = did
|
|
673
675
|
wd["verificationMethod"] = [{
|
|
674
|
-
"id": did,
|
|
676
|
+
"id": did + "#key-doc",
|
|
675
677
|
"type": "Ed25519VerificationKey2020",
|
|
676
678
|
"controller": did,
|
|
677
|
-
"
|
|
678
|
-
}
|
|
679
|
-
|
|
680
|
-
"id": did,
|
|
679
|
+
"publicKeyMultibase": pubDocKey
|
|
680
|
+
},{
|
|
681
|
+
"id": did + "#key-rev",
|
|
681
682
|
"type": "Ed25519VerificationKey2020",
|
|
682
683
|
"controller": did,
|
|
683
|
-
"
|
|
684
|
+
"publicKeyMultibase": pubRevKey
|
|
684
685
|
}]
|
|
685
686
|
|
|
686
687
|
if didDoc["@context"].to_s == "https://www.w3.org/ns/did/v1"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: oydid
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.3
|
|
4
|
+
version: 0.4.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Christoph Fabianek
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-06-
|
|
11
|
+
date: 2022-06-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dag
|
|
@@ -24,6 +24,20 @@ dependencies:
|
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
26
|
version: 0.0.9
|
|
27
|
+
- !ruby/object:Gem::Dependency
|
|
28
|
+
name: jwt
|
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
|
30
|
+
requirements:
|
|
31
|
+
- - "~>"
|
|
32
|
+
- !ruby/object:Gem::Version
|
|
33
|
+
version: 2.4.1
|
|
34
|
+
type: :runtime
|
|
35
|
+
prerelease: false
|
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
37
|
+
requirements:
|
|
38
|
+
- - "~>"
|
|
39
|
+
- !ruby/object:Gem::Version
|
|
40
|
+
version: 2.4.1
|
|
27
41
|
- !ruby/object:Gem::Dependency
|
|
28
42
|
name: rbnacl
|
|
29
43
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -148,6 +162,7 @@ files:
|
|
|
148
162
|
- VERSION
|
|
149
163
|
- lib/oydid.rb
|
|
150
164
|
- lib/oydid/basic.rb
|
|
165
|
+
- lib/oydid/didcomm.rb
|
|
151
166
|
- lib/oydid/log.rb
|
|
152
167
|
- spec/input/basic/arrays.json
|
|
153
168
|
- spec/input/basic/french.json
|