Skip to content

Commit fa4434e

Browse files
committed
sync
1 parent dabfa16 commit fa4434e

21 files changed

Lines changed: 401 additions & 221 deletions

File tree

cli/docker/Dockerfile-local

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,8 @@ LABEL org.opencontainers.image.authors="Christoph Fabianek <christoph@ownyourdat
44
RUN addgroup -S user && \
55
adduser -S user -G user && \
66
apk add --no-cache libsodium-dev openssl openssl-dev git make gcc musl-dev jq bash curl gdbm gdbm-dev enscript ghostscript && \
7-
gem install httparty ed25519 multibases multihashes multicodecs optparse rbnacl dag uri json-canonicalization openssl oydid securerandom && \
7+
gem install httparty ed25519 multibases multihashes multicodecs optparse rbnacl dag uri json-canonicalization oydid securerandom && \
8+
gem install openssl -v "~> 3.3.2" && \
89
apk add --update --no-cache python3 pipx py3-setuptools py3-pytest py3-requests && \
910
ln -sf python3 /usr/bin/python && \
1011
apk add --no-cache py3-pytest-subprocess --repository=https://dl-cdn.alpinelinux.org/alpine/edge/testing
@@ -16,7 +17,6 @@ COPY docker/welcome.txt /tmp/welcome.txt
1617
COPY docker/etc/profile /etc/profile
1718
RUN chmod 755 /usr/local/bin/oydid && \
1819
gem install /tmp/*.gem && \
19-
gem update && \
2020
gem cleanup && \
2121
sed -e "s/\${oydid}/`oydid --version | head -n 1`/" -e "s/\${jq}/`jq --version`/" /tmp/welcome.txt > /etc/motd && \
2222
mkdir -p /usr/src/pytest
-52.5 KB
Binary file not shown.
52.5 KB
Binary file not shown.

cli/oydid.rb

Lines changed: 71 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@
99

1010
LOCATION_PREFIX = "@"
1111
DEFAULT_LOCATION = "https://oydid.ownyourdata.eu"
12-
VERSION = "0.5.8"
12+
VERSION = "0.6.1"
1313
LOG_HASH_OPTIONS = {:digest => "sha2-256", :encode => "base58btc"}
1414

1515
# internal functions -------------------------------
@@ -515,6 +515,7 @@ def print_help()
515515
puts " log - print relevant log for given DID or log entry hash"
516516
puts " logs - print all available log entries for given DID or log hash"
517517
puts " pubkeys - list all authorized public keys for specified DID"
518+
puts " sign - sign payload with provided private key"
518519
puts " toW3C - read OYDID internal document and convert to W3C-conform"
519520
puts " DID document"
520521
# puts " challenge - publish challenge for given DID and revoke specified as"
@@ -525,6 +526,9 @@ def print_help()
525526
puts " jws - output signed DIDComm message, reads from STDIN"
526527
puts " jws-verify - read JWS and verify signature"
527528
puts ""
529+
puts " -- JWK handling --"
530+
puts " jwks - create JSON Web Key Set"
531+
puts ""
528532
puts "Semantic Container operations:"
529533
puts " auth - retrieve OAuth2 bearer token using DID Auth"
530534
puts " sc_init - create initial DID for a Semantic Container "
@@ -762,12 +766,12 @@ def print_help()
762766

763767
case operation.to_s
764768
# JSON input
765-
when "create", "confirm",
769+
when "create", "confirm",
766770
"fromW3C", "toW3C",
767771
"message", "jws", "encrypt-message", "sign-message",
768772
"vc", "vc-proof", "vc-push", "vc-verify",
769773
"vp", "vp-push", "vp-verify",
770-
"dri", "encrypt"
774+
"dri", "encrypt", "jwks", "jwk2mb"
771775
input_content = []
772776
ARGF.each_line { |line| input_content << line }
773777
content = JSON.parse(input_content.join("")) rescue nil
@@ -812,8 +816,8 @@ def print_help()
812816
exit(-1)
813817
end
814818
end
815-
# JWT input
816-
when "decrypt-jwt", "verify-jws", "verify-signed-message", "decrypt"
819+
# JWT/raw input
820+
when "decrypt-jwt", "verify-jws", "verify-signed-message", "decrypt", "sign"
817821
content = []
818822
ARGF.each_line { |line| content << line }
819823
content = content.join('').strip
@@ -1158,6 +1162,41 @@ def print_help()
11581162
end
11591163
end
11601164
end
1165+
when "sign"
1166+
# checks---
1167+
# require --doc-enc
1168+
if options[:doc_enc].to_s == ''
1169+
if options[:silent].nil? || !options[:silent]
1170+
if options[:json].nil? || !options[:json]
1171+
puts "Error: require private key provided as --doc-enc"
1172+
else
1173+
puts '{"error": "require private key provided as --doc-enc"}'
1174+
end
1175+
end
1176+
exit(-1)
1177+
end
1178+
retVal, msg = Oydid.sign(content, options[:doc_enc].to_s)
1179+
if retVal.nil?
1180+
if msg.to_s != ""
1181+
if options[:silent].nil? || !options[:silent]
1182+
if options[:json].nil? || !options[:json]
1183+
puts "Error: " + msg.to_s
1184+
else
1185+
puts '{"error": "' + msg + '"}'
1186+
end
1187+
end
1188+
end
1189+
exit(-1)
1190+
else
1191+
if options[:silent].nil? || !options[:silent]
1192+
if options[:json].nil? || !options[:json]
1193+
puts "Signature: " + retVal.to_s
1194+
else
1195+
puts "{\"sig\": \"#{retVal.to_s}\"}"
1196+
end
1197+
end
1198+
end
1199+
11611200
when "pubkeys"
11621201
retVal, msg = Oydid.getDelegatedPubKeysFromDID(input_did, options[:pubkey_type])
11631202
if retVal.nil?
@@ -1696,6 +1735,17 @@ def print_help()
16961735
end
16971736
end
16981737

1738+
when "jwks"
1739+
result, msg = Oydid.build_jwks(content, input_did, options)
1740+
if msg.to_s != ''
1741+
if options[:json].nil? || !options[:json]
1742+
puts msg
1743+
else
1744+
puts {"error" => msg}.to_json
1745+
end
1746+
end
1747+
puts result
1748+
16991749
# internal helper
17001750
when "dri"
17011751
result = Oydid.hash(Oydid.canonical(content.to_json))
@@ -1714,6 +1764,22 @@ def print_help()
17141764
puts "private key: " + privateKey.to_s
17151765
puts "signing public key: " + signgingPublicKey.to_s
17161766
puts "encryption public key: " + encryptionPublicKey.to_s
1767+
when "jwk2mb"
1768+
privateKey, msg = Oydid.private_key_from_jwk(content, options)
1769+
if msg.to_s != '' || privateKey.nil?
1770+
if options[:json].nil? || !options[:json]
1771+
puts msg
1772+
else
1773+
puts {"error" => msg}.to_json
1774+
end
1775+
else
1776+
if options[:json].nil? || !options[:json]
1777+
puts "private key: " + privateKey.to_s
1778+
else
1779+
puts '{"private_key": "' + privateKey.to_s + '"}'
1780+
end
1781+
end
1782+
17171783
when "encrypt"
17181784
key_type = options[:key_type]
17191785
if input_did.to_s != ''

docs/diagrams/read.txt

Lines changed: 12 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
@startuml
22
start
33
note
4-
Read DID
4+
Request DID
55
end note
66
partition Invocation {
77
note
@@ -22,19 +22,21 @@ partition Invocation {
2222
end split
2323
}
2424
:get Location;
25-
note right
26-
default location: https://oydid.ownyourdata.eu
25+
note
26+
default location:
27+
https://oydid.ownyourdata.eu
2728
end note
28-
:retrieve DID Document from
29-
repository at location via GET;
30-
31-
:retrieve DID Log from
32-
repository at location via GET;
29+
:retrieve information from
30+
repository at location
31+
(DID Document and Log
32+
from trustless repository);
3333

3434
:build DAG from DID Log;
3535

36-
:get current & validated
37-
DID Document based on DAG;
36+
:verify DID Document based on DAG;
3837

3938
stop
39+
note right
40+
Validated DID Document
41+
end note
4042
@enduml

docs/diagrams/write.txt

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ partition Invocation {
1212
:API;
1313
end split
1414
}
15-
partition Preprocessing {
15+
partition Preprocessing (requires private key) {
1616
note
1717
internal data format
1818
----
@@ -23,7 +23,8 @@ partition Preprocessing {
2323
end note
2424
:generate base data;
2525
}
26-
partition Store Data {
26+
partition Store Data (trustless, does not require private key) {
27+
:validate input;
2728
if (write method) then (local storage)
2829
:write to disc;
2930
note left
@@ -34,16 +35,15 @@ if (write method) then (local storage)
3435
*.log - DID Logs
3536
end note
3637
else (online repository)
37-
:validate input;
3838
partition Transaction {
39-
:write DID Document;
40-
:write DID Logs;
39+
:write DID Document;
40+
:write DID Logs;
4141
}
4242
endif
4343
}
4444
:Response;
45-
note left
46-
DID Identifier
47-
end note
4845
stop
46+
note right
47+
DID Identifier
48+
end note
4949
@enduml
-52.5 KB
Binary file not shown.
52.5 KB
Binary file not shown.

ruby-gem/Gemfile.lock

Lines changed: 25 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -1,51 +1,45 @@
11
PATH
22
remote: .
33
specs:
4-
oydid (0.5.9)
5-
ed25519 (~> 1.3.0)
6-
httparty (~> 0.23)
7-
json (~> 2.8.2)
4+
oydid (0.6.1)
5+
ed25519 (~> 1.4.0)
6+
httparty (~> 0.24)
7+
json (~> 2.18.1)
88
json-canonicalization (~> 1.0.0)
99
json-ld (~> 3.3.2)
10-
jwt (~> 2.4.1)
10+
jwt (~> 3.1.2)
11+
jwt-eddsa (~> 0.9.0)
1112
multibases (~> 0.3.2)
1213
multicodecs (~> 1.0.0)
13-
openssl (~> 3.3.0)
14-
rbnacl (~> 7.1.1)
15-
rdf (~> 3.3.2)
14+
openssl (~> 3.3.2)
15+
rbnacl (~> 7.1.2)
16+
rdf (~> 3.3.4)
1617
rdf-normalize (~> 0.7.0)
18+
securerandom (~> 0.4.1)
1719
simple_dag (~> 0.0.1)
18-
stringio (~> 3.0.4)
20+
stringio (~> 3.2.0)
1921

2022
GEM
2123
remote: https://rubygems.org/
2224
specs:
25+
base64 (0.3.0)
2326
bcp47_spec (0.2.1)
2427
benchmark-ips (2.14.0)
2528
bigdecimal (3.2.3)
2629
byebug (12.0.0)
2730
csv (3.3.5)
2831
diff-lcs (1.6.2)
2932
docile (1.4.1)
30-
ed25519 (1.3.0)
33+
ed25519 (1.4.0)
3134
ffi (1.17.2)
32-
ffi (1.17.2-aarch64-linux-gnu)
33-
ffi (1.17.2-aarch64-linux-musl)
34-
ffi (1.17.2-arm-linux-gnu)
35-
ffi (1.17.2-arm-linux-musl)
3635
ffi (1.17.2-arm64-darwin)
37-
ffi (1.17.2-x86-linux-gnu)
38-
ffi (1.17.2-x86-linux-musl)
39-
ffi (1.17.2-x86_64-darwin)
40-
ffi (1.17.2-x86_64-linux-gnu)
41-
ffi (1.17.2-x86_64-linux-musl)
4236
htmlentities (4.3.4)
43-
httparty (0.23.1)
37+
httparty (0.24.2)
4438
csv
4539
mini_mime (>= 1.0.0)
4640
multi_xml (>= 0.5.2)
4741
io-console (0.8.1)
48-
json (2.8.2)
42+
json (2.18.1)
4943
json-canonicalization (1.0.0)
5044
json-ld (3.3.2)
5145
htmlentities (~> 4.3)
@@ -55,7 +49,12 @@ GEM
5549
rack (>= 2.2, < 4)
5650
rdf (~> 3.3)
5751
rexml (~> 3.2)
58-
jwt (2.4.1)
52+
jwt (3.1.2)
53+
base64
54+
jwt-eddsa (0.9.0)
55+
base64
56+
ed25519
57+
jwt (>= 2.9.0)
5958
link_header (0.0.8)
6059
logger (1.7.0)
6160
mini_mime (1.1.5)
@@ -64,7 +63,7 @@ GEM
6463
bigdecimal (~> 3.1)
6564
multibases (0.3.2)
6665
multicodecs (1.0.0)
67-
openssl (3.3.0)
66+
openssl (3.3.2)
6867
ostruct (0.6.3)
6968
rack (3.2.1)
7069
rake (13.3.0)
@@ -97,6 +96,7 @@ GEM
9796
diff-lcs (>= 1.2.0, < 2.0)
9897
rspec-support (~> 3.13.0)
9998
rspec-support (3.13.6)
99+
securerandom (0.4.1)
100100
simple_dag (0.0.1)
101101
simplecov (0.22.0)
102102
docile (~> 1.1)
@@ -105,20 +105,10 @@ GEM
105105
simplecov-html (0.13.2)
106106
simplecov-lcov (0.9.0)
107107
simplecov_json_formatter (0.1.4)
108-
stringio (3.0.9)
108+
stringio (3.2.0)
109109

110110
PLATFORMS
111-
aarch64-linux-gnu
112-
aarch64-linux-musl
113-
arm-linux-gnu
114-
arm-linux-musl
115111
arm64-darwin
116-
ruby
117-
x86-linux-gnu
118-
x86-linux-musl
119-
x86_64-darwin
120-
x86_64-linux-gnu
121-
x86_64-linux-musl
122112

123113
DEPENDENCIES
124114
benchmark-ips
@@ -130,4 +120,4 @@ DEPENDENCIES
130120
simplecov-lcov (~> 0.8)
131121

132122
BUNDLED WITH
133-
2.6.9
123+
4.0.6

ruby-gem/LICENSE

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
Copyright 2026 OwnYourData.eu
2+
3+
Licensed under the Apache License, Version 2.0 (the "License");
4+
you may not use this file except in compliance with the License.
5+
You may obtain a copy of the License at
6+
7+
http://www.apache.org/licenses/LICENSE-2.0
8+
9+
Unless required by applicable law or agreed to in writing, software
10+
distributed under the License is distributed on an "AS IS" BASIS,
11+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12+
See the License for the specific language governing permissions and
13+
limitations under the License.

0 commit comments

Comments
 (0)