oak

package module
v0.0.0-...-a5a7079 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 8, 2022 License: Apache-2.0 Imports: 40 Imported by: 0

README

Oak VDR

Oak vdr used to manage DID operation.

New VDR

import (
	"crypto"
	"github.com/hyperledger/aries-framework-go-ext/component/vdr/Oak"
)

type keyRetrieverImpl struct {
	nextRecoveryPublicKey crypto.PublicKey
	nextUpdatePublicKey   crypto.PublicKey
	updateKey             crypto.PrivateKey
	recoverKey            crypto.PrivateKey
}

func (k *keyRetrieverImpl) GetNextRecoveryPublicKey(didID string) (crypto.PublicKey, error) {
	return k.nextRecoveryPublicKey, nil
}

func (k *keyRetrieverImpl) GetNextUpdatePublicKey(didID string) (crypto.PublicKey, error) {
	return k.nextUpdatePublicKey, nil
}

func (k *keyRetrieverImpl) GetSigningKey(didID string, ot Oak.OperationType) (crypto.PrivateKey, error) {
	if ot == Oak.Update {
		return k.updateKey, nil
	}

	return k.recoverKey, nil
}


keyRetrieverImpl := &keyRetrieverImpl{}

vdr, err := Oak.New(keyRetrieverImpl, Oak.WithDomain("https://testnet.devel.trustbloc.dev"))
	if err != nil {
		return err
}

Create DID

For creating DID use vdr create and pass DID document. To discover Oak instance there are two ways explicitly or through domain.

import (
"crypto"
"crypto/ed25519"
"crypto/rand"
"fmt"

ariesdid "github.com/hyperledger/aries-framework-go/pkg/doc/did"
"github.com/hyperledger/aries-framework-go/pkg/doc/jose"
vdrapi "github.com/hyperledger/aries-framework-go/pkg/framework/aries/api/vdr"

"github.com/hyperledger/aries-framework-go-ext/component/vdr/Oak"
)

recoveryKey, recoveryKeyPrivateKey, err := ed25519.GenerateKey(rand.Reader)
if err != nil {
	return err
}

updateKey, updateKeyPrivateKey, err := ed25519.GenerateKey(rand.Reader)
if err != nil {
	return err
}

didPublicKey, _, err := ed25519.GenerateKey(rand.Reader)
if err != nil {
	return err
}

jwk, err := jose.JWKFromKey(didPublicKey)
if err != nil {
	return err
}

vm,err:=ariesdid.NewVerificationMethodFromJWK("key1", "Ed25519VerificationKey2018", "", jwk)
if err != nil {
	return err
}

didDoc := &ariesdid.Doc{}

// add did keys
didDoc.Authentication = append(didDoc.Authentication, *ariesdid.NewReferencedVerification(vm,
		ariesdid.Authentication))

// add did services
didDoc.Service = []ariesdid.Service{{ID: "svc1", Type: "type", ServiceEndpoint: "http://www.example.com/"}}

// create did
createdDocResolution, err := vdr.Create(didDoc,
		vdrapi.WithOption(Oak.RecoveryPublicKeyOpt, recoveryKey),
		vdrapi.WithOption(Oak.UpdatePublicKeyOpt, updateKey),
		// No need to use this option because we already use domain
		// vdrapi.WithOption(Oak.OperationEndpointsOpt, []string{"https://Oak-1.devel.trustbloc.dev/sidetree/v1/operations"}),
		vdrapi.WithOption(Oak.AnchorOriginOpt, "https://Oak-2.devel.trustbloc.dev/services/Oak"))
if err != nil {
	return err
}

fmt.Println(createdDocResolution.DIDDocument.ID)

// recovery private key be will used to sign next recovery request
keyRetrieverImpl.recoverKey = recoveryKeyPrivateKey
// update private key will be used to sign next update request
keyRetrieverImpl.updateKey = updateKeyPrivateKey


discoverableDID := createdDocResolution.DIDDocument.ID

Resolve DID

For resolving DID use vdr read and pass DID URI. To discover Oak instance there are two ways explicitly or through did URI.

docResolution, err := vdr.Read(discoverableDID)
if err != nil {
	return err
}

fmt.Println(docResolution.DIDDocument.ID)

Update DID

For updating DID use vdr update and pass DID document. To discover Oak instance there are two ways explicitly or through domain.

updateKey, updateKeyPrivateKey, err := ed25519.GenerateKey(rand.Reader)
if err != nil {
	return err
}

// this key will used for next update request
keyRetrieverImpl.nextUpdatePublicKey = updateKey

didPublicKey, _, err := ed25519.GenerateKey(rand.Reader)
if err != nil {
	return err
}

jwk, err := jose.JWKFromKey(didPublicKey)
if err != nil {
	return err
}

vm,err:=ariesdid.NewVerificationMethodFromJWK("key1", "Ed25519VerificationKey2018", "", jwk)
if err != nil {
	return err
}


didDoc := &ariesdid.Doc{ID: discoverableDID}

didDoc.Authentication = append(didDoc.Authentication, *ariesdid.NewReferencedVerification(vm,
		ariesdid.Authentication))

didDoc.CapabilityInvocation = append(didDoc.CapabilityInvocation, *ariesdid.NewReferencedVerification(vm,
		ariesdid.CapabilityInvocation))

didDoc.Service = []ariesdid.Service{
		{
			ID:              "svc1",
			Type:            "typeUpdated",
			ServiceEndpoint: "http://www.example.com/",
		},
		{
			ID:              "svc2",
			Type:            "type",
			ServiceEndpoint: "http://www.example.com/",
		},
}

if err := vdr.Update(didDoc); err != nil {
	return err
}

// update private key will be used to sign next update request
keyRetrieverImpl.updateKey = updateKeyPrivateKey

Recover DID

For recovering DID use vdr recover and pass DID document. To discover Oak instance there are two ways explicitly or through domain.

recoveryKey, recoveryKeyPrivateKey, err := ed25519.GenerateKey(rand.Reader)
if err != nil {
	return err
}

// this key will used for next recover request
keyRetriever.nextRecoveryPublicKey = recoveryKey

didDoc := &ariesdid.Doc{ID: discoverableDID}

didPublicKey, _, err := ed25519.GenerateKey(rand.Reader)
if err != nil {
	return err
}

jwk, err := jose.JWKFromKey(didPublicKey)
if err != nil {
	return err
}

vm,err:=ariesdid.NewVerificationMethodFromJWK("key1", "Ed25519VerificationKey2018", "", jwk)
if err != nil {
	return err
}


didDoc.CapabilityInvocation = append(didDoc.CapabilityInvocation, *ariesdid.NewReferencedVerification(vm,
	ariesdid.CapabilityDelegation))

didDoc.Service = []ariesdid.Service{{ID: "svc1", Type: "type", ServiceEndpoint: "http://www.example.com/"}}

if err := e.vdr.Update(didDoc,
	vdrapi.WithOption(Oak.RecoverOpt, true), 
	vdrapi.WithOption(Oak.AnchorOriginOpt, "https://Oak-2.devel.trustbloc.dev/services/Oak")); err != nil {
	return err
}

// recover private key will be used to sign next recover request
keyRetrieverImpl.recoverKey = recoveryKeyPrivateKey

Deactivate DID

For deactivating DID use vdr recover and pass DID URI. To discover Oak instance there are two ways explicitly or through domain.

if err:=vdr.Deactivate(discoverableDID);err!=nil{
 return err
}

Documentation

Overview

Package oak implement oak vdr

Index

Constants

View Source
const (
	// DIDMethod did method.
	DIDMethod = "oak"
	// OperationEndpointsOpt operation endpoints opt.
	OperationEndpointsOpt = "operationEndpoints"
	// ResolutionEndpointsOpt resolution endpoints opt.
	ResolutionEndpointsOpt = "resolutionEndpointsOpt"
	// UpdatePublicKeyOpt update public key opt.
	UpdatePublicKeyOpt = "updatePublicKey"
	// RecoveryPublicKeyOpt recovery public key opt.
	RecoveryPublicKeyOpt = "recoveryPublicKey"
	// RecoverOpt recover opt.
	RecoverOpt = "recover"
	// AnchorOriginOpt anchor origin opt this option is not mandatory.
	AnchorOriginOpt = "anchorOrigin"
	// CheckDIDAnchored check did is anchored.
	CheckDIDAnchored = "checkDIDAnchored"
	// CheckDIDUpdated check did is updated.
	CheckDIDUpdated = "checkDIDUpdated"
	// TracingCtxOpt tracing opt.
	TracingCtxOpt = "tracingCtxOpt"
	// VersionIDOpt version id opt this option is not mandatory.
	VersionIDOpt = httpbinding.VersionIDOpt
	// VersionTimeOpt version time opt this option is not mandatory.
	VersionTimeOpt = httpbinding.VersionTimeOpt
)

Variables

This section is empty.

Functions

This section is empty.

Types

type KeyRetriever

type KeyRetriever interface {
	GetNextRecoveryPublicKey(didID, commitment string) (crypto.PublicKey, error)
	GetNextUpdatePublicKey(didID, commitment string) (crypto.PublicKey, error)
	GetSigner(didID string, ot OperationType, commitment string) (api.Signer, error)
}

KeyRetriever key retriever.

type OperationType

type OperationType int

OperationType operation type.

const (
	// Update operation.
	Update OperationType = iota
	// Recover operation.
	Recover
)

type Option

type Option func(opts *VDR)

Option configures the bloc vdr.

func WithAuthToken

func WithAuthToken(authToken string) Option

WithAuthToken add auth token.

func WithAuthTokenProvider

func WithAuthTokenProvider(p authTokenProvider) Option

WithAuthTokenProvider add auth token provider.

func WithDisableProofCheck

func WithDisableProofCheck(disable bool) Option

WithDisableProofCheck disable proof check.

func WithDocumentLoader

func WithDocumentLoader(l jsonld.DocumentLoader) Option

WithDocumentLoader overrides the default JSONLD document loader used when processing JSONLD DID Documents.

func WithDomain

func WithDomain(domain string) Option

WithDomain option is setting domain. to set multiple domains call this option multiple times.

func WithHTTPClient

func WithHTTPClient(httpClient *http.Client) Option

WithHTTPClient option is for custom http client.

func WithIPFSEndpoint

func WithIPFSEndpoint(endpoint string) Option

WithIPFSEndpoint overrides the global ipfs endpoint.

func WithTLSConfig

func WithTLSConfig(tlsConfig *tls.Config) Option

WithTLSConfig option is for definition of secured HTTP transport using a tls.Config instance.

func WithUnanchoredMaxLifeTime

func WithUnanchoredMaxLifeTime(duration time.Duration) Option

WithUnanchoredMaxLifeTime option is max time for unanchored to be trusted .

func WithVerifyResolutionResultType

func WithVerifyResolutionResultType(v VerifyResolutionResultType) Option

WithVerifyResolutionResultType option is set verify resolution result type.

type ResolveDIDRetry

type ResolveDIDRetry struct {
	MaxNumber int
	SleepTime *time.Duration
}

ResolveDIDRetry resolve did retry.

type SelectDomainService

type SelectDomainService interface {
	Choose(domains []string) (string, error)
}

SelectDomainService select domain service.

type VDR

type VDR struct {
	// contains filtered or unexported fields
}

VDR bloc.

func New

func New(keyRetriever KeyRetriever, opts ...Option) (*VDR, error)

New creates new oak VDR.

func (*VDR) Accept

func (v *VDR) Accept(method string) bool

Accept did method.

func (*VDR) Close

func (v *VDR) Close() error

Close vdr.

func (*VDR) Create

func (v *VDR) Create(did *docdid.Doc,
	opts ...vdrapi.DIDMethodOption) (*docdid.DocResolution, error)

Create did doc. nolint: gocyclo,funlen

func (*VDR) Deactivate

func (v *VDR) Deactivate(didID string, opts ...vdrapi.DIDMethodOption) error

Deactivate did doc.

func (*VDR) Read

func (v *VDR) Read(did string, opts ...vdrapi.DIDMethodOption) (*docdid.DocResolution, error)

Read oak DID. nolint: funlen,gocyclo,gocognit

func (*VDR) Update

func (v *VDR) Update(didDoc *docdid.Doc, opts ...vdrapi.DIDMethodOption) error

Update did doc.

type VerifyResolutionResultType

type VerifyResolutionResultType int

VerifyResolutionResultType verify resolution result type.

const (
	// All will verify document if it has unpublished or published operations.
	All VerifyResolutionResultType = iota
	// Unpublished will verify document only if it has unpublished operations.
	Unpublished
	// None will not verify document.
	None
)

Directories

Path Synopsis
internal
ldcontext
Package ldcontext implement ld context
Package ldcontext implement ld context
Package lb implement load balancer
Package lb implement load balancer
Package tracing implement trace
Package tracing implement trace
util
concurrent/rollingcounter
Package rollingcounter implement rolling counter
Package rollingcounter implement rolling counter

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL