Added CDDL as data definition syntax for parts of the Abstract Data Model of DID Document and registry items

cddl/README.md

@@ -0,0 +1,6 @@
+# Decentralized Identifier Core Registries v1.0 examples 
+
+This folder contains the Concise Data Definition Language (CDDL) data definition for the DID Spec Registeries. 
+
+Additionally, each Property, Class and Type are broken down into separate components. 
+

cddl/accept.cddl

@@ -0,0 +1,3 @@
+did-document-resolution-request = {
+    accept : "application/did+json" / "application/did+ld+json" / "application/did+cbor" / "application/did+dag+cbor"
+}

cddl/accept_example1.cbor

@@ -0,0 +1 @@
+�facceptwapplication/did+ld+json

cddl/accept_example1.json

@@ -0,0 +1,3 @@
+{
+  "accept": "application/did+ld+json"
+}

cddl/accept_example2.cbor

@@ -0,0 +1 @@
+�facceptwapplication/did+ld+json

cddl/accept_example2.json

@@ -0,0 +1 @@
+{ "accept" : "application/did+cbor" }

cddl/accept_example3.cbor

@@ -0,0 +1 @@
+�faccepttapplication/did+json

cddl/accept_example3.json

@@ -0,0 +1 @@
+{ "accept" : "application/did+json" }

cddl/assertionMethod.cddl

@@ -0,0 +1,139 @@
+DID-document = {
+
+    assertionMethod : [ 1* verificationMethod ]
+
+}
+
+did = text .regexp "did\\:(?<method_name>[A-Za-z0-9]+)\\:(?<method_specific_id>[A-Za-z0-9\\.\\-\\:\\_]+)"
+
+did-url = text .regexp "did\\:(?<did_method>[a-z0-9]+)\\:(?<did_method_identifier>[A-Za-z0-9\\.\\-\\:\\_]+)\\/?(?<path>[A-Za-z0-9\\/]+)\\??(?<query>[A-Za-z0-9\\=\\&\\%\\-\\:]+)?\\#?(?<fragment>[A-Za-z0-9\\-]+)?"
+
+;; base URI value is the DID that is associated with the DID subject
+relative-did-url = text .regexp "#.+"   ;  fragment identifier of self relative DID url, i.e. #key-1 in DID document with `id` = did:example:123456789abcdefghi becomes `did:example:123456789abcdefghi#key-1`
+
+
+verificationMethod = publicKeyHex / ethereumAddress / publicKeyPem / publicKeyJwk / publicKeyBase58 / did-url / relative-did-url / publicKeyGpg / publicKey
+
+
+;;; 
+; verificationMethod types included below for convenience
+;;; 
+
+
+publicKeyJwk = {
+    id : did-url
+    type : VerificationMethodTypes
+    controller: did  / [1*did ]
+    publicKeyJwk : publicKeyEC / publicKeyOct / publicKeyed25519 / publicKeyRSA
+
+}
+
+
+;;; public key Hex is a type of verification method with public key encoded as base16
+publicKeyHex = {
+    id : did-url
+    type : VerificationMethodTypes
+    controller: did  / [1*did ]
+    publicKeyHex : text .regexp "[a-zA-F0-9]+"    ; only allows for hexadecimal representations 
+}
+
+
+publicKeyGpg = {
+    id : did-url
+    type : VerificationMethodTypes
+    controller: did  / [1*did ]
+    publicKeyGpg : text                           ;  This could probbaly be better to capture -----BEGIN PGP PUBLIC KEY BLOCK  
+}
+
+;;; public key Hex is a type of verification method with the public key encoded as base58 
+publicKeyBase58 = {
+    id : did-url
+    type : VerificationMethodTypes
+    controller: did  / [1*did ]
+    publicKeyBase58 : text .regexp "[a-zA-Z0-9]+"  ; only allows for base58 representations 
+}
+
+
+;;; ethereeum address is a type of verification method with ethereum address as public key information 
+ethereumAddress = {
+    id : did-url
+    type : "EcdsaSecp256k1RecoveryMethod2020"     ; this is the only type known for ethereum address 
+    controller: did  / [1*did ]
+    ethereumAddress :  text .regexp "0x[a-zA-F0-9]{40,40}"     ; only allows for hexadecimal representations
+}
+
+
+
+;;;
+; below is a partial list of properties of various well-known JWK public key types. 
+; as per https://github.com/w3c/did-core/issues/240, the is an active area of discussion 
+; additional constraints are necessary to finalize the data definition all all JWK types
+; below is a partial list of properties of various well-known JWK public key types. 
+;;;; 
+
+
+;;;
+publicKeyEC = {
+    crv : "P-256" / "P-384" / "P-521"
+    kty : "EC"
+    x : text 
+    y : text 
+    ? "kid" : text        ; should be sha256 fingerprint 
+} 
+
+
+;;; Octet sequence key for representing secret keys
+publicKeyOct = {
+    kty : "oct"
+    ? kid : text ; this should be the sha256 fingerprint 
+    alg : "HS256" / "HS384" / "HS512"
+    k : text .size 32    ; for shared secret 
+}
+
+
+;; Octet key pair key like ed25519 
+publicKeyed25519 = {
+    kty : "OKP"
+    crv : "Ed25519"
+    x   : text .size 32
+    use : "sig" / "enc"
+    ? kid : text           ; should be sha256 fingerprint 
+}
+
+publicKey = {
+    id : did-url
+    type : VerificationMethodTypes
+    controller: did  / [1*did ]
+    publicKeyPem : text       ; this could be improved 
+
+}
+
+publicKeyPem = {
+    id : did-url
+    type : VerificationMethodTypes
+    controller: did  / [1*did ]
+    publicKeyPem : text       ; this could be improved 
+}
+
+;;; RSA key type 
+publicKeyRSA = {
+    alg : "RSA"
+    mod : text   ; 
+    exp : text   ; 
+    ? kid : text        ; should be sha256 fingerprint
+}
+
+
+; current list of all registered Verification Method classes
+; These are classes not a properties - in other words, use them for the value of type in a verification method object.
+VerificationMethodTypes = 
+    "JsonWebKey2020" / 
+    "Ed25519VerificationKey2018" / 
+    "EcdsaSecp256k1VerificationKey2019" / 
+    "SchnorrSecp256k1VerificationKey2019" /
+    "Ed25519VerificationKey2018" / 
+    "GpgVerificationKey2020" / 
+    "RsaVerificationKey2018" / 
+    "X25519KeyAgreementKey2019" /
+    "EcdsaSecp256k1RecoveryMethod2020"
+

cddl/assertionMethod_example7.cbor

@@ -0,0 +1 @@
+�oassertionMethod��bidx@did:example:123#z6MkpzW2izkFjNwMBwwvKqmELaQcH8t54QL5xmBdJg9Xh1y4dtypexEd25519VerificationKey2018jcontrollerodid:example:123opublicKeyBase58x,BYEz8kVpPqSt5T7DeGoPVUrcTZcDeX5jGkGhUQBWmoBgx;did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q

cddl/assertionMethod_example7.json

@@ -0,0 +1,10 @@
+{
+  "assertionMethod": [{
+    "id": "did:example:123#z6MkpzW2izkFjNwMBwwvKqmELaQcH8t54QL5xmBdJg9Xh1y4",
+    "type": "Ed25519VerificationKey2018",
+    "controller": "did:example:123",
+    "publicKeyBase58": "BYEz8kVpPqSt5T7DeGoPVUrcTZcDeX5jGkGhUQBWmoBg"
+  },
+  "did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q"
+  ]
+}

cddl/authentication.cddl

@@ -0,0 +1,136 @@
+DID-document = {
+    authentication : [ 1* verificationMethod ] 
+}
+
+did = text .regexp "did\\:(?<method_name>[A-Za-z0-9]+)\\:(?<method_specific_id>[A-Za-z0-9\\.\\-\\:\\_]+)"
+
+did-url = text .regexp "did\\:(?<did_method>[a-z0-9]+)\\:(?<did_method_identifier>[A-Za-z0-9\\.\\-\\:\\_]+)\\/?(?<path>[A-Za-z0-9\\/]+)\\??(?<query>[A-Za-z0-9\\=\\&\\%\\-\\:]+)?\\#?(?<fragment>[A-Za-z0-9\\-]+)?"
+
+;; base URI value is the DID that is associated with the DID subject
+relative-did-url = text .regexp "#.+"   ;  fragment identifier of self relative DID url, i.e. #key-1 in DID document with `id` = did:example:123456789abcdefghi becomes `did:example:123456789abcdefghi#key-1`
+
+
+verificationMethod = publicKeyHex / ethereumAddress / publicKeyPem / publicKeyJwk / publicKeyBase58 / did-url / relative-did-url / publicKeyGpg / publicKey
+
+
+;;; 
+; verificationMethod types included below for convenience
+;;; 
+
+publicKeyJwk = {
+    id : did-url
+    type : VerificationMethodTypes
+    controller : did
+    publicKeyJwk : publicKeyEC / publicKeyOct / publicKeyed25519 / publicKeyRSA
+
+}
+
+
+;;; public key Hex is a type of verification method with public key encoded as base16
+publicKeyHex = {
+    id : did-url
+    type : VerificationMethodTypes
+    controller : did 
+    publicKeyHex : text .regexp "[a-zA-F0-9]+"    ; only allows for hexadecimal representations 
+}
+
+
+publicKeyGpg = {
+    id : did-url
+    type : VerificationMethodTypes
+    controller : did 
+    publicKeyGpg : text                           ;  This could probbaly be better to capture -----BEGIN PGP PUBLIC KEY BLOCK  
+}
+
+;;; public key Hex is a type of verification method with the public key encoded as base58 
+publicKeyBase58 = {
+    id : did-url
+    type : VerificationMethodTypes
+    controller : did 
+    publicKeyBase58 : text .regexp "[a-zA-Z0-9]+"  ; only allows for base58 representations 
+}
+
+
+;;; ethereeum address is a type of verification method with ethereum address as public key information 
+ethereumAddress = {
+    id : did-url
+    type : "EcdsaSecp256k1RecoveryMethod2020"     ; this is the only type known for ethereum address 
+    controller : did 
+    ethereumAddress :  text .regexp "0x[a-zA-F0-9]{40,40}"     ; only allows for hexadecimal representations
+}
+
+
+
+;;;
+; below is a partial list of properties of various well-known JWK public key types. 
+; as per https://github.com/w3c/did-core/issues/240, the is an active area of discussion 
+; additional constraints are necessary to finalize the data definition all all JWK types
+; below is a partial list of properties of various well-known JWK public key types. 
+;;;; 
+
+
+;;;
+publicKeyEC = {
+    crv : "P-256" / "P-384" / "P-521"
+    kty : "EC"
+    x : text 
+    y : text 
+    ? "kid" : text        ; should be sha256 fingerprint 
+} 
+
+
+;;; Octet sequence key for representing secret keys
+publicKeyOct = {
+    kty : "oct"
+    ? kid : text ; this should be the sha256 fingerprint 
+    alg : "HS256" / "HS384" / "HS512"
+    k : text .size 32    ; for shared secret 
+}
+
+
+;; Octet key pair key like ed25519 
+publicKeyed25519 = {
+    kty : "OKP"
+    crv : "Ed25519"
+    x   : text .size 32
+    use : "sig" / "enc"
+    ? kid : text           ; should be sha256 fingerprint 
+}
+
+publicKey = {
+    id : did-url
+    type : VerificationMethodTypes
+    controller : did
+    publicKeyPem : text       ; this could be improved 
+
+}
+
+publicKeyPem = {
+    id : did-url
+    type : VerificationMethodTypes
+    controller : did
+    publicKeyPem : text       ; this could be improved 
+}
+
+;;; RSA key type 
+publicKeyRSA = {
+    alg : "RSA"
+    mod : text   ; 
+    exp : text   ; 
+    ? kid : text        ; should be sha256 fingerprint
+}
+
+
+; current list of all registered Verification Method classes
+; These are classes not a properties - in other words, use them for the value of type in a verification method object.
+VerificationMethodTypes = 
+    "JsonWebKey2020" / 
+    "Ed25519VerificationKey2018" / 
+    "EcdsaSecp256k1VerificationKey2019" / 
+    "SchnorrSecp256k1VerificationKey2019" /
+    "Ed25519VerificationKey2018" / 
+    "GpgVerificationKey2020" / 
+    "RsaVerificationKey2018" / 
+    "X25519KeyAgreementKey2019" /
+    "EcdsaSecp256k1RecoveryMethod2020"
+

cddl/authentication_example8.cbor

@@ -0,0 +1 @@
+�nauthentication��bidx@did:example:123#z6MkpzW2izkFjNwMBwwvKqmELaQcH8t54QL5xmBdJg9Xh1y4dtypexEd25519VerificationKey2018jcontrollerodid:example:123opublicKeyBase58x,BYEz8kVpPqSt5T7DeGoPVUrcTZcDeX5jGkGhUQBWmoBgx;did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q

cddl/authentication_example8.json

@@ -0,0 +1,10 @@
+{
+  "authentication": [{
+    "id": "did:example:123#z6MkpzW2izkFjNwMBwwvKqmELaQcH8t54QL5xmBdJg9Xh1y4",
+    "type": "Ed25519VerificationKey2018",
+    "controller": "did:example:123",
+    "publicKeyBase58": "BYEz8kVpPqSt5T7DeGoPVUrcTZcDeX5jGkGhUQBWmoBg"
+  },
+  "did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q"
+  ]
+}

cddl/authentication_example8b.cbor

@@ -0,0 +1 @@
+�nauthentication��bidx%did:example:123456789abcdefghi#keys-1dtypexEd25519VerificationKey2018jcontrollerxdid:example:123456789abcdefghiopublicKeyBase58x,H3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV

cddl/authentication_example8b.json

@@ -0,0 +1,8 @@
+{
+  "authentication": [{
+    "id": "did:example:123456789abcdefghi#keys-1",
+    "type": "Ed25519VerificationKey2018",
+    "controller": "did:example:123456789abcdefghi",
+    "publicKeyBase58": "H3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV"
+  } ]
+}