From 9ebd3b18a42fc6ef6d01ef793aab0b0243b0561b Mon Sep 17 00:00:00 2001 From: Cayo Puigdefabregas Date: Thu, 21 Nov 2024 12:39:34 +0100 Subject: [PATCH] create credential snapshots --- .../credentials/device-snapshot.json | 67 ++++++++++ idhub/templates/credentials/snapshot.json | 48 ------- schemas/device-snapshot.json | 122 ++++++++++++++++++ schemas/workbench.json | 74 ----------- 4 files changed, 189 insertions(+), 122 deletions(-) create mode 100644 idhub/templates/credentials/device-snapshot.json delete mode 100644 idhub/templates/credentials/snapshot.json create mode 100644 schemas/device-snapshot.json delete mode 100644 schemas/workbench.json diff --git a/idhub/templates/credentials/device-snapshot.json b/idhub/templates/credentials/device-snapshot.json new file mode 100644 index 0000000..6038c95 --- /dev/null +++ b/idhub/templates/credentials/device-snapshot.json @@ -0,0 +1,67 @@ +{ + "@context": [ + "https://www.w3.org/2018/credentials/v1", + "https://idhub.pangea.org/vc_schemas/v1/device-snapshot.json" + ], + "type": ["VerifiableCredential", "DeviceSnapshot"], + "issuer": "{{ issuer_did }}", + "issuanceDate": "{{ issuance_date }}", + "credentialSubject": { + "operatorId": "{{ operatorid }}", + "uuid": "{{ uuid }}", + "type": "hardwareList", + "software": "workbench-script", + "deviceId": [ + { + "name": "Manufacturer", + "value": "{{ manufacturer }}" + }, + { + "name": "Model", + "value": "{{ model }}" + }, + { + "name": "Serial", + "value": "{{ serial_number }}" + }, + { + "name": "SKU", + "value": "{{ sku }}" + }, + { + "name": "EthernetMacAddress", + "value": "{{ mac }}" + } + ], + "timestamp": "{{ issuance_date }}" + }, + "evidence": [ + { + "type": "HardwareList", + "operation": "dmidecode", + "output": "{{ dmidecode }}", + "timestamp": "{{ issuance_date }}" + }, + { + "type": "HardwareList", + "operation": "{{ smartctl }}", + "output": "{{ smartctl }}", + "timestamp": "{{ issuance_date }}" + }, + { + "type": "HardwareList", + "operation": "{{ inxi }}", + "output": "{{ inxi }}", + "timestamp": "{{ issuance_date }}" + } + ], + "credentialStatus": { + "id": "{{ credential_status_id}}", + "type": "RevocationBitmap2022", + "revocationBitmapIndex": "{{ id_credential }}" + }, + "credentialSchema": { + "id": "https://idhub.pangea.org/vc_schemas/device-snapshot.json", + "type": "FullJsonSchemaValidator2021" + } +} diff --git a/idhub/templates/credentials/snapshot.json b/idhub/templates/credentials/snapshot.json deleted file mode 100644 index 2781a23..0000000 --- a/idhub/templates/credentials/snapshot.json +++ /dev/null @@ -1,48 +0,0 @@ -{ - "@context": [ - "https://www.w3.org/2018/credentials/v1", - "https://idhub.pangea.org/context/base.jsonld", - "https://idhub.pangea.org/context/snapshot.jsonld" - ], - "id": "urn:uuid:{{ vc_id }}", - "type": [ - "VerifiableCredential", - "DeviceSnapshot" - ], - "issuer": { - "id": "{{ issuer_did }}", - "name": "{{ organisation }}" - }, - "issuanceDate": "{{ issuance_date }}", - "validFrom": "{{ issuance_date }}", - "name": [ - { - "value": "Snapshot of Workbench script", - "lang": "en" - } - ], - "description": [ - { - "value": "Snapshot of Workbench script software for discover hardware", - "lang": "en" - } - ], - "credentialSubject": { - "id": "{{ token_hash }}", - "uuid": "{{ uuid }}", - "type": "{{ type }}", - "software": "{{ software }}", - "timestamp": "{{ timestamp }}", - "data": "{{ data }}", - "dataDeletion": "{{ erase }}" - }, - "credentialStatus": { - "id": "{{ credential_status_id}}", - "type": "RevocationBitmap2022", - "revocationBitmapIndex": "{{ id_credential }}" - }, - "credentialSchema": { - "id": "https://idhub.pangea.org/vc_schemas/v1/workbench.json", - "type": "FullJsonSchemaValidator2021" - } -} diff --git a/schemas/device-snapshot.json b/schemas/device-snapshot.json new file mode 100644 index 0000000..db3ffb5 --- /dev/null +++ b/schemas/device-snapshot.json @@ -0,0 +1,122 @@ +{ + "$id": "https://idhub.pangea.org/vc_schemas/v1/device-snapshot.json", + "$schema": "https://json-schema.org/draft/2020-12/schema", + "title": "DeviceSnapshot", + "description": "Snapshot create by workbench-script, software for discover hardware in one device.", + "name": [ + { + "value": "Snapshot", + "lang": "en" + } + ], + "type": "object", + "allOf": [ + { + "$ref": "https://www.w3.org/2018/credentials/v1" + }, + { + "properties": { + "credentialSubject": { + "description": "Define the properties of a digital device snapshot", + "type": "object", + "properties": { + "operatorId": { + "description": "Indentifier related to the product operator, defined a hash of an Id token (10 chars enough)", + "type": "string", + "minLength": 10 + }, + "uuid": { + "description": "Unique identifier of the snapshot.", + "type": "string", + "minLength": 36 + }, + "type": { + "description": "Defines a snapshot type, e.g., hardwareList, dataDeletion (need to adjust the enum values).", + "type": "string", + "enum": [ + "hardwareList", "dataDeletion" + ], + "minLength": 1 + }, + "software": { + "description": "Name of the snapshot software used.", + "type": "string", + "enum": [ + "workbench-script" + ], + "minLength": 1 + }, + "deviceId": { + "description": "List of identification properties for the device, each with a name and value.", + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "description": "The type of device identifier information, e.g., ManufacturerSerial, EthernetMacAddress.", + "type": "string" + }, + "value": { + "description": "The value of the device identifier information.", + "type": "string" + } + }, + "required": ["name", "value"] + } + }, + "timestamp": { + "description": "Date and time of this snapshot.", + "type": "string", + "format": "date-time" + } + }, + "required": [ + "uuid", + "type", + "timestamp" + ] + }, + "evidence": { + "description": "Contains supporting evidence about the process which resulted in the issuance of this credential as a result of system operations.", + "type": "array", + "items": { + "type": "object", + "properties": { + "type": { + "description": "Type of evidence, linked to credentialSubject.type.", + "type": "string", + "enum": [ + "HardwareList", + "DataDeletion" + ] + }, + "operation": { + "description": "Specifies the command executed for evidence generation.", + "type": "string", + "enum": [ + "inxi", + "dmidecode", + "smartctl" + ] + }, + "output": { + "description": "Output from the executed command.", + "type": "string" + }, + "timestamp": { + "description": "Timestamp of the evidence generation if needed.", + "type": "string", + "format": "date-time" + } + }, + "required": [ + "type", + "operation", + "output" + ] + } + } + } + } + ] +} diff --git a/schemas/workbench.json b/schemas/workbench.json deleted file mode 100644 index 128e1c5..0000000 --- a/schemas/workbench.json +++ /dev/null @@ -1,74 +0,0 @@ -{ - "$id": "https://idhub.pangea.org/vc_schemas/v1/workbench.json", - "$schema": "https://json-schema.org/draft/2020-12/schema", - "title": "DeviceSnapshot", - "description": "Snapshot create by workbench-script, software for discover hardware in one device.", - "name": [ - { - "value": "Snapshot", - "lang": "en" - }, - ], - "type": "object", - "allOf": [ - { - "$ref": "https://www.w3.org/2018/credentials/v1" - }, - { - "properties": { - "credentialSubject": { - "description": "Define the properties of a digital device snapshot", - "type": "object", - "properties": { - "id": { - "description": "Defines a hash of id token", - "type": "string", - "minLength": 36 - }, - "uuid": { - "description": "Defines a unique identifier of the snapshot", - "type": "string", - "minLength": 36 - }, - "type": { - "type": "string", - "enum": [ - "Snapshot" - ], - "minLength": 1 - }, - "software": { - "description": "Name of software used.", - "type": "string", - "enum": [ - "workbench-script" - ], - "minLength": 1 - }, - "timestamp": { - "description": "Time when is make this snapshot.", - "type": "date-time" - }, - "data": { - "description": "Device details discovery data.", - "type": "string", - }, - "dataDeletion": { - "description": "Datas of erase disk process", - "type": "string", - "minLength": 0 - } - }, - "required": [ - "id", - "uuid", - "type", - "software", - "timestamp", - "data" - ] - } - } - } - ] -}