async def verifyProof(self, msg: Any): body, (frm, _) = msg link = self.verifyAndGetLink(msg) if not link: raise NotImplementedError proof = body[PROOF_FIELD] proofRequest = ProofRequest.from_str_dict(body[PROOF_REQUEST_FIELD]) nonce = getNonceForProof(body[NONCE]) proofName = proofRequest.name proofs = {} for key, p in proof['proofs'].items(): schema = await self.verifier.wallet.getSchema( ID(schemaId=int(p['schema_seq_no']))) pk = await self.verifier.wallet.getPublicKey( ID(schemaKey=schema.getKey())) proofs[key] = ProofInfo.from_str_dict(p, str(pk.N)) proof = FullProof( proofs, AggregatedProof.from_str_dict(proof['aggregated_proof']), RequestedProof.from_str_dict(proof['requested_proof'])) result = await self.verifier.verify(proofRequest, proof) self.logger.info('Proof "{}" accepted with nonce {}'.format( proofName, nonce)) self.logger.info('Verifying proof "{}" from {}'.format( proofName, link.name)) status = 'verified' if result else 'failed verification' resp = { TYPE: PROOF_STATUS, DATA: ' Your Proof {} {} was received and {}\n'.format( proofRequest.name, proofRequest.version, status), } self.signAndSend(resp, link.localIdentifier, frm, origReqId=body.get(f.REQ_ID.nm)) if result: for uuid, attribute in proofRequest.verifiableAttributes.items(): # Log attributes that were verified self.logger.info('verified {}: {}'.format( attribute.name, proof.requestedProof.revealed_attrs[uuid][1])) self.logger.info( 'Verified that proof "{}" contains attributes ' 'from claim(s) issued by: {}'.format( proofName, ", ".join( sorted([v.issuer_did for k, v in proof.proofs.items()])))) await self._postProofVerif(proofName, link, frm) else: self.logger.info( 'Verification failed for proof {} from {} '.format( proofName, link.name))
async def verifyProof(self, msg: Any): body, (frm, _) = msg link = self.verifyAndGetLink(msg) if not link: raise NotImplementedError proof = body[PROOF_FIELD] proofRequest = ProofRequest.from_str_dict(body[PROOF_REQUEST_FIELD]) nonce = getNonceForProof(body[NONCE]) proofName = proofRequest.name proofs = {} for key, p in proof['proofs'].items(): schema = await self.verifier.wallet.getSchema(ID(schemaId=int(p['schema_seq_no']))) pk = await self.verifier.wallet.getPublicKey(ID(schemaKey=schema.getKey())) proofs[key] = ProofInfo.from_str_dict(p, str(pk.N)) proof = FullProof(proofs, AggregatedProof.from_str_dict(proof['aggregated_proof']), RequestedProof.from_str_dict(proof['requested_proof'])) result = await self.verifier.verify(proofRequest, proof) self.logger.info('Proof "{}" accepted with nonce {}' .format(proofName, nonce)) self.logger.info('Verifying proof "{}" from {}' .format(proofName, link.name)) status = 'verified' if result else 'failed verification' resp = { TYPE: PROOF_STATUS, DATA: ' Your Proof {} {} was received and {}\n'. format(proofRequest.name, proofRequest.version, status), } self.signAndSend(resp, link.localIdentifier, frm, origReqId=body.get(f.REQ_ID.nm)) if result: for uuid, attribute in proofRequest.verifiableAttributes.items(): # Log attributes that were verified self.logger.info('verified {}: {}'. format(attribute.name, proof.requestedProof.revealed_attrs[uuid][1])) self.logger.info('Verified that proof "{}" contains attributes ' 'from claim(s) issued by: {}'.format( proofName, ", ".join( sorted([v.issuer_did for k, v in proof.proofs.items()])))) await self._postProofVerif(proofName, link, frm) else: self.logger.info('Verification failed for proof {} from {} ' .format(proofName, link.name))
async def verifyProof(self, msg: Any): body, (frm, _) = msg link = self.verifyAndGetLink(msg) if not link: raise NotImplementedError proofName = body[NAME] nonce = getNonceForProof(body[NONCE]) proof = FullProof.fromStrDict(body[PROOF_FIELD]) proofInput = ProofInput.fromStrDict(body[PROOF_INPUT_FIELD]) revealedAttrs = fromDictWithStrValues(body[REVEALED_ATTRS_FIELD]) result = await self.verifier.verify(proofInput, proof, revealedAttrs, nonce) self.logger.info('Proof "{}" accepted with nonce {}'.format( proofName, nonce)) self.logger.info('Verifying proof "{}" from {}'.format( proofName, link.name)) status = 'verified' if result else 'failed verification' resp = { TYPE: PROOF_STATUS, DATA: ' Your Proof {} {} was received and {}\n'.format( body[NAME], body[VERSION], status), } self.signAndSend(resp, link.localIdentifier, frm, origReqId=body.get(f.REQ_ID.nm)) if result: for attribute in proofInput.revealedAttrs: # Log attributes that were verified self.logger.info('verified {}: {}'.format( attribute, revealedAttrs[attribute])) self.logger.info( 'Verified that proof "{}" contains attributes ' 'from claim(s) issued by: {}'.format( proofName, ", ".join(sorted([sk.issuerId for sk in proof.schemaKeys])))) await self._postProofVerif(proofName, link, frm) else: self.logger.info( 'Verification failed for proof {} from {} '.format( proofName, link.name))
async def sendProofAsync(self, link: Link, claimPrfReq: ClaimProofRequest): nonce = getNonceForProof(link.invitationNonce) revealedAttrNames = claimPrfReq.verifiableAttributes proofInput = ProofInput(revealedAttrs=revealedAttrNames) proof, revealedAttrs = await self.prover.presentProof(proofInput, nonce) op = { NAME: claimPrfReq.name, VERSION: claimPrfReq.version, NONCE: link.invitationNonce, TYPE: CLAIM_PROOF, PROOF_FIELD: proof.toStrDict(), PROOF_INPUT_FIELD: proofInput.toStrDict(), REVEALED_ATTRS_FIELD: toDictWithStrValues(revealedAttrs) } self.signAndSend(msg=op, linkName=link.name)
def sendProofReq(self, link: Link, proofReqSchemaKey): if self._proofRequestsSchema and (proofReqSchemaKey in self._proofRequestsSchema): proofRequest = self._proofRequestsSchema[proofReqSchemaKey] proofRequest = ProofRequest( proofRequest[NAME], proofRequest[VERSION], getNonceForProof(link.invitationNonce), proofRequest[ATTRIBUTES], proofRequest[VERIFIABLE_ATTRIBUTES] if VERIFIABLE_ATTRIBUTES in proofRequest else [], proofRequest[PREDICATES] if PREDICATES in proofRequest else []) op = { TYPE: PROOF_REQUEST, PROOF_REQUEST_FIELD: proofRequest.to_str_dict() } self.signAndSendToLink(msg=op, linkName=link.name) else: return ERR_NO_PROOF_REQUEST_SCHEMA_FOUND
async def sendProofAsync(self, link: Link, proofRequest: ProofRequest): # TODO _F_ this nonce should be from the Proof Request, not from an # invitation nonce = getNonceForProof(link.invitationNonce) revealedAttrNames = proofRequest.verifiableAttributes proofInput = ProofInput(revealedAttrs=revealedAttrNames) # TODO rename presentProof to buildProof or generateProof proof, revealedAttrs = await self.prover.presentProof(proofInput, nonce) revealedAttrs.update(proofRequest.selfAttestedAttrs) op = OrderedDict([ (TYPE, PROOF), (NAME, proofRequest.name), (VERSION, proofRequest.version), (NONCE, link.invitationNonce), (PROOF_FIELD, proof.toStrDict()), (PROOF_INPUT_FIELD, proofInput.toStrDict()), # TODO _F_ why do we need to send this? isn't the same data passed as keys in 'proof'? (REVEALED_ATTRS_FIELD, toDictWithStrValues(revealedAttrs))]) self.signAndSend(msg=op, linkName=link.name)
async def sendProofAsync(self, link: Link, proofRequest: ProofRequest): # TODO _F_ this nonce should be from the Proof Request, not from an # invitation nonce = getNonceForProof(link.invitationNonce) revealedAttrNames = proofRequest.verifiableAttributes proofInput = ProofInput(revealedAttrs=revealedAttrNames) # TODO rename presentProof to buildProof or generateProof proof, revealedAttrs = await self.prover.presentProof(proofInput, nonce) revealedAttrs.update(proofRequest.selfAttestedAttrs) op = OrderedDict([ (TYPE, PROOF), (NAME, proofRequest.name), (VERSION, proofRequest.version), (NONCE, link.invitationNonce), (PROOF_FIELD, proof.toStrDict()), (PROOF_INPUT_FIELD, proofInput.toStrDict()), # TODO _F_ why do we need to send this? isn't the same data passed as keys in 'proof'? (REVEALED_ATTRS_FIELD, toDictWithStrValues(revealedAttrs))]) self.signAndSendToLink(msg=op, linkName=link.name)
async def verifyProof(self, msg: Any): body, (frm, _) = msg link = self.verifyAndGetLink(msg) if not link: raise NotImplementedError proofName = body[NAME] nonce = getNonceForProof(body[NONCE]) proof = FullProof.fromStrDict(body[PROOF_FIELD]) proofInput = ProofInput.fromStrDict(body[PROOF_INPUT_FIELD]) revealedAttrs = fromDictWithStrValues(body[REVEALED_ATTRS_FIELD]) result = await self.verifier.verify(proofInput, proof, revealedAttrs, nonce) self.logger.info('Proof "{}" accepted with nonce {}' .format(proofName, nonce)) self.logger.info('Verifying proof "{}" from {}' .format(proofName, link.name)) status = 'verified' if result else 'failed verification' resp = { TYPE: PROOF_STATUS, DATA: ' Your Proof {} {} was received and {}\n'. format(body[NAME], body[VERSION], status), } self.signAndSend(resp, link.localIdentifier, frm, origReqId=body.get(f.REQ_ID.nm)) if result: for attribute in proofInput.revealedAttrs: # Log attributes that were verified self.logger.info('verified {}: {}'. format(attribute, revealedAttrs[attribute])) self.logger.info('Verified that proof "{}" contains attributes ' 'from claim(s) issued by: {}'.format( proofName, ", ".join( sorted([sk.issuerId for sk in proof.schemaKeys])))) await self._postProofVerif(proofName, link, frm) else: self.logger.info('Verification failed for proof {} from {} ' .format(proofName, link.name))
def sendProofReq(self, link: Link, proofReqSchemaKey): if self._proofRequestsSchema and ( proofReqSchemaKey in self._proofRequestsSchema): proofRequest = self._proofRequestsSchema[proofReqSchemaKey] proofRequest = ProofRequest( proofRequest[NAME], proofRequest[VERSION], getNonceForProof(link.invitationNonce), proofRequest[ATTRIBUTES], proofRequest[VERIFIABLE_ATTRIBUTES] if VERIFIABLE_ATTRIBUTES in proofRequest else [], proofRequest[PREDICATES] if PREDICATES in proofRequest else [] ) op = { TYPE: PROOF_REQUEST, PROOF_REQUEST_FIELD: proofRequest.to_str_dict() } self.signAndSendToLink(msg=op, linkName=link.name) else: return ERR_NO_PROOF_REQUEST_SCHEMA_FOUND
def loadInvitation(self, invitationData): linkInvitation = invitationData["link-invitation"] remoteIdentifier = linkInvitation[f.IDENTIFIER.nm] # TODO signature should be validated! signature = invitationData["sig"] linkInvitationName = linkInvitation[NAME] remoteEndPoint = linkInvitation.get("endpoint", None) remote_verkey = linkInvitation.get("verkey", None) linkNonce = linkInvitation[NONCE] proofRequestsJson = invitationData.get("proof-requests", None) proofRequests = [] if proofRequestsJson: for cr in proofRequestsJson: proofRequests.append( ProofRequest( cr[NAME], cr[VERSION], getNonceForProof(linkNonce), cr[ATTRIBUTES], cr[VERIFIABLE_ATTRIBUTES] if VERIFIABLE_ATTRIBUTES in cr else [], cr[PREDICATES] if PREDICATES in cr else [])) self.notifyMsgListener( "1 link invitation found for {}.".format(linkInvitationName)) self.notifyMsgListener( "Creating Link for {}.".format(linkInvitationName)) # TODO: Would we always have a trust anchor corresponding to a link? li = Link(name=linkInvitationName, trustAnchor=linkInvitationName, remoteIdentifier=remoteIdentifier, remoteEndPoint=remoteEndPoint, invitationNonce=linkNonce, proofRequests=proofRequests, remote_verkey=remote_verkey) self.wallet.addLink(li) return li
def _merge_request(self, request_data): link_request = request_data.get('connection-request') linkName = link_request['name'] link = self.wallet.getConnection(linkName) request_proof_requests = request_data.get('proof-requests', None) nonce = link_request.get(NONCE) if request_proof_requests: for icr in request_proof_requests: # match is found if name and version are same matchedProofRequest = next( (cr for cr in link.proofRequests if (cr.name == icr[NAME] and cr.version == icr[VERSION])), None) # if link.requestedProofs contains any claim request if matchedProofRequest: # merge 'attributes' and 'verifiableAttributes' matchedProofRequest.attributes = { **matchedProofRequest.attributes, **icr[ATTRIBUTES] } matchedProofRequest.verifiableAttributes = dict( matchedProofRequest.verifiableAttributes, **icr[VERIFIABLE_ATTRIBUTES]) else: # otherwise append proof request to link link.proofRequests.append( ProofRequest( icr[NAME], icr[VERSION], getNonceForProof(nonce), attributes=icr[ATTRIBUTES], verifiableAttributes=icr[VERIFIABLE_ATTRIBUTES])) return link else: raise ConnectionAlreadyExists
async def verifyClaimProof(self, msg: Any): body, (frm, ha) = msg link = self.verifyAndGetLink(msg) if not link: raise NotImplementedError claimName = body[NAME] nonce = getNonceForProof(body[NONCE]) proof = FullProof.fromStrDict(body[PROOF_FIELD]) proofInput = ProofInput.fromStrDict(body[PROOF_INPUT_FIELD]) revealedAttrs = fromDictWithStrValues(body[REVEALED_ATTRS_FIELD]) result = await self.verifier.verify(proofInput, proof, revealedAttrs, nonce) self.agentLogger.info( 'Claim request accepted with nonce {}'.format(nonce)) self.agentLogger.info('Verifying claim proof request from {}'.format( link.name)) status = 'verified' if result else 'failed verification' resp = { TYPE: CLAIM_PROOF_STATUS, DATA: ' Your claim {} {} was received and {}\n'.format( body[NAME], body[VERSION], status), } self.signAndSend(resp, link.localIdentifier, frm, origReqId=body.get(f.REQ_ID.nm)) if result: for attribute in proofInput.revealedAttrs: # Log attributes that were verified self.agentLogger.info('{}: verified'.format(attribute)) await self._postClaimVerif(claimName, link, frm)
def loadInvitation(self, invitationData): linkInvitation = invitationData["link-invitation"] remoteIdentifier = linkInvitation[f.IDENTIFIER.nm] # TODO signature should be validated! signature = invitationData["sig"] linkInvitationName = linkInvitation[NAME] remoteEndPoint = linkInvitation.get("endpoint", None) remote_verkey = linkInvitation.get("verkey", None) linkNonce = linkInvitation[NONCE] proofRequestsJson = invitationData.get("proof-requests", None) proofRequests = [] if proofRequestsJson: for cr in proofRequestsJson: proofRequests.append( ProofRequest(cr[NAME], cr[VERSION], getNonceForProof(linkNonce), cr[ATTRIBUTES], cr[VERIFIABLE_ATTRIBUTES] if VERIFIABLE_ATTRIBUTES in cr else [], cr[PREDICATES] if PREDICATES in cr else [])) self.notifyMsgListener("1 link invitation found for {}.". format(linkInvitationName)) self.notifyMsgListener("Creating Link for {}.". format(linkInvitationName)) # TODO: Would we always have a trust anchor corresponding to a link? li = Link(name=linkInvitationName, trustAnchor=linkInvitationName, remoteIdentifier=remoteIdentifier, remoteEndPoint=remoteEndPoint, invitationNonce=linkNonce, proofRequests=proofRequests, remote_verkey=remote_verkey) self.wallet.addLink(li) return li