def client_send_revoc_reg_def(looper, txnPoolNodeSet, sdk_wallet_client,
sdk_pool_handle, build_revoc_def_by_default,
claim_def, tconf):
# We need to have claim_def to send revocation txns
Authoriser.auth_map = None
OLD_ANYONE_CAN_WRITE = tconf.ANYONE_CAN_WRITE
tconf.ANYONE_CAN_WRITE = True
claim_def_req = sdk_sign_request_from_dict(looper, sdk_wallet_client,
claim_def)
sdk_send_and_check([json.dumps(claim_def_req)], looper, txnPoolNodeSet,
sdk_pool_handle)
tconf.ANYONE_CAN_WRITE = OLD_ANYONE_CAN_WRITE
Authoriser.auth_map = None
_, author_did = sdk_wallet_client
revoc_reg = build_revoc_def_by_default
revoc_reg['operation'][CRED_DEF_ID] = \
make_state_path_for_claim_def(author_did,
str(claim_def_req['operation'][CLAIM_DEF_SCHEMA_REF]),
claim_def_req['operation'][CLAIM_DEF_SIGNATURE_TYPE],
claim_def_req['operation'][CLAIM_DEF_TAG]
).decode()
revoc_req = sdk_sign_request_from_dict(looper, sdk_wallet_client,
revoc_reg['operation'])
_, revoc_reply = sdk_send_and_check([json.dumps(revoc_req)], looper,
txnPoolNodeSet, sdk_pool_handle)[0]
return revoc_req
def add_tag_into_cred_def_id(val):
new_val = copy.deepcopy(val)
old_cred_def_id = new_val.get(CRED_DEF_ID, None)
if old_cred_def_id:
path_elems = old_cred_def_id.split(':')
if len(path_elems) == 4:
did, marker, sig_type, schema_seq_no = path_elems
new_cred_def_id = domain.make_state_path_for_claim_def(authors_did=did,
schema_seq_no=schema_seq_no,
signature_type=sig_type,
tag=CLAIM_DEF_TAG_DEFAULT)
new_val[CRED_DEF_ID] = new_cred_def_id.decode()
rev_type = new_val.get(REVOC_TYPE)
rev_tag = new_val.get(TAG)
if not all([rev_type, rev_tag]):
return False
new_revoc_reg_def_id = domain.make_state_path_for_revoc_def(authors_did=did,
cred_def_id=new_cred_def_id.decode(),
revoc_def_type=rev_type,
revoc_def_tag=rev_tag)
new_val[ID] = new_revoc_reg_def_id.decode()
else:
return False
else:
return False
return new_val
def build_revoc_def_by_default(self,
claim_def_req,
author_did=None,
wallet=None,
req_def_id=None):
wallet = wallet if wallet else self.trustee_wallet
author_did = author_did if author_did else self.trustee_wallet[1]
data = {
ID:
req_def_id if req_def_id else randomString(50),
TXN_TYPE:
REVOC_REG_DEF,
REVOC_TYPE:
"CL_ACCUM",
TAG:
randomString(5),
CRED_DEF_ID:
make_state_path_for_claim_def(
author_did,
str(claim_def_req['operation'][CLAIM_DEF_SCHEMA_REF]),
claim_def_req['operation'][CLAIM_DEF_SIGNATURE_TYPE],
claim_def_req['operation'][CLAIM_DEF_TAG]).decode(),
VALUE: {
ISSUANCE_TYPE: ISSUANCE_BY_DEFAULT,
MAX_CRED_NUM: 1000000,
TAILS_HASH: randomString(50),
TAILS_LOCATION: 'http://tails.location.com',
PUBLIC_KEYS: {},
}
}
req = sdk_sign_request_from_dict(self.looper, wallet, data)
return req
def test_state_proofs_for_get_claim_def(write_manager, read_manager,
db_manager):
# Adding claim def
nym = 'Gw6pDLhcBcoQesN72qfotTgFa7cbuqZpkX3Xo6pLhPhv'
seq_no = 0
txn_time = int(time.time())
identifier = "6ouriXMZkLeHsuXrN1X1fd"
schema_seqno = 0
signature_type = 'CL'
key_components = '{"key_components": []}'
tag = 'tag1'
txn = {
TXN_TYPE: CLAIM_DEF,
TARGET_NYM: nym,
CLAIM_DEF_SCHEMA_REF: schema_seqno,
CLAIM_DEF_PUBLIC_KEYS: key_components,
CLAIM_DEF_TAG: tag
}
txn = append_txn_metadata(reqToTxn(
Request(operation=txn,
protocolVersion=CURRENT_PROTOCOL_VERSION,
identifier=identifier)),
seq_no=seq_no,
txn_time=txn_time)
txn = append_payload_metadata(txn, frm=nym)
write_manager.update_state(txn)
db_manager.get_state(DOMAIN_LEDGER_ID).commit()
multi_sig = save_multi_sig(db_manager)
# Getting claim def
request = Request(operation={
IDENTIFIER: nym,
CLAIM_DEF_FROM: nym,
CLAIM_DEF_SCHEMA_REF: schema_seqno,
CLAIM_DEF_SIGNATURE_TYPE: signature_type,
CLAIM_DEF_TAG: tag,
TXN_TYPE: GET_CLAIM_DEF,
},
signatures={},
protocolVersion=CURRENT_PROTOCOL_VERSION)
result = read_manager.get_result(request)
proof = extract_proof(result, multi_sig)
assert result[DATA] == key_components
# Verifying signed state proof
path = domain.make_state_path_for_claim_def(nym, schema_seqno,
signature_type, tag)
assert is_proof_verified(db_manager, proof, path, key_components, seq_no,
txn_time)
def getClaimDef(self,
author: str,
schemaSeqNo: str,
signatureType='CL',
isCommitted=True) -> (str, int, int, list):
assert author is not None
assert schemaSeqNo is not None
path = domain.make_state_path_for_claim_def(author, schemaSeqNo, signatureType)
try:
keys, seqno, lastUpdateTime, proof = self.lookup(path, isCommitted)
return keys, seqno, lastUpdateTime, proof
except KeyError:
return None, None, None, None
def getClaimDef(self,
author: str,
schemaSeqNo: str,
signatureType='CL',
isCommitted=True) -> (str, int, int, list):
assert author is not None
assert schemaSeqNo is not None
path = domain.make_state_path_for_claim_def(author, schemaSeqNo, signatureType)
try:
keys, seqno, lastUpdateTime, proof = self.lookup(path, isCommitted)
return keys, seqno, lastUpdateTime, proof
except KeyError:
return None, None, None, None
def test_state_proofs_for_get_claim_def(request_handler):
# Adding claim def
nym = 'Gw6pDLhcBcoQesN72qfotTgFa7cbuqZpkX3Xo6pLhPhv'
seq_no = 0
txn_time = int(time.time())
identifier = "6ouriXMZkLeHsuXrN1X1fd"
schema_seqno = 0
signature_type = 'CL'
key_components = '{"key_components": []}'
txn = {
TXN_TYPE: CLAIM_DEF,
TARGET_NYM: nym,
REF: schema_seqno,
DATA: key_components
}
txn = append_txn_metadata(reqToTxn(
Request(operation=txn,
protocolVersion=CURRENT_PROTOCOL_VERSION,
identifier=identifier)),
seq_no=seq_no,
txn_time=txn_time)
txn = append_payload_metadata(txn, frm=nym)
request_handler._addClaimDef(txn)
request_handler.state.commit()
multi_sig = save_multi_sig(request_handler)
# Getting claim def
request = Request(operation={
IDENTIFIER: nym,
ORIGIN: nym,
REF: schema_seqno,
SIGNATURE_TYPE: signature_type
},
signatures={},
protocolVersion=CURRENT_PROTOCOL_VERSION)
result = request_handler.handleGetClaimDefReq(request)
proof = extract_proof(result, multi_sig)
assert result[DATA] == key_components
# Verifying signed state proof
path = domain.make_state_path_for_claim_def(nym, schema_seqno,
signature_type)
assert is_proof_verified(request_handler, proof, path, key_components,
seq_no, txn_time)
def send_revoc_reg_def_by_demand(looper, txnPoolNodeSet, sdk_wallet_steward,
sdk_pool_handle, send_claim_def,
build_revoc_def_by_demand):
_, author_did = sdk_wallet_steward
claim_def_req = send_claim_def
revoc_reg = build_revoc_def_by_demand
revoc_reg['operation'][CRED_DEF_ID] = make_state_path_for_claim_def(
author_did, str(claim_def_req['operation'][CLAIM_DEF_SCHEMA_REF]),
claim_def_req['operation'][CLAIM_DEF_SIGNATURE_TYPE],
claim_def_req['operation'][CLAIM_DEF_TAG]).decode()
revoc_req = sdk_sign_request_from_dict(looper, sdk_wallet_steward,
revoc_reg['operation'])
sdk_send_and_check([json.dumps(revoc_req)], looper, txnPoolNodeSet,
sdk_pool_handle)
return revoc_req
def get_claim_def(self,
author: str,
schema_seq_no: str,
signature_type,
tag,
is_committed=True) -> (str, int, int, list):
assert author is not None
assert schema_seq_no is not None
path = domain.make_state_path_for_claim_def(author, schema_seq_no,
signature_type, tag)
try:
keys, seq_no, last_update_time, proof = self.lookup(
path, is_committed, with_proof=True)
return keys, seq_no, last_update_time, proof
except KeyError:
return None, None, None, None
def test_state_proofs_for_get_claim_def(request_handler):
# Adding claim def
nym = 'Gw6pDLhcBcoQesN72qfotTgFa7cbuqZpkX3Xo6pLhPhv'
seq_no = 0
txn_time = int(time.time())
schema_seqno = 0
signature_type = 'CL'
key_components = '{"key_components": []}'
txn = {
IDENTIFIER: nym,
TXN_TYPE: CLAIM_DEF,
TARGET_NYM: nym,
REF: schema_seqno,
f.SEQ_NO.nm: seq_no,
DATA: key_components,
TXN_TIME: txn_time,
}
request_handler._addClaimDef(txn)
request_handler.state.commit()
multi_sig = save_multi_sig(request_handler)
# Getting claim def
request = Request(
operation={
IDENTIFIER: nym,
ORIGIN: nym,
REF: schema_seqno,
SIGNATURE_TYPE: signature_type
},
signatures={},
protocolVersion=CURRENT_PROTOCOL_VERSION
)
result = request_handler.handleGetClaimDefReq(request)
proof = extract_proof(result, multi_sig)
assert result[DATA] == key_components
# Verifying signed state proof
path = domain.make_state_path_for_claim_def(nym, schema_seqno,
signature_type)
assert is_proof_verified(request_handler,
proof, path,
key_components, seq_no, txn_time)
def create_revoc_reg_def(looper, txnPoolNodeSet, sdk_pool_handle, build_revoc,
claim_def, wallet):
# We need to have claim_def to send revocation txns
# must be signed by trust anchor since ANYONE_CAN_WRITE is false
claim_def_req = sdk_sign_request_from_dict(looper, wallet, claim_def)
sdk_send_and_check([json.dumps(claim_def_req)], looper, txnPoolNodeSet, sdk_pool_handle)
_, author_did = wallet
revoc_reg = build_revoc
revoc_reg['operation'][CRED_DEF_ID] = \
make_state_path_for_claim_def(author_did,
str(claim_def_req['operation'][CLAIM_DEF_SCHEMA_REF]),
claim_def_req['operation'][CLAIM_DEF_SIGNATURE_TYPE],
claim_def_req['operation'][CLAIM_DEF_TAG]
).decode()
revoc_req = sdk_sign_request_from_dict(looper, wallet, revoc_reg['operation'])
_, revoc_reply = sdk_send_and_check([json.dumps(revoc_req)], looper, txnPoolNodeSet, sdk_pool_handle)[0]
return revoc_req
def client_send_revoc_reg_def(looper,
txnPoolNodeSet,
sdk_wallet_client,
sdk_pool_handle,
build_revoc_def_by_default,
claim_def):
claim_def_req = sdk_sign_request_from_dict(looper, sdk_wallet_client, claim_def)
sdk_send_and_check([json.dumps(claim_def_req)], looper, txnPoolNodeSet, sdk_pool_handle)
_, author_did = sdk_wallet_client
revoc_reg = build_revoc_def_by_default
revoc_reg['operation'][CRED_DEF_ID] = \
make_state_path_for_claim_def(author_did,
str(claim_def_req['operation'][CLAIM_DEF_SCHEMA_REF]),
claim_def_req['operation'][CLAIM_DEF_SIGNATURE_TYPE],
claim_def_req['operation'][CLAIM_DEF_TAG]
).decode()
revoc_req = sdk_sign_request_from_dict(looper, sdk_wallet_client, revoc_reg['operation'])
_, revoc_reply = sdk_send_and_check([json.dumps(revoc_req)], looper, txnPoolNodeSet, sdk_pool_handle)[0]
return revoc_req
def test_send_revoc_reg_def(looper, txnPoolNodeSet, sdk_wallet_steward,
sdk_pool_handle, build_revoc_def_by_default,
send_claim_def):
txns_count_before = set([n.domainLedger.size for n in txnPoolNodeSet])
assert len(txns_count_before) == 1, "Ledger size for nodes are not equal"
_, author_did = sdk_wallet_steward
claim_def_req = send_claim_def[0]
revoc_req = build_revoc_def_by_default
revoc_req['operation'][CRED_DEF_ID] = make_state_path_for_claim_def(
author_did, str(claim_def_req['operation'][CLAIM_DEF_SCHEMA_REF]),
claim_def_req['operation'][CLAIM_DEF_SIGNATURE_TYPE],
claim_def_req['operation'][CLAIM_DEF_TAG]).decode()
revoc_req = sdk_sign_request_from_dict(looper, sdk_wallet_steward,
revoc_req['operation'])
sdk_send_and_check([json.dumps(revoc_req)], looper, txnPoolNodeSet,
sdk_pool_handle)
txns_count_after = set([n.domainLedger.size for n in txnPoolNodeSet])
assert len(txns_count_after) == 1, "Ledger size for nodes are not equal"
# REVOC_REG_DEF transaction was written
assert txns_count_after.pop() - txns_count_before.pop() == 1
def _validate_revoc_reg_def(self, req: Request):
operation = req.operation
cred_def_id = operation.get(CRED_DEF_ID)
revoc_def_type = operation.get(REVOC_TYPE)
revoc_def_tag = operation.get(TAG)
assert cred_def_id
assert revoc_def_tag
assert revoc_def_type
tags = cred_def_id.split(":")
if len(tags) != 4:
raise InvalidClientRequest(req.identifier,
req.reqId,
"Format of {} field is not acceptable. "
"Expected: 'did:marker:signature_type:seq_no'".format(CRED_DEF_ID))
cred_def_path = domain.make_state_path_for_claim_def(authors_did=tags[0],
signature_type=tags[2],
schema_seq_no=tags[3])
cred_def, _, _, _ = self.lookup(cred_def_path, isCommitted=False, get_proof=False)
if cred_def is None:
raise InvalidClientRequest(req.identifier,
req.reqId,
"There is no any CRED_DEF by path: {}".format(cred_def_id))
def _validate_revoc_reg_def(self, req: Request):
operation = req.operation
cred_def_id = operation.get(CRED_DEF_ID)
revoc_def_type = operation.get(REVOC_TYPE)
revoc_def_tag = operation.get(TAG)
assert cred_def_id
assert revoc_def_tag
assert revoc_def_type
tags = cred_def_id.split(":")
if len(tags) != 4:
raise InvalidClientRequest(req.identifier,
req.reqId,
"Format of {} field is not acceptable. "
"Expected: 'did:marker:signature_type:seq_no'".format(CRED_DEF_ID))
cred_def_path = domain.make_state_path_for_claim_def(authors_did=tags[0],
signature_type=tags[2],
schema_seq_no=tags[3])
cred_def, _, _, _ = self.lookup(cred_def_path, isCommitted=False, with_proof=False)
if cred_def is None:
raise InvalidClientRequest(req.identifier,
req.reqId,
"There is no any CRED_DEF by path: {}".format(cred_def_id))
def test_incorrect_revoc_reg_def(looper, txnPoolNodeSet, sdk_wallet_steward,
sdk_pool_handle, send_claim_def,
build_revoc_def_by_default):
_, author_did = sdk_wallet_steward
claim_def_req = send_claim_def[0]
revoc_reg = build_revoc_def_by_default
revoc_reg['operation'][CRED_DEF_ID] = \
make_state_path_for_claim_def(author_did,
str(claim_def_req['operation'][CLAIM_DEF_SCHEMA_REF]),
claim_def_req['operation'][CLAIM_DEF_SIGNATURE_TYPE],
claim_def_req['operation'][CLAIM_DEF_TAG]
).decode()
# test incorrect ISSUANCE_TYPE
revoc_reg['operation'][VALUE][ISSUANCE_TYPE] = "incorrect_type"
revoc_req = sdk_sign_request_from_dict(looper, sdk_wallet_steward,
revoc_reg['operation'])
with pytest.raises(RequestNackedException, match='unknown value'):
sdk_send_and_check([json.dumps(revoc_req)], looper, txnPoolNodeSet,
sdk_pool_handle)
# test correct ISSUANCE_TYPE
revoc_reg['operation'][VALUE][ISSUANCE_TYPE] = ISSUANCE_BY_DEFAULT
revoc_req = sdk_sign_request_from_dict(looper, sdk_wallet_steward,
revoc_reg['operation'])
sdk_send_and_check([json.dumps(revoc_req)], looper, txnPoolNodeSet,
sdk_pool_handle)
# send revoc_reg_entry to check that revoc_reg_def ordered correctly
rev_reg_entry = build_revoc_reg_entry_for_given_revoc_reg_def(revoc_req)
rev_reg_entry[VALUE][REVOKED] = [1, 2, 3, 4, 5]
del rev_reg_entry[VALUE][PREV_ACCUM]
rev_entry_req = sdk_sign_request_from_dict(looper, sdk_wallet_steward,
rev_reg_entry)
sdk_send_and_check([json.dumps(rev_entry_req)], looper, txnPoolNodeSet,
sdk_pool_handle)
