async def verifyProof(self, msg: Any):
body, (frm, _) = msg
link = self.verifyAndGetLink(msg)
if not link:
raise NotImplementedError
proof = body[PROOF_FIELD]
proofRequest = ProofRequest.from_str_dict(body[PROOF_REQUEST_FIELD])
nonce = getNonceForProof(body[NONCE])
proofName = proofRequest.name
proofs = {}
for key, p in proof['proofs'].items():
schema = await self.verifier.wallet.getSchema(
ID(schemaId=int(p['schema_seq_no'])))
pk = await self.verifier.wallet.getPublicKey(
ID(schemaKey=schema.getKey()))
proofs[key] = ProofInfo.from_str_dict(p, str(pk.N))
proof = FullProof(
proofs, AggregatedProof.from_str_dict(proof['aggregated_proof']),
RequestedProof.from_str_dict(proof['requested_proof']))
result = await self.verifier.verify(proofRequest, proof)
self.logger.info('Proof "{}" accepted with nonce {}'.format(
proofName, nonce))
self.logger.info('Verifying proof "{}" from {}'.format(
proofName, link.name))
status = 'verified' if result else 'failed verification'
resp = {
TYPE:
PROOF_STATUS,
DATA:
' Your Proof {} {} was received and {}\n'.format(
proofRequest.name, proofRequest.version, status),
}
self.signAndSend(resp,
link.localIdentifier,
frm,
origReqId=body.get(f.REQ_ID.nm))
if result:
for uuid, attribute in proofRequest.verifiableAttributes.items():
# Log attributes that were verified
self.logger.info('verified {}: {}'.format(
attribute.name,
proof.requestedProof.revealed_attrs[uuid][1]))
self.logger.info(
'Verified that proof "{}" contains attributes '
'from claim(s) issued by: {}'.format(
proofName, ", ".join(
sorted([v.issuer_did
for k, v in proof.proofs.items()]))))
await self._postProofVerif(proofName, link, frm)
else:
self.logger.info(
'Verification failed for proof {} from {} '.format(
proofName, link.name))
async def verifyProof(self, msg: Any):
body, (frm, _) = msg
link = self.verifyAndGetLink(msg)
if not link:
raise NotImplementedError
proof = body[PROOF_FIELD]
proofRequest = ProofRequest.from_str_dict(body[PROOF_REQUEST_FIELD])
nonce = getNonceForProof(body[NONCE])
proofName = proofRequest.name
proofs = {}
for key, p in proof['proofs'].items():
schema = await self.verifier.wallet.getSchema(ID(schemaId=int(p['schema_seq_no'])))
pk = await self.verifier.wallet.getPublicKey(ID(schemaKey=schema.getKey()))
proofs[key] = ProofInfo.from_str_dict(p, str(pk.N))
proof = FullProof(proofs,
AggregatedProof.from_str_dict(proof['aggregated_proof']),
RequestedProof.from_str_dict(proof['requested_proof']))
result = await self.verifier.verify(proofRequest, proof)
self.logger.info('Proof "{}" accepted with nonce {}'
.format(proofName, nonce))
self.logger.info('Verifying proof "{}" from {}'
.format(proofName, link.name))
status = 'verified' if result else 'failed verification'
resp = {
TYPE: PROOF_STATUS,
DATA: ' Your Proof {} {} was received and {}\n'.
format(proofRequest.name, proofRequest.version, status),
}
self.signAndSend(resp, link.localIdentifier, frm,
origReqId=body.get(f.REQ_ID.nm))
if result:
for uuid, attribute in proofRequest.verifiableAttributes.items():
# Log attributes that were verified
self.logger.info('verified {}: {}'.
format(attribute.name, proof.requestedProof.revealed_attrs[uuid][1]))
self.logger.info('Verified that proof "{}" contains attributes '
'from claim(s) issued by: {}'.format(
proofName, ", ".join(
sorted([v.issuer_did for k, v in proof.proofs.items()]))))
await self._postProofVerif(proofName, link, frm)
else:
self.logger.info('Verification failed for proof {} from {} '
.format(proofName, link.name))
async def verifyProof(self, msg: Any):
body, (frm, _) = msg
link = self.verifyAndGetLink(msg)
if not link:
raise NotImplementedError
proofName = body[NAME]
nonce = getNonceForProof(body[NONCE])
proof = FullProof.fromStrDict(body[PROOF_FIELD])
proofInput = ProofInput.fromStrDict(body[PROOF_INPUT_FIELD])
revealedAttrs = fromDictWithStrValues(body[REVEALED_ATTRS_FIELD])
result = await self.verifier.verify(proofInput, proof, revealedAttrs,
nonce)
self.logger.info('Proof "{}" accepted with nonce {}'.format(
proofName, nonce))
self.logger.info('Verifying proof "{}" from {}'.format(
proofName, link.name))
status = 'verified' if result else 'failed verification'
resp = {
TYPE:
PROOF_STATUS,
DATA:
' Your Proof {} {} was received and {}\n'.format(
body[NAME], body[VERSION], status),
}
self.signAndSend(resp,
link.localIdentifier,
frm,
origReqId=body.get(f.REQ_ID.nm))
if result:
for attribute in proofInput.revealedAttrs:
# Log attributes that were verified
self.logger.info('verified {}: {}'.format(
attribute, revealedAttrs[attribute]))
self.logger.info(
'Verified that proof "{}" contains attributes '
'from claim(s) issued by: {}'.format(
proofName,
", ".join(sorted([sk.issuerId
for sk in proof.schemaKeys]))))
await self._postProofVerif(proofName, link, frm)
else:
self.logger.info(
'Verification failed for proof {} from {} '.format(
proofName, link.name))
async def sendProofAsync(self, link: Link, claimPrfReq: ClaimProofRequest):
nonce = getNonceForProof(link.invitationNonce)
revealedAttrNames = claimPrfReq.verifiableAttributes
proofInput = ProofInput(revealedAttrs=revealedAttrNames)
proof, revealedAttrs = await self.prover.presentProof(proofInput, nonce)
op = {
NAME: claimPrfReq.name,
VERSION: claimPrfReq.version,
NONCE: link.invitationNonce,
TYPE: CLAIM_PROOF,
PROOF_FIELD: proof.toStrDict(),
PROOF_INPUT_FIELD: proofInput.toStrDict(),
REVEALED_ATTRS_FIELD: toDictWithStrValues(revealedAttrs)
}
self.signAndSend(msg=op, linkName=link.name)
def sendProofReq(self, link: Link, proofReqSchemaKey):
if self._proofRequestsSchema and (proofReqSchemaKey
in self._proofRequestsSchema):
proofRequest = self._proofRequestsSchema[proofReqSchemaKey]
proofRequest = ProofRequest(
proofRequest[NAME], proofRequest[VERSION],
getNonceForProof(link.invitationNonce),
proofRequest[ATTRIBUTES], proofRequest[VERIFIABLE_ATTRIBUTES]
if VERIFIABLE_ATTRIBUTES in proofRequest else [],
proofRequest[PREDICATES] if PREDICATES in proofRequest else [])
op = {
TYPE: PROOF_REQUEST,
PROOF_REQUEST_FIELD: proofRequest.to_str_dict()
}
self.signAndSendToLink(msg=op, linkName=link.name)
else:
return ERR_NO_PROOF_REQUEST_SCHEMA_FOUND
async def sendProofAsync(self, link: Link, proofRequest: ProofRequest):
# TODO _F_ this nonce should be from the Proof Request, not from an
# invitation
nonce = getNonceForProof(link.invitationNonce)
revealedAttrNames = proofRequest.verifiableAttributes
proofInput = ProofInput(revealedAttrs=revealedAttrNames)
# TODO rename presentProof to buildProof or generateProof
proof, revealedAttrs = await self.prover.presentProof(proofInput, nonce)
revealedAttrs.update(proofRequest.selfAttestedAttrs)
op = OrderedDict([
(TYPE, PROOF),
(NAME, proofRequest.name),
(VERSION, proofRequest.version),
(NONCE, link.invitationNonce),
(PROOF_FIELD, proof.toStrDict()),
(PROOF_INPUT_FIELD, proofInput.toStrDict()), # TODO _F_ why do we need to send this? isn't the same data passed as keys in 'proof'?
(REVEALED_ATTRS_FIELD, toDictWithStrValues(revealedAttrs))])
self.signAndSend(msg=op, linkName=link.name)
async def sendProofAsync(self, link: Link, proofRequest: ProofRequest):
# TODO _F_ this nonce should be from the Proof Request, not from an
# invitation
nonce = getNonceForProof(link.invitationNonce)
revealedAttrNames = proofRequest.verifiableAttributes
proofInput = ProofInput(revealedAttrs=revealedAttrNames)
# TODO rename presentProof to buildProof or generateProof
proof, revealedAttrs = await self.prover.presentProof(proofInput, nonce)
revealedAttrs.update(proofRequest.selfAttestedAttrs)
op = OrderedDict([
(TYPE, PROOF),
(NAME, proofRequest.name),
(VERSION, proofRequest.version),
(NONCE, link.invitationNonce),
(PROOF_FIELD, proof.toStrDict()),
(PROOF_INPUT_FIELD, proofInput.toStrDict()), # TODO _F_ why do we need to send this? isn't the same data passed as keys in 'proof'?
(REVEALED_ATTRS_FIELD, toDictWithStrValues(revealedAttrs))])
self.signAndSendToLink(msg=op, linkName=link.name)
async def verifyProof(self, msg: Any):
body, (frm, _) = msg
link = self.verifyAndGetLink(msg)
if not link:
raise NotImplementedError
proofName = body[NAME]
nonce = getNonceForProof(body[NONCE])
proof = FullProof.fromStrDict(body[PROOF_FIELD])
proofInput = ProofInput.fromStrDict(body[PROOF_INPUT_FIELD])
revealedAttrs = fromDictWithStrValues(body[REVEALED_ATTRS_FIELD])
result = await self.verifier.verify(proofInput, proof,
revealedAttrs, nonce)
self.logger.info('Proof "{}" accepted with nonce {}'
.format(proofName, nonce))
self.logger.info('Verifying proof "{}" from {}'
.format(proofName, link.name))
status = 'verified' if result else 'failed verification'
resp = {
TYPE: PROOF_STATUS,
DATA: ' Your Proof {} {} was received and {}\n'.
format(body[NAME], body[VERSION], status),
}
self.signAndSend(resp, link.localIdentifier, frm,
origReqId=body.get(f.REQ_ID.nm))
if result:
for attribute in proofInput.revealedAttrs:
# Log attributes that were verified
self.logger.info('verified {}: {}'.
format(attribute, revealedAttrs[attribute]))
self.logger.info('Verified that proof "{}" contains attributes '
'from claim(s) issued by: {}'.format(
proofName, ", ".join(
sorted([sk.issuerId for sk in proof.schemaKeys]))))
await self._postProofVerif(proofName, link, frm)
else:
self.logger.info('Verification failed for proof {} from {} '
.format(proofName, link.name))
def sendProofReq(self, link: Link, proofReqSchemaKey):
if self._proofRequestsSchema and (
proofReqSchemaKey in self._proofRequestsSchema):
proofRequest = self._proofRequestsSchema[proofReqSchemaKey]
proofRequest = ProofRequest(
proofRequest[NAME],
proofRequest[VERSION],
getNonceForProof(link.invitationNonce),
proofRequest[ATTRIBUTES],
proofRequest[VERIFIABLE_ATTRIBUTES] if VERIFIABLE_ATTRIBUTES in proofRequest else [],
proofRequest[PREDICATES] if PREDICATES in proofRequest else []
)
op = {
TYPE: PROOF_REQUEST,
PROOF_REQUEST_FIELD: proofRequest.to_str_dict()
}
self.signAndSendToLink(msg=op, linkName=link.name)
else:
return ERR_NO_PROOF_REQUEST_SCHEMA_FOUND
def loadInvitation(self, invitationData):
linkInvitation = invitationData["link-invitation"]
remoteIdentifier = linkInvitation[f.IDENTIFIER.nm]
# TODO signature should be validated!
signature = invitationData["sig"]
linkInvitationName = linkInvitation[NAME]
remoteEndPoint = linkInvitation.get("endpoint", None)
remote_verkey = linkInvitation.get("verkey", None)
linkNonce = linkInvitation[NONCE]
proofRequestsJson = invitationData.get("proof-requests", None)
proofRequests = []
if proofRequestsJson:
for cr in proofRequestsJson:
proofRequests.append(
ProofRequest(
cr[NAME], cr[VERSION], getNonceForProof(linkNonce),
cr[ATTRIBUTES], cr[VERIFIABLE_ATTRIBUTES]
if VERIFIABLE_ATTRIBUTES in cr else [],
cr[PREDICATES] if PREDICATES in cr else []))
self.notifyMsgListener(
"1 link invitation found for {}.".format(linkInvitationName))
self.notifyMsgListener(
"Creating Link for {}.".format(linkInvitationName))
# TODO: Would we always have a trust anchor corresponding to a link?
li = Link(name=linkInvitationName,
trustAnchor=linkInvitationName,
remoteIdentifier=remoteIdentifier,
remoteEndPoint=remoteEndPoint,
invitationNonce=linkNonce,
proofRequests=proofRequests,
remote_verkey=remote_verkey)
self.wallet.addLink(li)
return li
def _merge_request(self, request_data):
link_request = request_data.get('connection-request')
linkName = link_request['name']
link = self.wallet.getConnection(linkName)
request_proof_requests = request_data.get('proof-requests', None)
nonce = link_request.get(NONCE)
if request_proof_requests:
for icr in request_proof_requests:
# match is found if name and version are same
matchedProofRequest = next(
(cr for cr in link.proofRequests
if (cr.name == icr[NAME] and cr.version == icr[VERSION])),
None)
# if link.requestedProofs contains any claim request
if matchedProofRequest:
# merge 'attributes' and 'verifiableAttributes'
matchedProofRequest.attributes = {
**matchedProofRequest.attributes,
**icr[ATTRIBUTES]
}
matchedProofRequest.verifiableAttributes = dict(
matchedProofRequest.verifiableAttributes,
**icr[VERIFIABLE_ATTRIBUTES])
else:
# otherwise append proof request to link
link.proofRequests.append(
ProofRequest(
icr[NAME],
icr[VERSION],
getNonceForProof(nonce),
attributes=icr[ATTRIBUTES],
verifiableAttributes=icr[VERIFIABLE_ATTRIBUTES]))
return link
else:
raise ConnectionAlreadyExists
async def verifyClaimProof(self, msg: Any):
body, (frm, ha) = msg
link = self.verifyAndGetLink(msg)
if not link:
raise NotImplementedError
claimName = body[NAME]
nonce = getNonceForProof(body[NONCE])
proof = FullProof.fromStrDict(body[PROOF_FIELD])
proofInput = ProofInput.fromStrDict(body[PROOF_INPUT_FIELD])
revealedAttrs = fromDictWithStrValues(body[REVEALED_ATTRS_FIELD])
result = await self.verifier.verify(proofInput, proof, revealedAttrs,
nonce)
self.agentLogger.info(
'Claim request accepted with nonce {}'.format(nonce))
self.agentLogger.info('Verifying claim proof request from {}'.format(
link.name))
status = 'verified' if result else 'failed verification'
resp = {
TYPE:
CLAIM_PROOF_STATUS,
DATA:
' Your claim {} {} was received and {}\n'.format(
body[NAME], body[VERSION], status),
}
self.signAndSend(resp,
link.localIdentifier,
frm,
origReqId=body.get(f.REQ_ID.nm))
if result:
for attribute in proofInput.revealedAttrs:
# Log attributes that were verified
self.agentLogger.info('{}: verified'.format(attribute))
await self._postClaimVerif(claimName, link, frm)
def loadInvitation(self, invitationData):
linkInvitation = invitationData["link-invitation"]
remoteIdentifier = linkInvitation[f.IDENTIFIER.nm]
# TODO signature should be validated!
signature = invitationData["sig"]
linkInvitationName = linkInvitation[NAME]
remoteEndPoint = linkInvitation.get("endpoint", None)
remote_verkey = linkInvitation.get("verkey", None)
linkNonce = linkInvitation[NONCE]
proofRequestsJson = invitationData.get("proof-requests", None)
proofRequests = []
if proofRequestsJson:
for cr in proofRequestsJson:
proofRequests.append(
ProofRequest(cr[NAME], cr[VERSION], getNonceForProof(linkNonce), cr[ATTRIBUTES],
cr[VERIFIABLE_ATTRIBUTES] if VERIFIABLE_ATTRIBUTES in cr else [],
cr[PREDICATES] if PREDICATES in cr else []))
self.notifyMsgListener("1 link invitation found for {}.".
format(linkInvitationName))
self.notifyMsgListener("Creating Link for {}.".
format(linkInvitationName))
# TODO: Would we always have a trust anchor corresponding to a link?
li = Link(name=linkInvitationName,
trustAnchor=linkInvitationName,
remoteIdentifier=remoteIdentifier,
remoteEndPoint=remoteEndPoint,
invitationNonce=linkNonce,
proofRequests=proofRequests,
remote_verkey=remote_verkey)
self.wallet.addLink(li)
return li