def client_send_revoc_reg_def(looper, txnPoolNodeSet, sdk_wallet_client, sdk_pool_handle, build_revoc_def_by_default, claim_def, tconf): # We need to have claim_def to send revocation txns Authoriser.auth_map = None OLD_ANYONE_CAN_WRITE = tconf.ANYONE_CAN_WRITE tconf.ANYONE_CAN_WRITE = True claim_def_req = sdk_sign_request_from_dict(looper, sdk_wallet_client, claim_def) sdk_send_and_check([json.dumps(claim_def_req)], looper, txnPoolNodeSet, sdk_pool_handle) tconf.ANYONE_CAN_WRITE = OLD_ANYONE_CAN_WRITE Authoriser.auth_map = None _, author_did = sdk_wallet_client revoc_reg = build_revoc_def_by_default revoc_reg['operation'][CRED_DEF_ID] = \ make_state_path_for_claim_def(author_did, str(claim_def_req['operation'][CLAIM_DEF_SCHEMA_REF]), claim_def_req['operation'][CLAIM_DEF_SIGNATURE_TYPE], claim_def_req['operation'][CLAIM_DEF_TAG] ).decode() revoc_req = sdk_sign_request_from_dict(looper, sdk_wallet_client, revoc_reg['operation']) _, revoc_reply = sdk_send_and_check([json.dumps(revoc_req)], looper, txnPoolNodeSet, sdk_pool_handle)[0] return revoc_req
def add_tag_into_cred_def_id(val): new_val = copy.deepcopy(val) old_cred_def_id = new_val.get(CRED_DEF_ID, None) if old_cred_def_id: path_elems = old_cred_def_id.split(':') if len(path_elems) == 4: did, marker, sig_type, schema_seq_no = path_elems new_cred_def_id = domain.make_state_path_for_claim_def(authors_did=did, schema_seq_no=schema_seq_no, signature_type=sig_type, tag=CLAIM_DEF_TAG_DEFAULT) new_val[CRED_DEF_ID] = new_cred_def_id.decode() rev_type = new_val.get(REVOC_TYPE) rev_tag = new_val.get(TAG) if not all([rev_type, rev_tag]): return False new_revoc_reg_def_id = domain.make_state_path_for_revoc_def(authors_did=did, cred_def_id=new_cred_def_id.decode(), revoc_def_type=rev_type, revoc_def_tag=rev_tag) new_val[ID] = new_revoc_reg_def_id.decode() else: return False else: return False return new_val
def build_revoc_def_by_default(self, claim_def_req, author_did=None, wallet=None, req_def_id=None): wallet = wallet if wallet else self.trustee_wallet author_did = author_did if author_did else self.trustee_wallet[1] data = { ID: req_def_id if req_def_id else randomString(50), TXN_TYPE: REVOC_REG_DEF, REVOC_TYPE: "CL_ACCUM", TAG: randomString(5), CRED_DEF_ID: make_state_path_for_claim_def( author_did, str(claim_def_req['operation'][CLAIM_DEF_SCHEMA_REF]), claim_def_req['operation'][CLAIM_DEF_SIGNATURE_TYPE], claim_def_req['operation'][CLAIM_DEF_TAG]).decode(), VALUE: { ISSUANCE_TYPE: ISSUANCE_BY_DEFAULT, MAX_CRED_NUM: 1000000, TAILS_HASH: randomString(50), TAILS_LOCATION: 'http://tails.location.com', PUBLIC_KEYS: {}, } } req = sdk_sign_request_from_dict(self.looper, wallet, data) return req
def test_state_proofs_for_get_claim_def(write_manager, read_manager, db_manager): # Adding claim def nym = 'Gw6pDLhcBcoQesN72qfotTgFa7cbuqZpkX3Xo6pLhPhv' seq_no = 0 txn_time = int(time.time()) identifier = "6ouriXMZkLeHsuXrN1X1fd" schema_seqno = 0 signature_type = 'CL' key_components = '{"key_components": []}' tag = 'tag1' txn = { TXN_TYPE: CLAIM_DEF, TARGET_NYM: nym, CLAIM_DEF_SCHEMA_REF: schema_seqno, CLAIM_DEF_PUBLIC_KEYS: key_components, CLAIM_DEF_TAG: tag } txn = append_txn_metadata(reqToTxn( Request(operation=txn, protocolVersion=CURRENT_PROTOCOL_VERSION, identifier=identifier)), seq_no=seq_no, txn_time=txn_time) txn = append_payload_metadata(txn, frm=nym) write_manager.update_state(txn) db_manager.get_state(DOMAIN_LEDGER_ID).commit() multi_sig = save_multi_sig(db_manager) # Getting claim def request = Request(operation={ IDENTIFIER: nym, CLAIM_DEF_FROM: nym, CLAIM_DEF_SCHEMA_REF: schema_seqno, CLAIM_DEF_SIGNATURE_TYPE: signature_type, CLAIM_DEF_TAG: tag, TXN_TYPE: GET_CLAIM_DEF, }, signatures={}, protocolVersion=CURRENT_PROTOCOL_VERSION) result = read_manager.get_result(request) proof = extract_proof(result, multi_sig) assert result[DATA] == key_components # Verifying signed state proof path = domain.make_state_path_for_claim_def(nym, schema_seqno, signature_type, tag) assert is_proof_verified(db_manager, proof, path, key_components, seq_no, txn_time)
def getClaimDef(self, author: str, schemaSeqNo: str, signatureType='CL', isCommitted=True) -> (str, int, int, list): assert author is not None assert schemaSeqNo is not None path = domain.make_state_path_for_claim_def(author, schemaSeqNo, signatureType) try: keys, seqno, lastUpdateTime, proof = self.lookup(path, isCommitted) return keys, seqno, lastUpdateTime, proof except KeyError: return None, None, None, None
def getClaimDef(self, author: str, schemaSeqNo: str, signatureType='CL', isCommitted=True) -> (str, int, int, list): assert author is not None assert schemaSeqNo is not None path = domain.make_state_path_for_claim_def(author, schemaSeqNo, signatureType) try: keys, seqno, lastUpdateTime, proof = self.lookup(path, isCommitted) return keys, seqno, lastUpdateTime, proof except KeyError: return None, None, None, None
def test_state_proofs_for_get_claim_def(request_handler): # Adding claim def nym = 'Gw6pDLhcBcoQesN72qfotTgFa7cbuqZpkX3Xo6pLhPhv' seq_no = 0 txn_time = int(time.time()) identifier = "6ouriXMZkLeHsuXrN1X1fd" schema_seqno = 0 signature_type = 'CL' key_components = '{"key_components": []}' txn = { TXN_TYPE: CLAIM_DEF, TARGET_NYM: nym, REF: schema_seqno, DATA: key_components } txn = append_txn_metadata(reqToTxn( Request(operation=txn, protocolVersion=CURRENT_PROTOCOL_VERSION, identifier=identifier)), seq_no=seq_no, txn_time=txn_time) txn = append_payload_metadata(txn, frm=nym) request_handler._addClaimDef(txn) request_handler.state.commit() multi_sig = save_multi_sig(request_handler) # Getting claim def request = Request(operation={ IDENTIFIER: nym, ORIGIN: nym, REF: schema_seqno, SIGNATURE_TYPE: signature_type }, signatures={}, protocolVersion=CURRENT_PROTOCOL_VERSION) result = request_handler.handleGetClaimDefReq(request) proof = extract_proof(result, multi_sig) assert result[DATA] == key_components # Verifying signed state proof path = domain.make_state_path_for_claim_def(nym, schema_seqno, signature_type) assert is_proof_verified(request_handler, proof, path, key_components, seq_no, txn_time)
def send_revoc_reg_def_by_demand(looper, txnPoolNodeSet, sdk_wallet_steward, sdk_pool_handle, send_claim_def, build_revoc_def_by_demand): _, author_did = sdk_wallet_steward claim_def_req = send_claim_def revoc_reg = build_revoc_def_by_demand revoc_reg['operation'][CRED_DEF_ID] = make_state_path_for_claim_def( author_did, str(claim_def_req['operation'][CLAIM_DEF_SCHEMA_REF]), claim_def_req['operation'][CLAIM_DEF_SIGNATURE_TYPE], claim_def_req['operation'][CLAIM_DEF_TAG]).decode() revoc_req = sdk_sign_request_from_dict(looper, sdk_wallet_steward, revoc_reg['operation']) sdk_send_and_check([json.dumps(revoc_req)], looper, txnPoolNodeSet, sdk_pool_handle) return revoc_req
def get_claim_def(self, author: str, schema_seq_no: str, signature_type, tag, is_committed=True) -> (str, int, int, list): assert author is not None assert schema_seq_no is not None path = domain.make_state_path_for_claim_def(author, schema_seq_no, signature_type, tag) try: keys, seq_no, last_update_time, proof = self.lookup( path, is_committed, with_proof=True) return keys, seq_no, last_update_time, proof except KeyError: return None, None, None, None
def test_state_proofs_for_get_claim_def(request_handler): # Adding claim def nym = 'Gw6pDLhcBcoQesN72qfotTgFa7cbuqZpkX3Xo6pLhPhv' seq_no = 0 txn_time = int(time.time()) schema_seqno = 0 signature_type = 'CL' key_components = '{"key_components": []}' txn = { IDENTIFIER: nym, TXN_TYPE: CLAIM_DEF, TARGET_NYM: nym, REF: schema_seqno, f.SEQ_NO.nm: seq_no, DATA: key_components, TXN_TIME: txn_time, } request_handler._addClaimDef(txn) request_handler.state.commit() multi_sig = save_multi_sig(request_handler) # Getting claim def request = Request( operation={ IDENTIFIER: nym, ORIGIN: nym, REF: schema_seqno, SIGNATURE_TYPE: signature_type }, signatures={}, protocolVersion=CURRENT_PROTOCOL_VERSION ) result = request_handler.handleGetClaimDefReq(request) proof = extract_proof(result, multi_sig) assert result[DATA] == key_components # Verifying signed state proof path = domain.make_state_path_for_claim_def(nym, schema_seqno, signature_type) assert is_proof_verified(request_handler, proof, path, key_components, seq_no, txn_time)
def create_revoc_reg_def(looper, txnPoolNodeSet, sdk_pool_handle, build_revoc, claim_def, wallet): # We need to have claim_def to send revocation txns # must be signed by trust anchor since ANYONE_CAN_WRITE is false claim_def_req = sdk_sign_request_from_dict(looper, wallet, claim_def) sdk_send_and_check([json.dumps(claim_def_req)], looper, txnPoolNodeSet, sdk_pool_handle) _, author_did = wallet revoc_reg = build_revoc revoc_reg['operation'][CRED_DEF_ID] = \ make_state_path_for_claim_def(author_did, str(claim_def_req['operation'][CLAIM_DEF_SCHEMA_REF]), claim_def_req['operation'][CLAIM_DEF_SIGNATURE_TYPE], claim_def_req['operation'][CLAIM_DEF_TAG] ).decode() revoc_req = sdk_sign_request_from_dict(looper, wallet, revoc_reg['operation']) _, revoc_reply = sdk_send_and_check([json.dumps(revoc_req)], looper, txnPoolNodeSet, sdk_pool_handle)[0] return revoc_req
def client_send_revoc_reg_def(looper, txnPoolNodeSet, sdk_wallet_client, sdk_pool_handle, build_revoc_def_by_default, claim_def): claim_def_req = sdk_sign_request_from_dict(looper, sdk_wallet_client, claim_def) sdk_send_and_check([json.dumps(claim_def_req)], looper, txnPoolNodeSet, sdk_pool_handle) _, author_did = sdk_wallet_client revoc_reg = build_revoc_def_by_default revoc_reg['operation'][CRED_DEF_ID] = \ make_state_path_for_claim_def(author_did, str(claim_def_req['operation'][CLAIM_DEF_SCHEMA_REF]), claim_def_req['operation'][CLAIM_DEF_SIGNATURE_TYPE], claim_def_req['operation'][CLAIM_DEF_TAG] ).decode() revoc_req = sdk_sign_request_from_dict(looper, sdk_wallet_client, revoc_reg['operation']) _, revoc_reply = sdk_send_and_check([json.dumps(revoc_req)], looper, txnPoolNodeSet, sdk_pool_handle)[0] return revoc_req
def test_send_revoc_reg_def(looper, txnPoolNodeSet, sdk_wallet_steward, sdk_pool_handle, build_revoc_def_by_default, send_claim_def): txns_count_before = set([n.domainLedger.size for n in txnPoolNodeSet]) assert len(txns_count_before) == 1, "Ledger size for nodes are not equal" _, author_did = sdk_wallet_steward claim_def_req = send_claim_def[0] revoc_req = build_revoc_def_by_default revoc_req['operation'][CRED_DEF_ID] = make_state_path_for_claim_def( author_did, str(claim_def_req['operation'][CLAIM_DEF_SCHEMA_REF]), claim_def_req['operation'][CLAIM_DEF_SIGNATURE_TYPE], claim_def_req['operation'][CLAIM_DEF_TAG]).decode() revoc_req = sdk_sign_request_from_dict(looper, sdk_wallet_steward, revoc_req['operation']) sdk_send_and_check([json.dumps(revoc_req)], looper, txnPoolNodeSet, sdk_pool_handle) txns_count_after = set([n.domainLedger.size for n in txnPoolNodeSet]) assert len(txns_count_after) == 1, "Ledger size for nodes are not equal" # REVOC_REG_DEF transaction was written assert txns_count_after.pop() - txns_count_before.pop() == 1
def _validate_revoc_reg_def(self, req: Request): operation = req.operation cred_def_id = operation.get(CRED_DEF_ID) revoc_def_type = operation.get(REVOC_TYPE) revoc_def_tag = operation.get(TAG) assert cred_def_id assert revoc_def_tag assert revoc_def_type tags = cred_def_id.split(":") if len(tags) != 4: raise InvalidClientRequest(req.identifier, req.reqId, "Format of {} field is not acceptable. " "Expected: 'did:marker:signature_type:seq_no'".format(CRED_DEF_ID)) cred_def_path = domain.make_state_path_for_claim_def(authors_did=tags[0], signature_type=tags[2], schema_seq_no=tags[3]) cred_def, _, _, _ = self.lookup(cred_def_path, isCommitted=False, get_proof=False) if cred_def is None: raise InvalidClientRequest(req.identifier, req.reqId, "There is no any CRED_DEF by path: {}".format(cred_def_id))
def _validate_revoc_reg_def(self, req: Request): operation = req.operation cred_def_id = operation.get(CRED_DEF_ID) revoc_def_type = operation.get(REVOC_TYPE) revoc_def_tag = operation.get(TAG) assert cred_def_id assert revoc_def_tag assert revoc_def_type tags = cred_def_id.split(":") if len(tags) != 4: raise InvalidClientRequest(req.identifier, req.reqId, "Format of {} field is not acceptable. " "Expected: 'did:marker:signature_type:seq_no'".format(CRED_DEF_ID)) cred_def_path = domain.make_state_path_for_claim_def(authors_did=tags[0], signature_type=tags[2], schema_seq_no=tags[3]) cred_def, _, _, _ = self.lookup(cred_def_path, isCommitted=False, with_proof=False) if cred_def is None: raise InvalidClientRequest(req.identifier, req.reqId, "There is no any CRED_DEF by path: {}".format(cred_def_id))
def test_incorrect_revoc_reg_def(looper, txnPoolNodeSet, sdk_wallet_steward, sdk_pool_handle, send_claim_def, build_revoc_def_by_default): _, author_did = sdk_wallet_steward claim_def_req = send_claim_def[0] revoc_reg = build_revoc_def_by_default revoc_reg['operation'][CRED_DEF_ID] = \ make_state_path_for_claim_def(author_did, str(claim_def_req['operation'][CLAIM_DEF_SCHEMA_REF]), claim_def_req['operation'][CLAIM_DEF_SIGNATURE_TYPE], claim_def_req['operation'][CLAIM_DEF_TAG] ).decode() # test incorrect ISSUANCE_TYPE revoc_reg['operation'][VALUE][ISSUANCE_TYPE] = "incorrect_type" revoc_req = sdk_sign_request_from_dict(looper, sdk_wallet_steward, revoc_reg['operation']) with pytest.raises(RequestNackedException, match='unknown value'): sdk_send_and_check([json.dumps(revoc_req)], looper, txnPoolNodeSet, sdk_pool_handle) # test correct ISSUANCE_TYPE revoc_reg['operation'][VALUE][ISSUANCE_TYPE] = ISSUANCE_BY_DEFAULT revoc_req = sdk_sign_request_from_dict(looper, sdk_wallet_steward, revoc_reg['operation']) sdk_send_and_check([json.dumps(revoc_req)], looper, txnPoolNodeSet, sdk_pool_handle) # send revoc_reg_entry to check that revoc_reg_def ordered correctly rev_reg_entry = build_revoc_reg_entry_for_given_revoc_reg_def(revoc_req) rev_reg_entry[VALUE][REVOKED] = [1, 2, 3, 4, 5] del rev_reg_entry[VALUE][PREV_ACCUM] rev_entry_req = sdk_sign_request_from_dict(looper, sdk_wallet_steward, rev_reg_entry) sdk_send_and_check([json.dumps(rev_entry_req)], looper, txnPoolNodeSet, sdk_pool_handle)