public IActionResult RequestForIdentity([FromBody] RequestForIdentityDto requestForIdentity)
{
ulong accountId = ulong.Parse(User.Identity.Name, CultureInfo.InvariantCulture);
Account account = _accountsService.GetById(accountId);
string blindingFactorSeedString = $"{requestForIdentity.IdCardContent}{requestForIdentity.Password}";
byte[] blindingFactorSeed = ConfidentialAssetsHelper.FastHash256(Encoding.ASCII.GetBytes(blindingFactorSeedString));
byte[] blindingFactor = ConfidentialAssetsHelper.ReduceScalar32(blindingFactorSeed);
byte[] blindingPoint = ConfidentialAssetsHelper.GetPublicKey(blindingFactor);
IdentityRequestDto identityRequest = new IdentityRequestDto
{
RequesterPublicSpendKey = account.PublicSpendKey.ToHexString(),
RequesterPublicViewKey = account.PublicViewKey.ToHexString(),
RootAttributeContent = requestForIdentity.IdCardContent,
BlindingPoint = blindingPoint.ToHexString(),
FaceImageContent = requestForIdentity.ImageContent
};
byte[] b = Convert.FromBase64String(requestForIdentity.Target);
string uri = Encoding.UTF8.GetString(b);
HttpResponseMessage httpResponse = uri.PostJsonAsync(identityRequest).Result;
if (httpResponse.IsSuccessStatusCode)
{
//TODO: this step should be done if Identity Provider API returned OK
_dataAccessService.UpdateUserAssociatedAttributes(accountId, new List <Tuple <AttributeType, string> > {
new Tuple <AttributeType, string>(AttributeType.PassportPhoto, requestForIdentity.ImageContent)
});
return(Ok());
}
return(BadRequest(httpResponse.Content.ReadAsAsync <string>().Result));
}
public IActionResult SendOnboardingWithValidationsRequest([FromBody] UserAttributeTransferWithValidationsDto userAttributeTransferWithValidations)
{
ulong accountId = ulong.Parse(User.Identity.Name, CultureInfo.InvariantCulture);
bool res = false;
UtxoPersistency utxoPersistency = _executionContextManager.ResolveUtxoExecutionServices(accountId);
var rootAttribute = _dataAccessService.GetUserAttributes(accountId).FirstOrDefault(u => !u.IsOverriden && u.AttributeType == _identityAttributesService.GetRootAttributeType().Item1);
string blindingFactorSeedString = $"{rootAttribute.Content}{userAttributeTransferWithValidations.Password}";
byte[] blindingFactorSeed = ConfidentialAssetsHelper.FastHash256(Encoding.ASCII.GetBytes(blindingFactorSeedString));
byte[] blindingFactor = ConfidentialAssetsHelper.ReduceScalar32(blindingFactorSeed);
byte[] blindingPoint = ConfidentialAssetsHelper.GetPublicKey(blindingFactor);
byte[] rootNonBlindedCommitment = ConfidentialAssetsHelper.GetNonblindedAssetCommitment(rootAttribute.AssetId);
byte[] rootOriginatingCommitment = ConfidentialAssetsHelper.SumCommitments(rootNonBlindedCommitment, blindingPoint);
byte[] target = userAttributeTransferWithValidations.UserAttributeTransfer.Target.HexStringToByteArray();
_dataAccessService.GetAccountId(target, out ulong spAccountId);
AssociatedProofPreparation[] associatedProofPreparations = null;
IEnumerable <SpIdenitityValidation> spIdenitityValidations = _dataAccessService.GetSpIdenitityValidations(spAccountId);
if (spIdenitityValidations != null && spIdenitityValidations.Count() > 0)
{
associatedProofPreparations = new AssociatedProofPreparation[spIdenitityValidations.Count()];
var associatedAttributes = _dataAccessService.GetUserAssociatedAttributes(accountId);
int index = 0;
foreach (var validation in spIdenitityValidations)
{
string attrContent = associatedAttributes.FirstOrDefault(a => a.Item1 == validation.AttributeType)?.Item2 ?? string.Empty;
byte[] groupId = _identityAttributesService.GetGroupId(validation.AttributeType);
byte[] assetId = validation.AttributeType != AttributeType.DateOfBirth ? _assetsService.GenerateAssetId(validation.AttributeType, attrContent) : rootAttribute.AssetId;
byte[] associatedBlindingFactor = validation.AttributeType != AttributeType.DateOfBirth ? ConfidentialAssetsHelper.GetRandomSeed() : null;
byte[] associatedCommitment = validation.AttributeType != AttributeType.DateOfBirth ? ConfidentialAssetsHelper.GetAssetCommitment(assetId, associatedBlindingFactor) : null;
byte[] associatedNonBlindedCommitment = ConfidentialAssetsHelper.GetNonblindedAssetCommitment(assetId);
byte[] associatedOriginatingCommitment = ConfidentialAssetsHelper.SumCommitments(associatedNonBlindedCommitment, blindingPoint);
AssociatedProofPreparation associatedProofPreparation = new AssociatedProofPreparation {
GroupId = groupId, Commitment = associatedCommitment, CommitmentBlindingFactor = associatedBlindingFactor, OriginatingAssociatedCommitment = associatedOriginatingCommitment, OriginatingBlindingFactor = blindingFactor, OriginatingRootCommitment = rootOriginatingCommitment
};
associatedProofPreparations[index++] = associatedProofPreparation;
}
}
SendOnboardingRequest(userAttributeTransferWithValidations.UserAttributeTransfer, utxoPersistency.TransactionsService, associatedProofPreparations);
return(Ok(res));
}
public IActionResult SendRelationsProofs([FromBody] RelationsProofsDto relationsProofs)
{
ulong accountId = ulong.Parse(User.Identity.Name, CultureInfo.InvariantCulture);
UtxoPersistency utxoPersistency = _executionContextManager.ResolveUtxoExecutionServices(accountId);
byte[] target = relationsProofs.Target.HexStringToByteArray();
byte[] targetViewKey = relationsProofs.TargetViewKey.HexStringToByteArray();
byte[] issuer = relationsProofs.Source.HexStringToByteArray();
byte[] assetId = relationsProofs.AssetId.HexStringToByteArray();
byte[] originalBlindingFactor = relationsProofs.OriginalBlindingFactor.HexStringToByteArray();
byte[] originalCommitment = relationsProofs.OriginalCommitment.HexStringToByteArray();
byte[] lastTransactionKey = relationsProofs.LastTransactionKey.HexStringToByteArray();
byte[] lastBlindingFactor = relationsProofs.LastBlindingFactor.HexStringToByteArray();
byte[] lastCommitment = relationsProofs.LastCommitment.HexStringToByteArray();
byte[] lastDestinationKey = relationsProofs.LastDestinationKey.HexStringToByteArray();
byte[] imageContent = Convert.FromBase64String(relationsProofs.ImageContent);
string sessionKey = _gatewayService.PushRelationProofSession(
new RelationProofSession
{
ImageContent = relationsProofs.ImageContent,
RelationEntries = relationsProofs.Relations.Select(r => new RelationEntry {
RelatedAssetOwnerName = r.GroupOwnerName, RelatedAssetOwnerKey = r.GroupOwnerKey, RelatedAssetName = r.GroupName
}).ToArray()
});
RelationsProofsInput requestInput = new RelationsProofsInput
{
AssetId = assetId,
EligibilityBlindingFactor = originalBlindingFactor,
EligibilityCommitment = originalCommitment,
Issuer = issuer,
PrevAssetCommitment = lastCommitment,
PrevBlindingFactor = lastBlindingFactor,
PrevDestinationKey = lastDestinationKey,
PrevTransactionKey = lastTransactionKey,
Target = target,
TargetViewKey = targetViewKey,
Payload = sessionKey.HexStringToByteArray(),
ImageHash = ConfidentialAssetsHelper.FastHash256(imageContent),
Relations = relationsProofs.Relations.Select(r => new Relation {
RelatedAssetOwner = r.GroupOwnerKey.HexStringToByteArray(), RelatedAssetId = _assetsService.GenerateAssetId(AttributeType.EmployeeGroup, r.GroupOwnerKey + r.GroupName)
}).ToArray()
};
OutputModel[] outputModels = _gatewayService.GetOutputs(_portalConfiguration.RingSize + 1);
byte[][] issuanceCommitments = _gatewayService.GetIssuanceCommitments(issuer, _portalConfiguration.RingSize + 1);
utxoPersistency.TransactionsService.SendRelationsProofs(requestInput, outputModels, issuanceCommitments);
return(Ok());
}
public RelationProofsValidationResults VerifyRelationProofs(GroupsRelationsProofs relationsProofs, IUtxoClientCryptoService clientCryptoService)
{
//TODO: need to add eligibility proofs
RelationProofsValidationResults validationResults = new RelationProofsValidationResults();
clientCryptoService.DecodeEcdhTuple(relationsProofs.EcdhTuple, relationsProofs.TransactionPublicKey, out byte[] sessionKey, out byte[] imageHash);
RelationProofSession proofSession = _gatewayService.PopRelationProofSession(sessionKey.ToHexString());
byte[] image = Convert.FromBase64String(proofSession.ImageContent);
validationResults.ImageContent = proofSession.ImageContent;
byte[] imageHashFromSession = ConfidentialAssetsHelper.FastHash256(image);
validationResults.IsImageCorrect = imageHashFromSession.Equals32(imageHash);
foreach (var relationEntry in proofSession.RelationEntries)
{
bool isRelationContentMatching = false;
foreach (var relationProof in relationsProofs.RelationProofs)
{
byte[] registrationCommitment = relationProof.RelationProof.AssetCommitments[0];
byte[] groupNameCommitment = _gatewayService.GetEmployeeRecordGroup(relationProof.GroupOwner, registrationCommitment);
bool isRelationProofCorrect = groupNameCommitment != null?ConfidentialAssetsHelper.VerifySurjectionProof(relationProof.RelationProof, relationsProofs.AssetCommitment) : false;
if (isRelationProofCorrect)
{
byte[] relationAssetId = _assetsService.GenerateAssetId(AttributeType.EmployeeGroup, relationProof.GroupOwner.ToHexString() + relationEntry.RelatedAssetName);
if (ConfidentialAssetsHelper.VerifyIssuanceSurjectionProof(relationProof.GroupNameProof, groupNameCommitment, new byte[][] { relationAssetId }))
{
isRelationContentMatching = true;
break;
}
}
}
validationResults.ValidationResults.Add(new RelationProofValidationResult {
RelatedAttributeOwner = relationEntry.RelatedAssetOwnerName, RelatedAttributeContent = relationEntry.RelatedAssetName, IsRelationCorrect = isRelationContentMatching
});
}
return(validationResults);
}
private AccountDescriptor AuthenticateUtxoAccount(AuthenticationInput authenticationInput)
{
AccountDescriptor accountDescriptor = null;
Tuple <byte[], byte[]> keys = DecryptUtxoKeys(authenticationInput.Account, authenticationInput.Password);
if (keys != null)
{
accountDescriptor = new AccountDescriptor {
AccountType = authenticationInput.Account.AccountType, SecretSpendKey = keys.Item1, SecretViewKey = keys.Item2, PublicSpendKey = authenticationInput.Account.PublicSpendKey, PublicViewKey = authenticationInput.Account.PublicViewKey, AccountInfo = authenticationInput.Account.AccountInfo, AccountId = authenticationInput.Account.AccountId
};
byte[] pwdBytes = Encoding.ASCII.GetBytes(authenticationInput.Password);
byte[] pwdHash = ConfidentialAssetsHelper.FastHash256(pwdBytes);
_executionContextManager.InitializeUtxoExecutionServices(authenticationInput.Account.AccountId, accountDescriptor.SecretSpendKey, accountDescriptor.SecretViewKey, pwdHash);
}
return(accountDescriptor);
}
public BlockBase CreateUtxoRegisterBlock(UtxoConfidentialBase confidentialBase, byte[] otsk, int actualAssetPos)
{
byte[] msg = ConfidentialAssetsHelper.FastHash256(confidentialBase.RawData.ToArray());
RegistryRegisterUtxoConfidentialBlock registryRegisterUtxoConfidentialBlock = new RegistryRegisterUtxoConfidentialBlock
{
SyncBlockHeight = confidentialBase.SyncBlockHeight,
Nonce = confidentialBase.Nonce,
PowHash = confidentialBase.PowHash,
ReferencedPacketType = confidentialBase.PacketType,
ReferencedBlockType = confidentialBase.BlockType,
DestinationKey = confidentialBase.DestinationKey,
KeyImage = confidentialBase.KeyImage,
ReferencedBodyHash = _hashCalculation.CalculateHash(confidentialBase.RawData),
TransactionPublicKey = confidentialBase.TransactionPublicKey,
TagId = confidentialBase.TagId,
PublicKeys = confidentialBase.PublicKeys,
Signatures = ConfidentialAssetsHelper.GenerateRingSignature(msg, confidentialBase.KeyImage.Value.ToArray(), confidentialBase.PublicKeys.Select(p => p.Value.ToArray()).ToArray(), otsk, actualAssetPos)
};
return(registryRegisterUtxoConfidentialBlock);
}
private BlockBase CreateNonQuantitativeTransitionAssetTransferBlock(Account receiver, byte[] assetId, byte[] prevTransactionKey, byte[] prevCommitment, byte[] prevDestinationKey, int ringSize, ulong tagId, out byte[] otsk, out int pos)
{
if (!_clientState.IsConfidential())
{
otsk = null;
pos = -1;
return(null);
}
byte[] otskAsset = ConfidentialAssetsHelper.GetOTSK(prevTransactionKey, _clientState.GetSecretViewKey(), _clientState.GetSecretSpendKey());
otsk = otskAsset;
byte[] keyImage = ConfidentialAssetsHelper.GenerateKeyImage(otskAsset);
byte[] secretKey = ConfidentialAssetsHelper.GetRandomSeed();
byte[] transactionKey = ConfidentialAssetsHelper.GetTrancationKey(secretKey);
byte[] destinationKey = _hashCalculation.CalculateHash(receiver.PublicKey);
byte[] blindingFactor = ConfidentialAssetsHelper.GetRandomSeed();
byte[] assetCommitment = ConfidentialAssetsHelper.GetAssetCommitment(assetId, blindingFactor);
byte[] msg = ConfidentialAssetsHelper.FastHash256(BitConverter.GetBytes(tagId), keyImage, destinationKey, transactionKey, assetCommitment);
Random random = new Random(BitConverter.ToInt32(secretKey, 0));
GetCommitmentAndProofs(prevCommitment, prevDestinationKey, ringSize, tagId, random, out int actualAssetPos, out byte[][] assetCommitments, out byte[][] assetPubs);
pos = actualAssetPos;
UtxoUnspentBlock idCardBlock = _dataAccessService.GetUtxoUnspentBlocksByTagId(_idCardTagId).First();
byte[] otskAffiliation = ConfidentialAssetsHelper.GetOTSK(idCardBlock.TransactionKey, _clientState.GetSecretViewKey(), _clientState.GetSecretSpendKey());
byte[] affiliationBlindingFactor = ConfidentialAssetsHelper.GetRandomSeed();
byte[] affiliationAssetCommitment = ConfidentialAssetsHelper.GetAssetCommitment(idCardBlock.AssetId, affiliationBlindingFactor);
GetCommitmentAndProofs(idCardBlock.Output.Commitment, idCardBlock.Output.DestinationKey, ringSize, _idCardTagId, random, out int actualAffiliationPos, out byte[][] affiliationCommitments, out byte[][] affiliationPubs);
BorromeanRingSignature borromeanRingSignature = ConfidentialAssetsHelper.GenerateBorromeanRingSignature(msg, affiliationPubs, actualAffiliationPos, otskAffiliation);
SurjectionProof assetSurjectionProof = ConfidentialAssetsHelper.CreateAssetRangeProof(assetCommitment, assetCommitments, actualAssetPos, blindingFactor);
SurjectionProof affilaitionSurjectionProof = ConfidentialAssetsHelper.CreateAssetRangeProof(affiliationAssetCommitment, affiliationCommitments, actualAffiliationPos, affiliationBlindingFactor);
List <TransactionalIncomingBlock> incomingBlocks = _dataAccessService.GetIncomingBlocksByBlockType(BlockTypes.Transaction_IssueAssets);
List <IssueAssetsBlock> issueAssetsBlocks = incomingBlocks.Where(b => b.TagId == _idCardTagId).ToList().Select(b =>
{
return((IssueAssetsBlock)_blockParsersRepositoriesRepository.GetBlockParsersRepository(PacketType.Transactional).GetInstance(b.BlockType).Parse(b.Content));
}).ToList();
List <byte[]> rawIdCardAssetIds = issueAssetsBlocks.SelectMany(b => b.IssuedAssetIds).ToList();
SurjectionProof affiliationEvidenceSurjectionProof = ConfidentialAssetsHelper.CreateNewIssuanceSurjectionProof(affiliationAssetCommitment, rawIdCardAssetIds.ToArray(), rawIdCardAssetIds.FindIndex(b => b.Equals32(idCardBlock.AssetId)), affiliationBlindingFactor);
NonQuantitativeTransitionAssetTransferBlock block = new NonQuantitativeTransitionAssetTransferBlock
{
TagId = tagId,
KeyImage = _identityKeyProvider.GetKey(keyImage),
DestinationKey = destinationKey,
TransactionPublicKey = transactionKey,
AssetCommitment = assetCommitment,
SurjectionProof = assetSurjectionProof,
AffiliationCommitment = affiliationAssetCommitment,
AffiliationPseudoKeys = affiliationPubs,
AffiliationSurjectionProof = affilaitionSurjectionProof,
AffiliationBorromeanSignature = borromeanRingSignature,
AffiliationEvidenceSurjectionProof = affiliationEvidenceSurjectionProof,
EcdhTuple = ConfidentialAssetsHelper.CreateEcdhTupleCA(blindingFactor, assetId, secretKey, receiver.PublicKey),
PublicKeys = assetPubs.Select(p => _identityKeyProvider.GetKey(p)).ToArray(),
Signatures = ConfidentialAssetsHelper.GenerateRingSignature(msg, keyImage, assetPubs, otskAsset, actualAssetPos)
};
FillSyncData(block);
FillRawData(block);
return(block);
}
