private async Task <string> BuildRevocationStatesAsync(IAgentContext agentContext,
IEnumerable <CredentialInfo> credentialObjects,
ProofRequest proofRequest,
RequestedCredentials requestedCredentials)
{
var allCredentials = new List <RequestedAttribute>();
allCredentials.AddRange(requestedCredentials.RequestedAttributes.Values);
allCredentials.AddRange(requestedCredentials.RequestedPredicates.Values);
var result = new Dictionary <string, Dictionary <string, JObject> >();
foreach (var requestedCredential in allCredentials)
{
// ReSharper disable once PossibleMultipleEnumeration
var credential = credentialObjects.First(x => x.Referent == requestedCredential.CredentialId);
if (credential.RevocationRegistryId == null ||
(proofRequest.NonRevoked == null))
{
continue;
}
var registryDefinition = await LedgerService.LookupRevocationRegistryDefinitionAsync(
agentContext : agentContext,
registryId : credential.RevocationRegistryId);
var delta = await LedgerService.LookupRevocationRegistryDeltaAsync(
agentContext : agentContext,
revocationRegistryId : credential.RevocationRegistryId,
// Ledger will not return correct revocation state if the 'from' field
// is other than 0
from : 0, //proofRequest.NonRevoked.From,
to : proofRequest.NonRevoked.To);
var tailsfile = await TailsService.EnsureTailsExistsAsync(agentContext, credential.RevocationRegistryId);
var tailsReader = await TailsService.OpenTailsAsync(tailsfile);
var state = await AnonCreds.CreateRevocationStateAsync(
blobStorageReader : tailsReader,
revRegDef : registryDefinition.ObjectJson,
revRegDelta : delta.ObjectJson,
timestamp : (long)delta.Timestamp,
credRevId : credential.CredentialRevocationId);
if (!result.ContainsKey(credential.RevocationRegistryId))
{
result.Add(credential.RevocationRegistryId, new Dictionary <string, JObject>());
}
requestedCredential.Timestamp = (long)delta.Timestamp;
if (!result[credential.RevocationRegistryId].ContainsKey($"{delta.Timestamp}"))
{
result[credential.RevocationRegistryId].Add($"{delta.Timestamp}", JObject.Parse(state));
}
}
return(result.ToJson());
}
private async Task <string> BuildRevocationStatesAsync(Pool pool,
IEnumerable <CredentialInfo> credentialObjects,
RequestedCredentials requestedCredentials)
{
var allCredentials = new List <RequestedAttribute>();
allCredentials.AddRange(requestedCredentials.RequestedAttributes.Values);
allCredentials.AddRange(requestedCredentials.RequestedPredicates.Values);
var result = new Dictionary <string, Dictionary <string, JObject> >();
foreach (var requestedCredential in allCredentials)
{
// ReSharper disable once PossibleMultipleEnumeration
var credential = credentialObjects.First(x => x.Referent == requestedCredential.CredentialId);
if (credential.RevocationRegistryId == null)
{
continue;
}
var timestamp = requestedCredential.Timestamp ??
throw new Exception(
"Timestamp must be provided for credential that supports revocation");
if (result.ContainsKey(credential.RevocationRegistryId) &&
result[credential.RevocationRegistryId].ContainsKey($"{timestamp}"))
{
continue;
}
var registryDefinition =
await LedgerService.LookupRevocationRegistryDefinitionAsync(pool,
credential.RevocationRegistryId);
var delta = await LedgerService.LookupRevocationRegistryDeltaAsync(pool,
credential.RevocationRegistryId, -1, timestamp);
var tailsfile = await TailsService.EnsureTailsExistsAsync(pool, credential.RevocationRegistryId);
var tailsReader = await TailsService.OpenTailsAsync(tailsfile);
var state = await AnonCreds.CreateRevocationStateAsync(tailsReader, registryDefinition.ObjectJson,
delta.ObjectJson, (long)delta.Timestamp, credential.CredentialRevocationId);
if (!result.ContainsKey(credential.RevocationRegistryId))
{
result.Add(credential.RevocationRegistryId, new Dictionary <string, JObject>());
}
result[credential.RevocationRegistryId].Add($"{timestamp}", JObject.Parse(state));
// TODO: Revocation state should provide the state between a certain period
// that can be requested in the proof request in the 'non_revocation' field.
}
return(result.ToJson());
}
public static async Task Execute()
{
Console.WriteLine("Anoncreds Revocation sample -> started");
var issuerWalletName = "issuerWallet";
var proverWalletName = "proverWallet";
var issuerWalletCredentials = "{\"key\":\"issuer_wallet_key\"}";
var proverWalletCredentials = "{\"key\":\"prover_wallet_key\"}";
var issuerDid = "NcYxiDXkpYi6ov5FcYDi1e";
var proverDid = "VsKV7grR1BUE29mG2Fm2kX";
try
{
//1. Create and Open Pool
await PoolUtils.CreatePoolLedgerConfig();
//2. Issuer Create and Open Wallet
await WalletUtils.CreateWalletAsync(PoolUtils.DEFAULT_POOL_NAME, issuerWalletName, "default", null, issuerWalletCredentials);
//3. Prover Create and Open Wallet
await WalletUtils.CreateWalletAsync(PoolUtils.DEFAULT_POOL_NAME, proverWalletName, "default", null, proverWalletCredentials);
// Open pool and wallets in using statements to ensure they are closed when finished.
using (var pool = await Pool.OpenPoolLedgerAsync(PoolUtils.DEFAULT_POOL_NAME, "{}"))
using (var issuerWallet = await Wallet.OpenWalletAsync(issuerWalletName, null, issuerWalletCredentials))
using (var proverWallet = await Wallet.OpenWalletAsync(proverWalletName, null, proverWalletCredentials))
{
//4. Issuer Creates Credential Schema
var schemaName = "gvt";
var schemaVersion = "1.0";
var schemaAttributes = "[\"name\", \"age\", \"sex\", \"height\"]";
var createSchemaResult = await AnonCreds.IssuerCreateSchemaAsync(issuerDid, schemaName, schemaVersion, schemaAttributes);
var schemaId = createSchemaResult.SchemaId;
var schemaJson = createSchemaResult.SchemaJson;
//5. Issuer create Credential Definition
var credDefTag = "Tag1";
var credDefConfigJson = "{\"support_revocation\":true}";
var createCredDefResult = await AnonCreds.IssuerCreateAndStoreCredentialDefAsync(issuerWallet, issuerDid, schemaJson, credDefTag, null, credDefConfigJson);
var credDefId = createCredDefResult.CredDefId;
var credDefJson = createCredDefResult.CredDefJson;
//6. Issuer create Revocation Registry
var revRegDefConfig = "{\"issuance_type\":\"ISSUANCE_ON_DEMAND\",\"max_cred_num\":5}";
var tailsWriterConfig = string.Format("{{\"base_dir\":\"{0}\", \"uri_pattern\":\"\"}}", EnvironmentUtils.GetIndyHomePath("tails")).Replace('\\', '/');
var tailsWriter = await BlobStorage.OpenWriterAsync("default", tailsWriterConfig);
var revRegDefTag = "Tag2";
var createRevRegResult = await AnonCreds.IssuerCreateAndStoreRevocRegAsync(issuerWallet, issuerDid, null, revRegDefTag, credDefId, revRegDefConfig, tailsWriter);
var revRegId = createRevRegResult.RevRegId;
var revRegDefJson = createRevRegResult.RevRegDefJson;
//7. Prover create Master Secret
var masterSecretId = await AnonCreds.ProverCreateMasterSecretAsync(proverWallet, null);
//8. Issuer Creates Credential Offer
var credOffer = await AnonCreds.IssuerCreateCredentialOfferAsync(issuerWallet, credDefId);
//9. Prover Creates Credential Request
var createCredReqResult = await AnonCreds.ProverCreateCredentialReqAsync(proverWallet, proverDid, credOffer, credDefJson, masterSecretId);
var credReqJson = createCredReqResult.CredentialRequestJson;
var credReqMetadataJson = createCredReqResult.CredentialRequestMetadataJson;
//10. Issuer open Tails Reader
var blobStorageReaderCfg = await BlobStorage.OpenReaderAsync("default", tailsWriterConfig);
//11. Issuer create Credential
var credValuesJson = "{\n" +
" \"sex\": {\"raw\": \"male\", \"encoded\": \"594465709955896723921094925839488742869205008160769251991705001\"},\n" +
" \"name\": {\"raw\": \"Alex\", \"encoded\": \"1139481716457488690172217916278103335\"},\n" +
" \"height\": {\"raw\": \"175\", \"encoded\": \"175\"},\n" +
" \"age\": {\"raw\": \"28\", \"encoded\": \"28\"}\n" +
" }";
var createCredentialResult = await AnonCreds.IssuerCreateCredentialAsync(issuerWallet, credOffer, credReqJson, credValuesJson, revRegId, blobStorageReaderCfg);
var credential = createCredentialResult.CredentialJson;
var revRegDeltaJson = createCredentialResult.RevocRegDeltaJson;
var credRevId = createCredentialResult.RevocId;
//12. Prover Stores Credential
await AnonCreds.ProverStoreCredentialAsync(proverWallet, null, credReqMetadataJson, credential, credDefJson, revRegDefJson);
//13. Prover Gets Credentials for Proof Request
var proofRequestJson = "{\n" +
" \"nonce\":\"123432421212\",\n" +
" \"name\":\"proof_req_1\",\n" +
" \"version\":\"0.1\", " +
" \"requested_attributes\":{" +
" \"attr1_referent\":{\"name\":\"name\"}" +
" },\n" +
" \"requested_predicates\":{" +
" \"predicate1_referent\":{\"name\":\"age\",\"p_type\":\">=\",\"p_value\":18}" +
" }" +
" }";
var credentialsForProofJson = await AnonCreds.ProverGetCredentialsForProofReqAsync(proverWallet, proofRequestJson);
var credentials = JObject.Parse(credentialsForProofJson);
var credentialsForAttr1 = (JArray)credentials["attrs"]["attr1_referent"];
var credentialsForPredicate1 = (JArray)credentials["predicates"]["predicate1_referent"];
var credIdForAttr1 = credentialsForAttr1[0]["cred_info"]["referent"].ToObject <string>();
var credIdForPred1 = credentialsForPredicate1[0]["cred_info"]["referent"].ToObject <string>();
//14. Prover create RevocationState
long timestamp = 100;
var revStateJson = await AnonCreds.CreateRevocationStateAsync(blobStorageReaderCfg, revRegDefJson, revRegDeltaJson, timestamp, credRevId);
//15. Prover Creates Proof
var requestedCredentialsJson = string.Format("{{" +
"\"self_attested_attributes\":{{}}," +
"\"requested_attributes\":{{\"attr1_referent\":{{\"cred_id\":\"{0}\", \"revealed\":true, \"timestamp\":{1} }}}}," +
"\"requested_predicates\":{{\"predicate1_referent\":{{\"cred_id\":\"{2}\", \"timestamp\":{3}}}}}" +
"}}", credIdForAttr1, timestamp, credIdForPred1, timestamp);
var schemas = string.Format("{{\"{0}\":{1}}}", schemaId, schemaJson);
var credentialDefs = string.Format("{{\"{0}\":{1}}}", credDefId, credDefJson);
var revStates = string.Format("{{\"{0}\": {{ \"{1}\":{2} }}}}", revRegId, timestamp, revStateJson);
var proofJson = await AnonCreds.ProverCreateProofAsync(proverWallet, proofRequestJson, requestedCredentialsJson, masterSecretId, schemas, credentialDefs, revStates);
var proof = JObject.Parse(proofJson);
//16. Verifier verify Proof
var revealedAttr1 = proof["requested_proof"]["revealed_attrs"]["attr1_referent"];
Debug.Assert("Alex" == revealedAttr1["raw"].ToObject <string>());
var revRegDefs = string.Format("{{\"{0}\":{1}}}", revRegId, revRegDefJson);
var revRegs = string.Format("{{\"{0}\": {{ \"{1}\":{2} }}}}", revRegId, timestamp, revRegDeltaJson);
var valid = await AnonCreds.VerifierVerifyProofAsync(proofRequestJson, proofJson, schemas, credentialDefs, revRegDefs, revRegs);
Debug.Assert(valid);
await issuerWallet.CloseAsync();
await proverWallet.CloseAsync();
await pool.CloseAsync();
}
}
finally
{
//17. Delete wallets and Pool ledger config
await WalletUtils.DeleteWalletAsync(issuerWalletName, issuerWalletCredentials);
await WalletUtils.DeleteWalletAsync(proverWalletName, proverWalletCredentials);
await PoolUtils.DeletePoolLedgerConfigAsync(PoolUtils.DEFAULT_POOL_NAME);
}
Console.WriteLine("Anoncreds Revocation sample -> completed");
}
public async Task TestIssuerRevokeProofWorks()
{
// Create wallet, get wallet handle
var walletConfig = JsonConvert.SerializeObject(new { id = "revocationWallet" });
await Wallet.CreateWalletAsync(walletConfig, CREDENTIALS);
var wallet = await Wallet.OpenWalletAsync(walletConfig, CREDENTIALS);
// Issuer create Schema
var createSchemaResult = await AnonCreds.IssuerCreateSchemaAsync(issuerDid, gvtSchemaName, schemaVersion, gvtSchemaAttributes);
var schemaId = createSchemaResult.SchemaId;
var schemaJson = createSchemaResult.SchemaJson;
// Issuer create issuer1GvtCredential definition
var revocationCredentialDefConfig = "{\"support_revocation\":true}";
var createCredentialDefResult = await AnonCreds.IssuerCreateAndStoreCredentialDefAsync(wallet, issuerDid, schemaJson, tag, null, revocationCredentialDefConfig);
var credDefId = createCredentialDefResult.CredDefId;
var credDefJson = createCredentialDefResult.CredDefJson;
// Issuer create revocation registry
var tailsWriter = await BlobStorage.OpenWriterAsync("default", tailsWriterConfig);
var revRegConfig = "{\"issuance_type\":null,\"max_cred_num\":5}";
var createRevRegResult = await AnonCreds.IssuerCreateAndStoreRevocRegAsync(wallet, issuerDid, null, tag, credDefId, revRegConfig, tailsWriter);
var revRegId = createRevRegResult.RevRegId;
var revRegDef = createRevRegResult.RevRegDefJson;
// Prover create Master Secret
await AnonCreds.ProverCreateMasterSecretAsync(wallet, masterSecretId);
// Issuer create Credential Offer
var credOfferJson = await AnonCreds.IssuerCreateCredentialOfferAsync(wallet, credDefId);
// Prover create Credential Request
var createCredReqResult =
await AnonCreds.ProverCreateCredentialReqAsync(wallet, proverDid, credOfferJson, credDefJson, masterSecretId);
var credentialReqJson = createCredReqResult.CredentialRequestJson;
var credentialReqMetadataJson = createCredReqResult.CredentialRequestMetadataJson;
// Issuer open TailsReader
var blobReader = await BlobStorage.OpenReaderAsync("default", tailsWriterConfig);
//9. Issuer create Credential
var createCredentialResult = await AnonCreds.IssuerCreateCredentialAsync(wallet, credOfferJson, credentialReqJson, gvtCredentialValuesJson, revRegId, blobReader);
var credJson = createCredentialResult.CredentialJson;
var credRevocId = createCredentialResult.RevocId;
var revRegDelta = createCredentialResult.RevocRegDeltaJson;
// Prover create RevocationState
var timestamp = 100;
var revStateJson = await AnonCreds.CreateRevocationStateAsync(blobReader, revRegDef, revRegDelta, timestamp, credRevocId);
// Prover store received Credential
await AnonCreds.ProverStoreCredentialAsync(wallet, credentialId1, credentialReqMetadataJson, credJson, credDefJson, revRegDef);
// Prover gets Credentials for Proof Request
var credentialsJson = await AnonCreds.ProverGetCredentialsForProofReqAsync(wallet, proofRequest);
var credentials = JObject.Parse(credentialsJson);
var credentialsForAttr1 = credentials["attrs"]["attr1_referent"];
var credentialUuid = credentialsForAttr1[0]["cred_info"]["referent"];
// Prover create Proof
var requestedCredentialsJson = string.Format("{{" +
"\"self_attested_attributes\":{{}}," +
"\"requested_attributes\":{{\"attr1_referent\":{{\"cred_id\":\"{0}\", \"revealed\":true, \"timestamp\":{1} }}}}," +
"\"requested_predicates\":{{\"predicate1_referent\":{{\"cred_id\":\"{2}\", \"timestamp\":{3}}}}}" +
"}}", credentialUuid, timestamp, credentialUuid, timestamp);
var schemasJson = JObject.Parse(string.Format("{{\"{0}\":{1}}}", schemaId, schemaJson)).ToString();
var credentialDefsJson = JObject.Parse(string.Format("{{\"{0}\":{1}}}", credDefId, credDefJson)).ToString();
var revStatesJson = JObject.Parse(string.Format("{{\"{0}\":{{\"{1}\":{2}}}}}", revRegId, timestamp, revStateJson)).ToString();
var proofJson = await AnonCreds.ProverCreateProofAsync(wallet, proofRequest, requestedCredentialsJson, masterSecretId, schemasJson, credentialDefsJson, revStatesJson);
var proof = JObject.Parse(proofJson);
// Issuer revoke Credential
revRegDelta = await AnonCreds.IssuerRevokeCredentialAsync(wallet, blobReader, revRegId, credRevocId);
// Verifier verify proof
var revealedAttr1 = proof["requested_proof"]["revealed_attrs"]["attr1_referent"];
Assert.AreEqual("Alex", revealedAttr1["raw"]);
var revRegDefsJson = JObject.Parse(string.Format("{{\"{0}\":{1}}}", revRegId, revRegDef)).ToString();
var revRegs = JObject.Parse(string.Format("{{\"{0}\":{{\"{1}\":{2}}}}}", revRegId, timestamp, revRegDelta)).ToString();
var valid = await AnonCreds.VerifierVerifyProofAsync(proofRequest, proofJson, schemasJson, credentialDefsJson, revRegDefsJson, revRegs);
Assert.IsFalse(valid);
//// Close and Delete Wallet
await wallet.CloseAsync();
await Wallet.DeleteWalletAsync(walletConfig, CREDENTIALS);
}
public async Task testAnoncredsRevocationInteractionIssuanceByDefault()
{
// Issuer create DID
var trusteeDidInfo = await Did.CreateAndStoreMyDidAsync(this.wallet, JsonConvert.SerializeObject(new { seed = TRUSTEE_SEED }));
var issuerDidInfo = await Did.CreateAndStoreMyDidAsync(this.wallet, "{}");
var nymRequest = await Ledger.BuildNymRequestAsync(trusteeDidInfo.Did, issuerDidInfo.Did,
issuerDidInfo.VerKey, null, "TRUSTEE");
await Ledger.SignAndSubmitRequestAsync(pool, wallet, trusteeDidInfo.Did, nymRequest);
var issuerDid = issuerDidInfo.Did;
// Prover create DID
var proverDidInfo = await Did.CreateAndStoreMyDidAsync(proverWallet, "{}");
var proverDid = proverDidInfo.Did;
var proverVerkey = proverDidInfo.VerKey;
// Issuer publish Prover DID
nymRequest = await Ledger.BuildNymRequestAsync(issuerDid, proverDid, proverVerkey, null, null);
await Ledger.SignAndSubmitRequestAsync(pool, wallet, issuerDid, nymRequest);
// ISSUER post to Ledger Schema, CredentialDefinition, RevocationRegistry
// Issuer creates Schema
var schemaInfo =
await AnonCreds.IssuerCreateSchemaAsync(issuerDidInfo.Did, GVT_SCHEMA_NAME,
SCHEMA_VERSION, GVT_SCHEMA_ATTRIBUTES);
var schemaJson = schemaInfo.SchemaJson;
// Issuer posts Schema to Ledger
var schemaRequest = await Ledger.BuildSchemaRequestAsync(issuerDid, schemaJson);
await Ledger.SignAndSubmitRequestAsync(pool, wallet, issuerDid, schemaRequest);
// Issuer get Schema from Ledger
var getSchemaRequest = await Ledger.BuildGetSchemaRequestAsync(issuerDid, schemaInfo.SchemaId);
var getSchemaResponse = await PoolUtils.EnsurePreviousRequestAppliedAsync(pool, getSchemaRequest, response => {
var getSchemaResponseObject = JObject.Parse(response);
return(getSchemaResponseObject["result"]["seqNo"] != null);
});
// !!IMPORTANT!!
// It is important to get Schema from Ledger and parse it to get the correct schema JSON and correspondent id in Ledger
// After that we can create CredentialDefinition for received Schema(not for result of indy_issuer_create_schema)
ParseResponseResult schemaInfo1 = await Ledger.ParseGetSchemaResponseAsync(getSchemaResponse);
schemaJson = schemaInfo1.ObjectJson;
// Issuer creates CredentialDefinition
var credDefInfo =
await AnonCreds.IssuerCreateAndStoreCredentialDefAsync(wallet, issuerDid, schemaJson,
TAG, null, JsonConvert.SerializeObject(new { support_revocation = true }));
var credDefId = credDefInfo.CredDefId;
var credDefJson = credDefInfo.CredDefJson;
// Issuer post CredentialDefinition to Ledger
var credDefRequest = await Ledger.BuildCredDefRequestAsync(issuerDid, credDefJson);
await Ledger.SignAndSubmitRequestAsync(pool, wallet, issuerDid, credDefRequest);
// Issuer creates RevocationRegistry
/* FIXME: getIndyHomePath hard coded forward slash "/". It will not work for Windows. */
var tailsWriterConfig = JsonConvert.SerializeObject(
new
{
base_dir = EnvironmentUtils.GetIndyHomePath("tails"),
uri_pattern = string.Empty
}
);
var tailsWriterHandle = await BlobStorage.OpenWriterAsync("default", tailsWriterConfig);
var revRegInfo =
await AnonCreds.IssuerCreateAndStoreRevocRegAsync(wallet, issuerDid, null, TAG,
credDefId,
JsonConvert.SerializeObject(new { max_cred_num = 5, issuance_type = "ISSUANCE_BY_DEFAULT" }),
tailsWriterHandle);
var revRegId = revRegInfo.RevRegId;
var revRegDefJson = revRegInfo.RevRegDefJson;
var revRegEntryJson = revRegInfo.RevRegEntryJson;
// Issuer posts RevocationRegistryDefinition to Ledger
var revRegDefRequest = await Ledger.BuildRevocRegDefRequestAsync(issuerDid, revRegDefJson);
await Ledger.SignAndSubmitRequestAsync(pool, wallet, issuerDid, revRegDefRequest);
// Issuer posts RevocationRegistryEntry to Ledger
var revRegEntryRequest = await Ledger.BuildRevocRegEntryRequestAsync(issuerDid, revRegId, REVOC_REG_TYPE, revRegEntryJson);
await Ledger.SignAndSubmitRequestAsync(pool, wallet, issuerDid, revRegEntryRequest);
// Issuance Credential for Prover
// Prover creates Master Secret
await AnonCreds.ProverCreateMasterSecretAsync(proverWallet, COMMON_MASTER_SECRET);
// Issuer creates Credential Offer
var credOfferJson = await AnonCreds.IssuerCreateCredentialOfferAsync(wallet, credDefId);
// Prover gets CredentialDefinition from Ledger
var getCredDefRequest = await Ledger.BuildGetCredDefRequestAsync(proverDid, credDefInfo.CredDefId);
var getCredDefResponse = await Ledger.SubmitRequestAsync(pool, getCredDefRequest);
ParseResponseResult credDefIdInfo = await Ledger.ParseGetCredDefResponseAsync(getCredDefResponse);
credDefId = credDefIdInfo.Id;
credDefJson = credDefIdInfo.ObjectJson;
// Prover creates Credential Request
var credReqInfo =
await AnonCreds.ProverCreateCredentialReqAsync(proverWallet, proverDid, credOfferJson,
credDefJson, COMMON_MASTER_SECRET);
var credReqJson = credReqInfo.CredentialRequestJson;
var credReqMetadataJson = credReqInfo.CredentialRequestMetadataJson;
// Issuer creates TailsReader
BlobStorageReader blobStorageReader = await BlobStorage.OpenReaderAsync(TYPE, tailsWriterConfig);
// Issuer creates Credential
// Issuer must not post rev_reg_delta to ledger for ISSUANCE_BY_DEFAULT strategy
var credRegInfo =
await AnonCreds.IssuerCreateCredentialAsync(wallet, credOfferJson, credReqJson,
GVT_CRED_VALUES, revRegId,
blobStorageReader);
var credJson = credRegInfo.CredentialJson;
var credRevId = credRegInfo.RevocId;
// Prover gets RevocationRegistryDefinition
var getRevRegDefRequest = await Ledger.BuildGetRevocRegDefRequestAsync(proverDid, revRegId);
var getRevRegDefResponse = await Ledger.SubmitRequestAsync(pool, getRevRegDefRequest);
ParseResponseResult revRegInfo1 = await Ledger.ParseGetRevocRegDefResponseAsync(getRevRegDefResponse);
revRegId = revRegInfo1.Id;
var revocRegDefJson = revRegInfo1.ObjectJson;
// Prover store received Credential
await AnonCreds.ProverStoreCredentialAsync(proverWallet, "credential1_id",
credReqMetadataJson, credJson, credDefJson,
revocRegDefJson);
// Verifying Prover Credential
Thread.Sleep(3000);
long to = (long)(DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalMilliseconds / 1000;
var proofRequest = JsonConvert.SerializeObject(
new
{
nonce = "123432421212",
name = "proof_req_1",
version = "0.1",
requested_attributes = new
{
attr1_referent = new
{
name = "name"
}
},
requested_predicates = new
{
predicate1_referent = new
{
name = "age",
p_type = ">=",
p_value = 18
}
},
non_revoked = new
{
to = to
}
}
);
// Prover gets Claims for Proof Request
var credentialsJson = await AnonCreds.ProverGetCredentialsForProofReqAsync(proverWallet, proofRequest);
var credentials = JObject.Parse(credentialsJson);
var credsForReferent = (JArray)credentials["attrs"]["attr1_referent"];
var credential = credsForReferent[0]["cred_info"];
// Prover gets RevocationRegistryDelta from Ledger
/* FIXME */
var getRevRegDeltaRequest = await Ledger.BuildGetRevocRegDeltaRequestAsync(proverDid, revRegId, -1, (int)to);
var getRevRegDeltaResponse = await Ledger.SubmitRequestAsync(pool, getRevRegDeltaRequest);
var revRegInfo2 = await Ledger.ParseGetRevocRegDeltaResponseAsync(getRevRegDeltaResponse);
revRegId = revRegInfo2.Id;
var revocRegDeltaJson = revRegInfo2.ObjectJson;
// Prover creates RevocationState
var timestamp = to;
var revStateJson = await AnonCreds.CreateRevocationStateAsync(blobStorageReader,
revocRegDefJson, revocRegDeltaJson, (int)timestamp, credRevId);
// Prover gets Schema from Ledger
getSchemaRequest = await Ledger.BuildGetSchemaRequestAsync(proverDid, schemaInfo1.Id);
getSchemaResponse = await Ledger.SubmitRequestAsync(pool, getSchemaRequest);
ParseResponseResult schemaInfo2 = await Ledger.ParseGetSchemaResponseAsync(getSchemaResponse);
var schemaId = schemaInfo2.Id;
schemaJson = schemaInfo2.ObjectJson;
// Prover creates Proof
var requestedCredentialsJson = JsonConvert.SerializeObject(
new
{
self_attested_attributes = new { },
requested_attributes = new
{
attr1_referent = new
{
cred_id = credential["referent"],
timestamp = timestamp,
revealed = true
}
},
requested_predicates = new
{
predicate1_referent = new
{
cred_id = credential["referent"],
timestamp = timestamp
}
}
}
);
var schemasJson = new JObject(new JProperty(schemaId, JObject.Parse(schemaJson))).ToString();
var credDefsJson = new JObject(new JProperty(credDefId, JObject.Parse(credDefJson))).ToString();
var revStatesJson = new JObject(new JProperty(revRegId, new JObject(new JProperty(timestamp.ToString(), JObject.Parse(revStateJson))))).ToString();
var proofJson = await AnonCreds.ProverCreateProofAsync(proverWallet, proofRequest,
requestedCredentialsJson, COMMON_MASTER_SECRET,
schemasJson, credDefsJson, revStatesJson);
var proof = JObject.Parse(proofJson);
// Verifier gets RevocationRegistry from Ledger
var getRevRegReq = await Ledger.BuildGetRevocRegRequestAsync(DID_MY1, revRegId, (int)timestamp);
var getRevRegResp = await Ledger.SubmitRequestAsync(pool, getRevRegReq);
var revRegInfo3 = await Ledger.ParseGetRevocRegResponseAsync(getRevRegResp);
revRegId = revRegInfo3.Id;
var revRegJson = revRegInfo3.ObjectJson;
// Verifier verifies proof
Assert.AreNotEqual("Alex", proof["requested_proof"]["revealed_attrs"]["attr1_referent"].ToString());
var revRegDefsJson = new JObject(new JProperty(revRegId, JObject.Parse(revRegDefJson))).ToString();
var revRegsJson = new JObject(new JProperty(revRegId, new JObject(new JProperty(timestamp.ToString(), JObject.Parse(revRegJson))))).ToString();
var valid = await AnonCreds.VerifierVerifyProofAsync(proofRequest,
proofJson,
schemasJson,
credDefsJson,
revRegDefsJson,
revRegsJson);
Assert.IsTrue(valid);
// Issuer revokes credential
var revRegDeltaJson = await AnonCreds.IssuerRevokeCredentialAsync(wallet,
blobStorageReader,
revRegId, credRevId);
// Issuer post RevocationRegistryDelta to Ledger
revRegEntryRequest = await Ledger.BuildRevocRegEntryRequestAsync(issuerDid, revRegId, REVOC_REG_TYPE, revRegDeltaJson);
await Ledger.SignAndSubmitRequestAsync(pool, wallet, issuerDid, revRegEntryRequest);
// Verifying Prover Credential after Revocation
Thread.Sleep(3000);
long from = to;
to = (long)(DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalMilliseconds / 1000;
// Prover gets RevocationRegistryDelta from Ledger
getRevRegDeltaRequest = await Ledger.BuildGetRevocRegDeltaRequestAsync(proverDid, revRegId, (int)from, (int)to);
getRevRegDeltaResponse = await Ledger.SubmitRequestAsync(pool, getRevRegDeltaRequest);
var revRegInfo4 = await Ledger.ParseGetRevocRegDeltaResponseAsync(getRevRegDeltaResponse);
revRegId = revRegInfo4.Id;
revocRegDeltaJson = revRegInfo4.ObjectJson;
timestamp = (long)revRegInfo4.Timestamp;
// Prover creates RevocationState
revStateJson = await AnonCreds.CreateRevocationStateAsync(blobStorageReader,
revocRegDefJson, revocRegDeltaJson, (int)timestamp, credRevId);
requestedCredentialsJson = JsonConvert.SerializeObject(
new
{
self_attested_attributes = new { },
requested_attributes = new
{
attr1_referent = new
{
cred_id = credential["referent"],
timestamp = timestamp,
revealed = true
}
},
requested_predicates = new
{
predicate1_referent = new
{
cred_id = credential["referent"],
timestamp = timestamp
}
}
}
);
revStatesJson = new JObject(new JProperty(revRegId, new JObject(new JProperty(timestamp.ToString(), JObject.Parse(revStateJson))))).ToString();
proofJson = await AnonCreds.ProverCreateProofAsync(proverWallet,
proofRequest,
requestedCredentialsJson,
COMMON_MASTER_SECRET,
schemasJson,
credDefsJson,
revStatesJson);
// Verifier gets RevocationRegistry from Ledger
getRevRegReq = await Ledger.BuildGetRevocRegRequestAsync(DID_MY1, revRegId, (int)timestamp);
getRevRegResp = await Ledger.SubmitRequestAsync(pool, getRevRegReq);
var revRegInfo5 = await Ledger.ParseGetRevocRegResponseAsync(getRevRegResp);
revRegId = revRegInfo5.Id;
revRegJson = revRegInfo5.ObjectJson;
timestamp = (long)revRegInfo5.Timestamp;
revRegsJson = new JObject(new JProperty(revRegId, new JObject(new JProperty(timestamp.ToString(), JObject.Parse(revRegJson))))).ToString();
valid = await AnonCreds.VerifierVerifyProofAsync(proofRequest,
proofJson,
schemasJson,
credDefsJson,
revRegDefsJson,
revRegsJson);
Assert.IsFalse(valid);
}
public async Task TestAnonCredsWorksForRevocationProof()
{
// Issuer create Schema
var createSchemaResult = await AnonCreds.IssuerCreateSchemaAsync(issuerDid, GVT_SCHEMA_NAME, SCHEMA_VERSION, GVT_SCHEMA_ATTRIBUTES);
var gvtSchemaId = createSchemaResult.SchemaId;
var schemaJson = createSchemaResult.SchemaJson;
// Issuer create credential definition
var revocationCredentialDefConfig = JsonConvert.SerializeObject(new { support_revocation = true });
var createCredentialDefResult = await AnonCreds.IssuerCreateAndStoreCredentialDefAsync(issuerWallet, issuerDid, schemaJson, TAG, null, revocationCredentialDefConfig);
var credDefId = createCredentialDefResult.CredDefId;
var credDef = createCredentialDefResult.CredDefJson;
// Issuer create revocation registry
var revRegConfig = JsonConvert.SerializeObject(new { issuance_type = (object)null, max_cred_num = 5 });
var tailsWriterConfig = JsonConvert.SerializeObject(
new
{
base_dir = EnvironmentUtils.GetIndyHomePath("tails"),
uri_pattern = string.Empty
}
);
var tailsWriter = await BlobStorage.OpenWriterAsync("default", tailsWriterConfig);
var createRevRegResult = await AnonCreds.IssuerCreateAndStoreRevocRegAsync(issuerWallet, issuerDid, null, TAG, credDefId, revRegConfig, tailsWriter);
var revRegId = createRevRegResult.RevRegId;
var revRegDef = createRevRegResult.RevRegDefJson;
// Prover create Master Secret
await AnonCreds.ProverCreateMasterSecretAsync(proverWallet, masterSecretId);
// Issuer create Credential Offer
var credOffer = await AnonCreds.IssuerCreateCredentialOfferAsync(issuerWallet, credDefId);
// Prover create Credential Request
var createCredReqResult = await AnonCreds.ProverCreateCredentialReqAsync(proverWallet, proverDid, credOffer, credDef, masterSecretId);
var credReq = createCredReqResult.CredentialRequestJson;
var credReqMetadata = createCredReqResult.CredentialRequestMetadataJson;
// Issuer open TailsReader
var blobStorageReader = await BlobStorage.OpenReaderAsync("default", tailsWriterConfig);
// Issuer create Credential
var createCredentialResult = await AnonCreds.IssuerCreateCredentialAsync(issuerWallet, credOffer, credReq, gvtCredentialValues, revRegId, blobStorageReader);
var credential = createCredentialResult.CredentialJson;
var revRegDelta = createCredentialResult.RevocRegDeltaJson;
var credRevId = createCredentialResult.RevocId;
// Prover store received Credential
await AnonCreds.ProverStoreCredentialAsync(proverWallet, credentialId1, credReqMetadata, credential, credDef, revRegDef);
// Prover gets Credentials for Proof Request
var proofRequestJson = JsonConvert.SerializeObject(
new
{
nonce = "123432421212",
name = "proof_req_1",
version = "0.1",
requested_attributes = new
{
attr1_referent = new { name = "name" },
},
requested_predicates = new
{
predicate1_referent = new { name = "age", p_type = ">=", p_value = 18 },
}
}
);
var credentialsJson = await AnonCreds.ProverGetCredentialsForProofReqAsync(proverWallet, proofRequestJson);
var credentials = JObject.Parse(credentialsJson);
var credentialsForAttr1 = (JArray)credentials["attrs"]["attr1_referent"];
var credentialUuid = credentialsForAttr1[0]["cred_info"]["referent"];
// Prover create RevocationState
int timestamp = 100;
var revStateJson = await AnonCreds.CreateRevocationStateAsync(blobStorageReader, revRegDef, revRegDelta, timestamp, credRevId);
// Prover create Proof
var requestedCredentialsJson = JsonConvert.SerializeObject(
new
{
self_attested_attributes = new { },
requested_attributes = new
{
attr1_referent = new { cred_id = credentialUuid, revealed = true, timestamp = timestamp },
},
requested_predicates = new
{
predicate1_referent = new { cred_id = credentialUuid, timestamp = timestamp },
}
}
);
var schemas = new JObject(new JProperty(gvtSchemaId, JObject.Parse(schemaJson))).ToString();
var credentialDefs = new JObject(new JProperty(credDefId, JObject.Parse(credDef))).ToString();
var revStates = new JObject(new JProperty(revRegId, new JObject(new JProperty(timestamp.ToString(), JObject.Parse(revStateJson))))).ToString();
var proofJson = await AnonCreds.ProverCreateProofAsync(proverWallet, proofRequestJson, requestedCredentialsJson, masterSecretId, schemas,
credentialDefs, revStates);
var proof = JObject.Parse(proofJson);
// Verifier verify proof
var revealedAttr1 = proof["requested_proof"]["revealed_attrs"]["attr1_referent"];
Assert.AreEqual("Alex", revealedAttr1["raw"]);
var revRegDefs = new JObject(new JProperty(revRegId, JObject.Parse(revRegDef))).ToString();
var revRegs = new JObject(new JProperty(revRegId, new JObject(new JProperty(timestamp.ToString(), JObject.Parse(revRegDelta))))).ToString();
var valid = await AnonCreds.VerifierVerifyProofAsync(proofRequestJson, proofJson, schemas, credentialDefs, revRegDefs, revRegs);
Assert.IsTrue(valid);
}
