private bool CheckSpIdentityValidation(byte[] commitment, AssociatedProofs[] associatedProofsList, SpIdenitityValidation spIdentityValidation, string sessionKey)
{
byte[] groupId = _identityAttributesService.GetGroupId(spIdentityValidation.AttributeType);
AssociatedProofs associatedProofs = associatedProofsList.FirstOrDefault(P => P.AssociatedAssetGroupId.Equals32(groupId));
if (associatedProofs == null)
{
_idenitiesHubContext.Clients.Group(sessionKey).SendAsync("PushSpAuthorizationFailed", new { Code = 3, Message = "Validation proofs were not complete" }).Wait();
return(false);
}
bool associatedProofValid;
if (associatedProofs is AssociatedAssetProofs associatedAssetProofs)
{
associatedProofValid = ConfidentialAssetsHelper.VerifySurjectionProof(associatedAssetProofs.AssociationProofs, associatedAssetProofs.AssociatedAssetCommitment);
}
else
{
associatedProofValid = ConfidentialAssetsHelper.VerifySurjectionProof(associatedProofs.AssociationProofs, commitment);
}
bool rootProofValid = ConfidentialAssetsHelper.VerifySurjectionProof(associatedProofs.RootProofs, commitment);
if (!rootProofValid || !associatedProofValid)
{
_idenitiesHubContext.Clients.Group(sessionKey).SendAsync("PushSpAuthorizationFailed", new { Code = 3, Message = "Validation proofs were not correct" }).Wait();
return(false);
}
//TODO: !!! adjust checking either against Gateway or against local database
bool found = true; // associatedProofs.AssociationProofs.AssetCommitments.Any(a => associatedProofs.RootProofs.AssetCommitments.Any(r => _dataAccessService.CheckAssociatedAtributeExist(null, a, r)));
if (!found)
{
_idenitiesHubContext.Clients.Group(sessionKey).SendAsync("PushSpAuthorizationFailed", new { Code = 3, Message = "Validation proofs were not correct" }).Wait();
return(false);
}
return(true);
}
private async Task CheckSpIdentityValidation(Memory <byte> commitment, AssociatedProofs[] associatedProofsList, SpIdenitityValidation spIdentityValidation, string issuer)
{
byte[] groupId = await _identityAttributesService.GetGroupId(spIdentityValidation.SchemeName, issuer).ConfigureAwait(false);
AssociatedProofs associatedProofs = associatedProofsList.FirstOrDefault(P => P.AssociatedAssetGroupId.Equals32(groupId));
if (associatedProofs == null)
{
throw new ValidationProofsWereNotCompleteException(spIdentityValidation);
}
bool associatedProofValid;
if (associatedProofs is AssociatedAssetProofs associatedAssetProofs)
{
associatedProofValid = ConfidentialAssetsHelper.VerifySurjectionProof(associatedAssetProofs.AssociationProofs, associatedAssetProofs.AssociatedAssetCommitment);
}
else
{
associatedProofValid = ConfidentialAssetsHelper.VerifySurjectionProof(associatedProofs.AssociationProofs, commitment.Span);
}
bool rootProofValid = ConfidentialAssetsHelper.VerifySurjectionProof(associatedProofs.RootProofs, commitment.Span);
if (!rootProofValid || !associatedProofValid)
{
throw new ValidationProofFailedException(spIdentityValidation);
}
//TODO: !!! adjust checking either against Gateway or against local database
bool found = true; // associatedProofs.AssociationProofs.AssetCommitments.Any(a => associatedProofs.RootProofs.AssetCommitments.Any(r => _dataAccessService.CheckAssociatedAtributeExist(null, a, r)));
if (!found)
{
throw new ValidationProofFailedException(spIdentityValidation);
}
}
public ValidationProofsWereNotCompleteException(SpIdenitityValidation idenitityValidation, Exception inner) : base(string.Format(Resources.ERR_VALIDATION_PROOFS_NOT_COMPLETE, JsonConvert.SerializeObject(idenitityValidation, new ByteArrayJsonConverter())), inner)
{
}
public ValidationProofFailedException(SpIdenitityValidation idenitityValidation, Exception inner) : base(string.Format(Resources.ERR_VALIDATION_PROOF_FAILED, JsonConvert.SerializeObject(idenitityValidation, new ByteArrayJsonConverter())), inner)
{
}
