public UserIdentitiesUpdater(ulong accountId, IUtxoClientCryptoService clientCryptoService, IAssetsService assetsService, IDataAccessService externalDataAccessService, IHubContext <IdentitiesHub> idenitiesHubContext, IRelationsProofsValidationService relationsProofsValidationService, ITrackingService trackingService)
{
_accountId = accountId;
_clientCryptoService = clientCryptoService;
_assetsService = assetsService;
_dataAccessService = externalDataAccessService;
_idenitiesHubContext = idenitiesHubContext;
_relationsProofsValidationService = relationsProofsValidationService;
_trackingService = trackingService;
PipeIn = new ActionBlock <PacketBase>(p =>
{
try
{
if (p is TransferAssetToUtxo packet)
{
_clientCryptoService.DecodeEcdhTuple(packet.TransferredAsset.EcdhTuple, packet.TransactionPublicKey, out byte[] blindingFactor, out byte[] assetId);
AttributeType attributeType = _assetsService.GetAttributeType(assetId);
_idenitiesHubContext.Clients.Group(_accountId.ToString(CultureInfo.InvariantCulture)).SendAsync("PushAttribute", new UserAttributeDto {
AttributeType = attributeType.ToString(), Source = packet.Signer.ArraySegment.Array.ToHexString(), AssetId = assetId.ToHexString(), OriginalBlindingFactor = blindingFactor.ToHexString(), OriginalCommitment = packet.TransferredAsset.AssetCommitment.ToHexString(), LastBlindingFactor = blindingFactor.ToHexString(), LastCommitment = packet.TransferredAsset.AssetCommitment.ToHexString(), LastTransactionKey = packet.TransactionPublicKey.ToHexString(), LastDestinationKey = packet.DestinationKey.ToHexString(), Validated = false, IsOverriden = false
});
}
else if (p is GroupsRelationsProofs relationsProofs && _clientCryptoService.CheckTarget(relationsProofs.DestinationKey2, relationsProofs.TransactionPublicKey))
{
RelationProofsValidationResults validationResults = _relationsProofsValidationService.VerifyRelationProofs(relationsProofs, _clientCryptoService);
_idenitiesHubContext.Clients.Group(_accountId.ToString(CultureInfo.InvariantCulture)).SendAsync("PushRelationValidation", validationResults);
}
}
catch
{
}
});
}
private IActionResult GetServiceProviderActionType(IUtxoClientCryptoService clientCryptoService, string actionDecoded)
{
ulong accountId = ulong.Parse(User.Identity.Name, CultureInfo.InvariantCulture);
UriBuilder uriBuilder = new UriBuilder(actionDecoded);
string actionType = uriBuilder.Uri.ParseQueryString()["actionType"];
string registrationKey;
byte[] targetBytes = uriBuilder.Uri.ParseQueryString()["publicKey"]?.HexStringToByteArray();
UserRootAttribute rootAttribute = _dataAccessService.GetUserAttributes(accountId).FirstOrDefault();
if (actionType == "0") // Login and register
{
clientCryptoService.GetBoundedCommitment(rootAttribute.AssetId, targetBytes, out byte[] blindingFactor, out byte[] assetCommitment);
registrationKey = assetCommitment.ToHexString();
NameValueCollection queryParams = uriBuilder.Uri.ParseQueryString();
queryParams["registrationKey"] = registrationKey;
uriBuilder.Query = queryParams.ToString();
}
else if (actionType == "1") // employee registration
{
registrationKey = rootAttribute.AssetId.ToHexString();
NameValueCollection queryParams = uriBuilder.Uri.ParseQueryString();
queryParams["registrationKey"] = registrationKey;
uriBuilder.Query = queryParams.ToString();
}
else if (actionType == "2") // document sign
{
}
ServiceProviderActionAndValidationsDto serviceProviderActionAndValidations = uriBuilder.Uri.ToString().GetJsonAsync <ServiceProviderActionAndValidationsDto>().Result;
string validationsExpression = string.Empty;
if ((serviceProviderActionAndValidations.Validations?.Count ?? 0) > 0)
{
validationsExpression = ":" + serviceProviderActionAndValidations.Validations.JoinStrings("|");
}
if (actionType == "2")
{
return(Ok(new { Action = "6", ActionInfo = $"{serviceProviderActionAndValidations.PublicKey}:{serviceProviderActionAndValidations.SessionKey}:{serviceProviderActionAndValidations.ExtraInfo}{validationsExpression}" }));
}
else
{
if (serviceProviderActionAndValidations.IsRegistered)
{
return(Ok(new { Action = actionType == "0" ? "3" : "5", ActionInfo = $"{serviceProviderActionAndValidations.PublicKey}:{serviceProviderActionAndValidations.SessionKey}:{serviceProviderActionAndValidations.ExtraInfo}{validationsExpression}" }));
}
else
{
return(Ok(new { Action = actionType == "0" ? "2" : "4", ActionInfo = $"{serviceProviderActionAndValidations.PublicKey}:{serviceProviderActionAndValidations.SessionKey}:{serviceProviderActionAndValidations.ExtraInfo}{validationsExpression}" }));
}
}
}
public void Initialize(IExecutionContextManager executionContextManager, CancellationToken cancellationToken)
{
_executionContextManager = executionContextManager;
ConsentManagementSettings settings = _dataAccessService.GetConsentManagementSettings();
if (settings == null)
{
settings = CreateNewConsentManagementServiceAccount();
}
AccountDescriptor accountDescriptor = _accountsService.Authenticate(settings.AccountId, GetDefaultConsentManagementPassword());
if (accountDescriptor == null)
{
settings = CreateNewConsentManagementServiceAccount();
accountDescriptor = _accountsService.Authenticate(settings.AccountId, GetDefaultConsentManagementPassword());
if (accountDescriptor == null)
{
throw new Exception("ConsentManagementService initialization failed");
}
}
_accountId = accountDescriptor.AccountId;
_executionContextManager
.InitializeUtxoExecutionServices(
accountDescriptor.AccountId,
accountDescriptor.SecretSpendKey,
accountDescriptor.SecretViewKey,
accountDescriptor.PwdHash,
new Func <long, IUtxoClientCryptoService, CancellationToken, IUpdater>(
(accountId, clientCryptoService, ct) =>
{
_clientCryptoService = clientCryptoService;
return(this);
}));
PublicSpendKey = accountDescriptor.PublicSpendKey.ToHexString();
PublicViewKey = accountDescriptor.PublicViewKey.ToHexString();
cancellationToken.Register(() =>
{
_executionContextManager.UnregisterExecutionServices(_accountId);
});
}
public void InitializeUtxoExecutionServices(ulong accountId, byte[] secretSpendKey, byte[] secretViewKey, byte[] pwdSecretKey)
{
if (_utxoPersistencyItems.ContainsKey(accountId))
{
return;
}
IPacketsProvider packetsProvider = ServiceLocator.Current.GetInstance <IPacketsProvider>();
IUtxoTransactionsService transactionsService = ServiceLocator.Current.GetInstance <UtxoTransactionsService>();
IUtxoClientCryptoService clientCryptoService = ServiceLocator.Current.GetInstance <UtxoClientCryptoService>();
UtxoWalletSynchronizer walletSynchronizer = ServiceLocator.Current.GetInstance <UtxoWalletSynchronizer>();
CancellationTokenSource cancellationTokenSource = new CancellationTokenSource();
packetsProvider.Initialize(accountId, cancellationTokenSource.Token);
clientCryptoService.Initialize(secretSpendKey, secretViewKey, pwdSecretKey);
transactionsService.Initialize(clientCryptoService);
transactionsService.PipeOutTransactions.LinkTo(_gatewayService.PipeInTransactions);
transactionsService.PipeOutKeyImages.LinkTo(walletSynchronizer.PipeInKeyImages);
UserIdentitiesUpdater userIdentitiesUpdater = new UserIdentitiesUpdater(accountId, clientCryptoService, _assetsService, _dataAccessService, _identitiesHubContext, _relationsProofsValidationService, _trackingService);
walletSynchronizer.Initialize(accountId, clientCryptoService, _gatewayService, cancellationTokenSource.Token);
packetsProvider.PipeOut.LinkTo(walletSynchronizer.PipeIn);
walletSynchronizer.PipeOut.LinkTo(userIdentitiesUpdater.PipeIn);
walletSynchronizer.Start();
packetsProvider.Start();
AddSubscriberToDictionary(accountId, walletSynchronizer.Subscribe(userIdentitiesUpdater));
var state = new UtxoPersistency
{
AccountId = accountId,
PacketsProvider = packetsProvider,
TransactionsService = transactionsService,
ClientCryptoService = clientCryptoService,
WalletSynchronizer = walletSynchronizer,
CancellationTokenSource = cancellationTokenSource
};
_utxoPersistencyItems.Add(accountId, state);
}
public UserIdentitiesUpdater(long accountId, IUtxoClientCryptoService clientCryptoService,
IAssetsService assetsService, IDataAccessService dataAccessService,
IHubContext <IdentitiesHub> idenitiesHubContext, IRelationsProofsValidationService relationsProofsValidationService,
ISchemeResolverService schemeResolverService, ILoggerService loggerService, CancellationToken cancellationToken)
{
_accountId = accountId;
_clientCryptoService = clientCryptoService;
_assetsService = assetsService;
_dataAccessService = dataAccessService;
_idenitiesHubContext = idenitiesHubContext;
_relationsProofsValidationService = relationsProofsValidationService;
_schemeResolverService = schemeResolverService;
_cancellationToken = cancellationToken;
_cancellationToken.Register(() =>
{
PipeIn?.Complete();
PipInNotifications?.Complete();
});
_logger = loggerService.GetLogger(nameof(UserIdentitiesUpdater));
PipeIn = new ActionBlock <PacketBase>(async p =>
{
try
{
if (p is TransferAssetToUtxo packet)
{
_logger.LogIfDebug(() => $"[{_accountId}]: Processing {nameof(TransferAssetToUtxo)}");
UserRootAttribute userRootAttribute = _dataAccessService.GetRootAttributeByOriginalCommitment(_accountId, packet.TransferredAsset.AssetCommitment);
if (userRootAttribute != null)
{
_clientCryptoService.DecodeEcdhTuple(packet.TransferredAsset.EcdhTuple, packet.TransactionPublicKey, out byte[] blindingFactor, out byte[] assetId);
await _assetsService.GetAttributeSchemeName(assetId, packet.Signer.ToString()).ContinueWith(t =>
{
if (t.IsCompleted && !t.IsFaulted)
{
_idenitiesHubContext.Clients.Group(_accountId.ToString(CultureInfo.InvariantCulture))
.SendAsync("PushAttribute",
new UserAttributeDto
{
SchemeName = t.Result,
Source = packet.Signer.ToString(),
Content = userRootAttribute.Content,
Validated = true,
IsOverriden = false
});
}
}, TaskScheduler.Current).ConfigureAwait(false);
await ObtainRelations(packet, assetId).ConfigureAwait(false);
await ObtainRegistrations(packet, assetId).ConfigureAwait(false);
}
else
{
_logger.Error($"[{_accountId}]: No Root Attribute found by commitment {packet.TransferredAsset.AssetCommitment.ToHexString()}");
}
}
}
catch (Exception ex)
{
_logger.Error($"Failure during processing {nameof(PipeIn)}, packet {p?.GetType().Name}", ex);
}
});
PipInNotifications = new ActionBlock <SynchronizerNotificationBase>(n =>
{
try
{
_logger.LogIfDebug(() => $"[{_accountId}]: notification {n.GetType().Name} {JsonConvert.SerializeObject(n, new ByteArrayJsonConverter())}");
ProcessEligibilityCommitmentsDisabled(n);
NotifyUserAttributeLastUpdate(n);
NotifyCompromisedKeyImage(n);
}
catch (Exception ex)
{
_logger.Error($"Failure during processing {nameof(PipInNotifications)}, notification {n?.GetType().Name}", ex);
}
});
}
private IUpdater CreateUtxoUpdater(long accountId, IUtxoClientCryptoService clientCryptoService, CancellationToken cancellationToken) => new UserIdentitiesUpdater(accountId, clientCryptoService, _assetsService, _dataAccessService, _identitiesHubContext, _relationsProofsValidationService, _schemeResolverService, _loggerService, cancellationToken);
public void InitializeUtxoExecutionServices(long accountId, byte[] secretSpendKey, byte[] secretViewKey, byte[] pwdSecretKey, Func <long, IUtxoClientCryptoService, CancellationToken, IUpdater> updaterFactory = null)
{
lock (_utxoPersistencyItems)
{
if (_utxoPersistencyItems.ContainsKey(accountId))
{
_logger.Info($"[{accountId}]: account already registered at UtxoPersistency");
return;
}
_logger.Info($"[{accountId}]: {nameof(InitializeUtxoExecutionServices)}");
try
{
IWitnessPackagesProvider packetsProvider = _witnessPackagesProviderRepository.GetInstance(_restApiConfiguration.WitnessProviderName);
IUtxoTransactionsService transactionsService = ActivatorUtilities.CreateInstance <UtxoTransactionsService>(_serviceProvider);
IUtxoClientCryptoService clientCryptoService = ActivatorUtilities.CreateInstance <UtxoClientCryptoService>(_serviceProvider);
IRelationsBindingService relationsBindingService = ActivatorUtilities.CreateInstance <RelationsBindingService>(_serviceProvider);
UtxoWalletSynchronizer walletSynchronizer = ActivatorUtilities.CreateInstance <UtxoWalletSynchronizer>(_serviceProvider);
UtxoWalletPacketsExtractor utxoWalletPacketsExtractor = ActivatorUtilities.CreateInstance <UtxoWalletPacketsExtractor>(_serviceProvider);
CancellationTokenSource cancellationTokenSource = new CancellationTokenSource();
packetsProvider.Initialize(accountId, cancellationTokenSource.Token);
clientCryptoService.Initialize(secretSpendKey, secretViewKey);
TaskCompletionSource <byte[]> pwdSource = new TaskCompletionSource <byte[]>();
if (pwdSecretKey != null)
{
pwdSource.SetResult(pwdSecretKey);
}
relationsBindingService.Initialize(pwdSource);
transactionsService.AccountId = accountId;
transactionsService.Initialize(clientCryptoService, relationsBindingService);
utxoWalletPacketsExtractor.AccountId = accountId;
utxoWalletPacketsExtractor.Initialize(clientCryptoService);
transactionsService.PipeOutTransactions.LinkTo(_gatewayService.PipeInTransactions);
transactionsService.PipeOutKeyImages.LinkTo(utxoWalletPacketsExtractor.PipeInKeyImages);
IUpdater userIdentitiesUpdater = updaterFactory != null?updaterFactory(accountId, clientCryptoService, cancellationTokenSource.Token) : CreateUtxoUpdater(accountId, clientCryptoService, cancellationTokenSource.Token);
walletSynchronizer.Initialize(accountId, clientCryptoService);
packetsProvider.PipeOut.LinkTo(utxoWalletPacketsExtractor.PipeIn);
utxoWalletPacketsExtractor.PipeOutPackets.LinkTo(walletSynchronizer.PipeInPackets);
utxoWalletPacketsExtractor.PipeOutProcessed.LinkTo(walletSynchronizer.PipeInPackage);
utxoWalletPacketsExtractor.PipeOutNotifications.LinkTo(userIdentitiesUpdater.PipInNotifications);
walletSynchronizer.PipeOutPackets.LinkTo(userIdentitiesUpdater.PipeIn);
walletSynchronizer.PipeOutNotifications.LinkTo(userIdentitiesUpdater.PipInNotifications);
packetsProvider.Start();
var state = new UtxoPersistency
{
AccountId = accountId,
PacketsProvider = packetsProvider,
TransactionsService = transactionsService,
ClientCryptoService = clientCryptoService,
RelationsBindingService = relationsBindingService,
PacketsExtractor = utxoWalletPacketsExtractor,
WalletSynchronizer = walletSynchronizer,
CancellationTokenSource = cancellationTokenSource,
BindingKeySource = pwdSource
};
_utxoPersistencyItems.Add(accountId, state);
}
catch (Exception ex)
{
_logger.Error($"[{accountId}]: Failure during {nameof(InitializeUtxoExecutionServices)}", ex);
throw;
}
}
}
public RelationProofsValidationResults VerifyRelationProofs(GroupsRelationsProofs relationsProofs, IUtxoClientCryptoService clientCryptoService)
{
//TODO: need to add eligibility proofs
RelationProofsValidationResults validationResults = new RelationProofsValidationResults();
clientCryptoService.DecodeEcdhTuple(relationsProofs.EcdhTuple, relationsProofs.TransactionPublicKey, out byte[] sessionKey, out byte[] imageHash);
RelationProofSession proofSession = _gatewayService.PopRelationProofSession(sessionKey.ToHexString());
byte[] image = Convert.FromBase64String(proofSession.ImageContent);
validationResults.ImageContent = proofSession.ImageContent;
byte[] imageHashFromSession = ConfidentialAssetsHelper.FastHash256(image);
validationResults.IsImageCorrect = imageHashFromSession.Equals32(imageHash);
foreach (var relationEntry in proofSession.RelationEntries)
{
bool isRelationContentMatching = false;
foreach (var relationProof in relationsProofs.RelationProofs)
{
byte[] registrationCommitment = relationProof.RelationProof.AssetCommitments[0];
byte[] groupNameCommitment = _gatewayService.GetEmployeeRecordGroup(relationProof.GroupOwner, registrationCommitment);
bool isRelationProofCorrect = groupNameCommitment != null?ConfidentialAssetsHelper.VerifySurjectionProof(relationProof.RelationProof, relationsProofs.AssetCommitment) : false;
if (isRelationProofCorrect)
{
byte[] relationAssetId = _assetsService.GenerateAssetId(AttributeType.EmployeeGroup, relationProof.GroupOwner.ToHexString() + relationEntry.RelatedAssetName);
if (ConfidentialAssetsHelper.VerifyIssuanceSurjectionProof(relationProof.GroupNameProof, groupNameCommitment, new byte[][] { relationAssetId }))
{
isRelationContentMatching = true;
break;
}
}
}
validationResults.ValidationResults.Add(new RelationProofValidationResult {
RelatedAttributeOwner = relationEntry.RelatedAssetOwnerName, RelatedAttributeContent = relationEntry.RelatedAssetName, IsRelationCorrect = isRelationContentMatching
});
}
return(validationResults);
}
