public UserIdentitiesUpdater(ulong accountId, IUtxoClientCryptoService clientCryptoService, IAssetsService assetsService, IDataAccessService externalDataAccessService, IHubContext <IdentitiesHub> idenitiesHubContext, IRelationsProofsValidationService relationsProofsValidationService, ITrackingService trackingService) { _accountId = accountId; _clientCryptoService = clientCryptoService; _assetsService = assetsService; _dataAccessService = externalDataAccessService; _idenitiesHubContext = idenitiesHubContext; _relationsProofsValidationService = relationsProofsValidationService; _trackingService = trackingService; PipeIn = new ActionBlock <PacketBase>(p => { try { if (p is TransferAssetToUtxo packet) { _clientCryptoService.DecodeEcdhTuple(packet.TransferredAsset.EcdhTuple, packet.TransactionPublicKey, out byte[] blindingFactor, out byte[] assetId); AttributeType attributeType = _assetsService.GetAttributeType(assetId); _idenitiesHubContext.Clients.Group(_accountId.ToString(CultureInfo.InvariantCulture)).SendAsync("PushAttribute", new UserAttributeDto { AttributeType = attributeType.ToString(), Source = packet.Signer.ArraySegment.Array.ToHexString(), AssetId = assetId.ToHexString(), OriginalBlindingFactor = blindingFactor.ToHexString(), OriginalCommitment = packet.TransferredAsset.AssetCommitment.ToHexString(), LastBlindingFactor = blindingFactor.ToHexString(), LastCommitment = packet.TransferredAsset.AssetCommitment.ToHexString(), LastTransactionKey = packet.TransactionPublicKey.ToHexString(), LastDestinationKey = packet.DestinationKey.ToHexString(), Validated = false, IsOverriden = false }); } else if (p is GroupsRelationsProofs relationsProofs && _clientCryptoService.CheckTarget(relationsProofs.DestinationKey2, relationsProofs.TransactionPublicKey)) { RelationProofsValidationResults validationResults = _relationsProofsValidationService.VerifyRelationProofs(relationsProofs, _clientCryptoService); _idenitiesHubContext.Clients.Group(_accountId.ToString(CultureInfo.InvariantCulture)).SendAsync("PushRelationValidation", validationResults); } } catch { } }); }
private IActionResult GetServiceProviderActionType(IUtxoClientCryptoService clientCryptoService, string actionDecoded) { ulong accountId = ulong.Parse(User.Identity.Name, CultureInfo.InvariantCulture); UriBuilder uriBuilder = new UriBuilder(actionDecoded); string actionType = uriBuilder.Uri.ParseQueryString()["actionType"]; string registrationKey; byte[] targetBytes = uriBuilder.Uri.ParseQueryString()["publicKey"]?.HexStringToByteArray(); UserRootAttribute rootAttribute = _dataAccessService.GetUserAttributes(accountId).FirstOrDefault(); if (actionType == "0") // Login and register { clientCryptoService.GetBoundedCommitment(rootAttribute.AssetId, targetBytes, out byte[] blindingFactor, out byte[] assetCommitment); registrationKey = assetCommitment.ToHexString(); NameValueCollection queryParams = uriBuilder.Uri.ParseQueryString(); queryParams["registrationKey"] = registrationKey; uriBuilder.Query = queryParams.ToString(); } else if (actionType == "1") // employee registration { registrationKey = rootAttribute.AssetId.ToHexString(); NameValueCollection queryParams = uriBuilder.Uri.ParseQueryString(); queryParams["registrationKey"] = registrationKey; uriBuilder.Query = queryParams.ToString(); } else if (actionType == "2") // document sign { } ServiceProviderActionAndValidationsDto serviceProviderActionAndValidations = uriBuilder.Uri.ToString().GetJsonAsync <ServiceProviderActionAndValidationsDto>().Result; string validationsExpression = string.Empty; if ((serviceProviderActionAndValidations.Validations?.Count ?? 0) > 0) { validationsExpression = ":" + serviceProviderActionAndValidations.Validations.JoinStrings("|"); } if (actionType == "2") { return(Ok(new { Action = "6", ActionInfo = $"{serviceProviderActionAndValidations.PublicKey}:{serviceProviderActionAndValidations.SessionKey}:{serviceProviderActionAndValidations.ExtraInfo}{validationsExpression}" })); } else { if (serviceProviderActionAndValidations.IsRegistered) { return(Ok(new { Action = actionType == "0" ? "3" : "5", ActionInfo = $"{serviceProviderActionAndValidations.PublicKey}:{serviceProviderActionAndValidations.SessionKey}:{serviceProviderActionAndValidations.ExtraInfo}{validationsExpression}" })); } else { return(Ok(new { Action = actionType == "0" ? "2" : "4", ActionInfo = $"{serviceProviderActionAndValidations.PublicKey}:{serviceProviderActionAndValidations.SessionKey}:{serviceProviderActionAndValidations.ExtraInfo}{validationsExpression}" })); } } }
public void Initialize(IExecutionContextManager executionContextManager, CancellationToken cancellationToken) { _executionContextManager = executionContextManager; ConsentManagementSettings settings = _dataAccessService.GetConsentManagementSettings(); if (settings == null) { settings = CreateNewConsentManagementServiceAccount(); } AccountDescriptor accountDescriptor = _accountsService.Authenticate(settings.AccountId, GetDefaultConsentManagementPassword()); if (accountDescriptor == null) { settings = CreateNewConsentManagementServiceAccount(); accountDescriptor = _accountsService.Authenticate(settings.AccountId, GetDefaultConsentManagementPassword()); if (accountDescriptor == null) { throw new Exception("ConsentManagementService initialization failed"); } } _accountId = accountDescriptor.AccountId; _executionContextManager .InitializeUtxoExecutionServices( accountDescriptor.AccountId, accountDescriptor.SecretSpendKey, accountDescriptor.SecretViewKey, accountDescriptor.PwdHash, new Func <long, IUtxoClientCryptoService, CancellationToken, IUpdater>( (accountId, clientCryptoService, ct) => { _clientCryptoService = clientCryptoService; return(this); })); PublicSpendKey = accountDescriptor.PublicSpendKey.ToHexString(); PublicViewKey = accountDescriptor.PublicViewKey.ToHexString(); cancellationToken.Register(() => { _executionContextManager.UnregisterExecutionServices(_accountId); }); }
public void InitializeUtxoExecutionServices(ulong accountId, byte[] secretSpendKey, byte[] secretViewKey, byte[] pwdSecretKey) { if (_utxoPersistencyItems.ContainsKey(accountId)) { return; } IPacketsProvider packetsProvider = ServiceLocator.Current.GetInstance <IPacketsProvider>(); IUtxoTransactionsService transactionsService = ServiceLocator.Current.GetInstance <UtxoTransactionsService>(); IUtxoClientCryptoService clientCryptoService = ServiceLocator.Current.GetInstance <UtxoClientCryptoService>(); UtxoWalletSynchronizer walletSynchronizer = ServiceLocator.Current.GetInstance <UtxoWalletSynchronizer>(); CancellationTokenSource cancellationTokenSource = new CancellationTokenSource(); packetsProvider.Initialize(accountId, cancellationTokenSource.Token); clientCryptoService.Initialize(secretSpendKey, secretViewKey, pwdSecretKey); transactionsService.Initialize(clientCryptoService); transactionsService.PipeOutTransactions.LinkTo(_gatewayService.PipeInTransactions); transactionsService.PipeOutKeyImages.LinkTo(walletSynchronizer.PipeInKeyImages); UserIdentitiesUpdater userIdentitiesUpdater = new UserIdentitiesUpdater(accountId, clientCryptoService, _assetsService, _dataAccessService, _identitiesHubContext, _relationsProofsValidationService, _trackingService); walletSynchronizer.Initialize(accountId, clientCryptoService, _gatewayService, cancellationTokenSource.Token); packetsProvider.PipeOut.LinkTo(walletSynchronizer.PipeIn); walletSynchronizer.PipeOut.LinkTo(userIdentitiesUpdater.PipeIn); walletSynchronizer.Start(); packetsProvider.Start(); AddSubscriberToDictionary(accountId, walletSynchronizer.Subscribe(userIdentitiesUpdater)); var state = new UtxoPersistency { AccountId = accountId, PacketsProvider = packetsProvider, TransactionsService = transactionsService, ClientCryptoService = clientCryptoService, WalletSynchronizer = walletSynchronizer, CancellationTokenSource = cancellationTokenSource }; _utxoPersistencyItems.Add(accountId, state); }
public UserIdentitiesUpdater(long accountId, IUtxoClientCryptoService clientCryptoService, IAssetsService assetsService, IDataAccessService dataAccessService, IHubContext <IdentitiesHub> idenitiesHubContext, IRelationsProofsValidationService relationsProofsValidationService, ISchemeResolverService schemeResolverService, ILoggerService loggerService, CancellationToken cancellationToken) { _accountId = accountId; _clientCryptoService = clientCryptoService; _assetsService = assetsService; _dataAccessService = dataAccessService; _idenitiesHubContext = idenitiesHubContext; _relationsProofsValidationService = relationsProofsValidationService; _schemeResolverService = schemeResolverService; _cancellationToken = cancellationToken; _cancellationToken.Register(() => { PipeIn?.Complete(); PipInNotifications?.Complete(); }); _logger = loggerService.GetLogger(nameof(UserIdentitiesUpdater)); PipeIn = new ActionBlock <PacketBase>(async p => { try { if (p is TransferAssetToUtxo packet) { _logger.LogIfDebug(() => $"[{_accountId}]: Processing {nameof(TransferAssetToUtxo)}"); UserRootAttribute userRootAttribute = _dataAccessService.GetRootAttributeByOriginalCommitment(_accountId, packet.TransferredAsset.AssetCommitment); if (userRootAttribute != null) { _clientCryptoService.DecodeEcdhTuple(packet.TransferredAsset.EcdhTuple, packet.TransactionPublicKey, out byte[] blindingFactor, out byte[] assetId); await _assetsService.GetAttributeSchemeName(assetId, packet.Signer.ToString()).ContinueWith(t => { if (t.IsCompleted && !t.IsFaulted) { _idenitiesHubContext.Clients.Group(_accountId.ToString(CultureInfo.InvariantCulture)) .SendAsync("PushAttribute", new UserAttributeDto { SchemeName = t.Result, Source = packet.Signer.ToString(), Content = userRootAttribute.Content, Validated = true, IsOverriden = false }); } }, TaskScheduler.Current).ConfigureAwait(false); await ObtainRelations(packet, assetId).ConfigureAwait(false); await ObtainRegistrations(packet, assetId).ConfigureAwait(false); } else { _logger.Error($"[{_accountId}]: No Root Attribute found by commitment {packet.TransferredAsset.AssetCommitment.ToHexString()}"); } } } catch (Exception ex) { _logger.Error($"Failure during processing {nameof(PipeIn)}, packet {p?.GetType().Name}", ex); } }); PipInNotifications = new ActionBlock <SynchronizerNotificationBase>(n => { try { _logger.LogIfDebug(() => $"[{_accountId}]: notification {n.GetType().Name} {JsonConvert.SerializeObject(n, new ByteArrayJsonConverter())}"); ProcessEligibilityCommitmentsDisabled(n); NotifyUserAttributeLastUpdate(n); NotifyCompromisedKeyImage(n); } catch (Exception ex) { _logger.Error($"Failure during processing {nameof(PipInNotifications)}, notification {n?.GetType().Name}", ex); } }); }
private IUpdater CreateUtxoUpdater(long accountId, IUtxoClientCryptoService clientCryptoService, CancellationToken cancellationToken) => new UserIdentitiesUpdater(accountId, clientCryptoService, _assetsService, _dataAccessService, _identitiesHubContext, _relationsProofsValidationService, _schemeResolverService, _loggerService, cancellationToken);
public void InitializeUtxoExecutionServices(long accountId, byte[] secretSpendKey, byte[] secretViewKey, byte[] pwdSecretKey, Func <long, IUtxoClientCryptoService, CancellationToken, IUpdater> updaterFactory = null) { lock (_utxoPersistencyItems) { if (_utxoPersistencyItems.ContainsKey(accountId)) { _logger.Info($"[{accountId}]: account already registered at UtxoPersistency"); return; } _logger.Info($"[{accountId}]: {nameof(InitializeUtxoExecutionServices)}"); try { IWitnessPackagesProvider packetsProvider = _witnessPackagesProviderRepository.GetInstance(_restApiConfiguration.WitnessProviderName); IUtxoTransactionsService transactionsService = ActivatorUtilities.CreateInstance <UtxoTransactionsService>(_serviceProvider); IUtxoClientCryptoService clientCryptoService = ActivatorUtilities.CreateInstance <UtxoClientCryptoService>(_serviceProvider); IRelationsBindingService relationsBindingService = ActivatorUtilities.CreateInstance <RelationsBindingService>(_serviceProvider); UtxoWalletSynchronizer walletSynchronizer = ActivatorUtilities.CreateInstance <UtxoWalletSynchronizer>(_serviceProvider); UtxoWalletPacketsExtractor utxoWalletPacketsExtractor = ActivatorUtilities.CreateInstance <UtxoWalletPacketsExtractor>(_serviceProvider); CancellationTokenSource cancellationTokenSource = new CancellationTokenSource(); packetsProvider.Initialize(accountId, cancellationTokenSource.Token); clientCryptoService.Initialize(secretSpendKey, secretViewKey); TaskCompletionSource <byte[]> pwdSource = new TaskCompletionSource <byte[]>(); if (pwdSecretKey != null) { pwdSource.SetResult(pwdSecretKey); } relationsBindingService.Initialize(pwdSource); transactionsService.AccountId = accountId; transactionsService.Initialize(clientCryptoService, relationsBindingService); utxoWalletPacketsExtractor.AccountId = accountId; utxoWalletPacketsExtractor.Initialize(clientCryptoService); transactionsService.PipeOutTransactions.LinkTo(_gatewayService.PipeInTransactions); transactionsService.PipeOutKeyImages.LinkTo(utxoWalletPacketsExtractor.PipeInKeyImages); IUpdater userIdentitiesUpdater = updaterFactory != null?updaterFactory(accountId, clientCryptoService, cancellationTokenSource.Token) : CreateUtxoUpdater(accountId, clientCryptoService, cancellationTokenSource.Token); walletSynchronizer.Initialize(accountId, clientCryptoService); packetsProvider.PipeOut.LinkTo(utxoWalletPacketsExtractor.PipeIn); utxoWalletPacketsExtractor.PipeOutPackets.LinkTo(walletSynchronizer.PipeInPackets); utxoWalletPacketsExtractor.PipeOutProcessed.LinkTo(walletSynchronizer.PipeInPackage); utxoWalletPacketsExtractor.PipeOutNotifications.LinkTo(userIdentitiesUpdater.PipInNotifications); walletSynchronizer.PipeOutPackets.LinkTo(userIdentitiesUpdater.PipeIn); walletSynchronizer.PipeOutNotifications.LinkTo(userIdentitiesUpdater.PipInNotifications); packetsProvider.Start(); var state = new UtxoPersistency { AccountId = accountId, PacketsProvider = packetsProvider, TransactionsService = transactionsService, ClientCryptoService = clientCryptoService, RelationsBindingService = relationsBindingService, PacketsExtractor = utxoWalletPacketsExtractor, WalletSynchronizer = walletSynchronizer, CancellationTokenSource = cancellationTokenSource, BindingKeySource = pwdSource }; _utxoPersistencyItems.Add(accountId, state); } catch (Exception ex) { _logger.Error($"[{accountId}]: Failure during {nameof(InitializeUtxoExecutionServices)}", ex); throw; } } }
public RelationProofsValidationResults VerifyRelationProofs(GroupsRelationsProofs relationsProofs, IUtxoClientCryptoService clientCryptoService) { //TODO: need to add eligibility proofs RelationProofsValidationResults validationResults = new RelationProofsValidationResults(); clientCryptoService.DecodeEcdhTuple(relationsProofs.EcdhTuple, relationsProofs.TransactionPublicKey, out byte[] sessionKey, out byte[] imageHash); RelationProofSession proofSession = _gatewayService.PopRelationProofSession(sessionKey.ToHexString()); byte[] image = Convert.FromBase64String(proofSession.ImageContent); validationResults.ImageContent = proofSession.ImageContent; byte[] imageHashFromSession = ConfidentialAssetsHelper.FastHash256(image); validationResults.IsImageCorrect = imageHashFromSession.Equals32(imageHash); foreach (var relationEntry in proofSession.RelationEntries) { bool isRelationContentMatching = false; foreach (var relationProof in relationsProofs.RelationProofs) { byte[] registrationCommitment = relationProof.RelationProof.AssetCommitments[0]; byte[] groupNameCommitment = _gatewayService.GetEmployeeRecordGroup(relationProof.GroupOwner, registrationCommitment); bool isRelationProofCorrect = groupNameCommitment != null?ConfidentialAssetsHelper.VerifySurjectionProof(relationProof.RelationProof, relationsProofs.AssetCommitment) : false; if (isRelationProofCorrect) { byte[] relationAssetId = _assetsService.GenerateAssetId(AttributeType.EmployeeGroup, relationProof.GroupOwner.ToHexString() + relationEntry.RelatedAssetName); if (ConfidentialAssetsHelper.VerifyIssuanceSurjectionProof(relationProof.GroupNameProof, groupNameCommitment, new byte[][] { relationAssetId })) { isRelationContentMatching = true; break; } } } validationResults.ValidationResults.Add(new RelationProofValidationResult { RelatedAttributeOwner = relationEntry.RelatedAssetOwnerName, RelatedAttributeContent = relationEntry.RelatedAssetName, IsRelationCorrect = isRelationContentMatching }); } return(validationResults); }