Exemplo n.º 1
0
        private async Task <string> BuildRevocationStatesAsync(IAgentContext agentContext,
                                                               IEnumerable <CredentialInfo> credentialObjects,
                                                               ProofRequest proofRequest,
                                                               RequestedCredentials requestedCredentials)
        {
            var allCredentials = new List <RequestedAttribute>();

            allCredentials.AddRange(requestedCredentials.RequestedAttributes.Values);
            allCredentials.AddRange(requestedCredentials.RequestedPredicates.Values);

            var result = new Dictionary <string, Dictionary <string, JObject> >();

            foreach (var requestedCredential in allCredentials)
            {
                // ReSharper disable once PossibleMultipleEnumeration
                var credential = credentialObjects.First(x => x.Referent == requestedCredential.CredentialId);
                if (credential.RevocationRegistryId == null ||
                    (proofRequest.NonRevoked == null))
                {
                    continue;
                }

                var registryDefinition = await LedgerService.LookupRevocationRegistryDefinitionAsync(
                    agentContext : agentContext,
                    registryId : credential.RevocationRegistryId);

                var delta = await LedgerService.LookupRevocationRegistryDeltaAsync(
                    agentContext : agentContext,
                    revocationRegistryId : credential.RevocationRegistryId,
                    // Ledger will not return correct revocation state if the 'from' field
                    // is other than 0
                    from : 0, //proofRequest.NonRevoked.From,
                    to : proofRequest.NonRevoked.To);

                var tailsfile = await TailsService.EnsureTailsExistsAsync(agentContext, credential.RevocationRegistryId);

                var tailsReader = await TailsService.OpenTailsAsync(tailsfile);

                var state = await AnonCreds.CreateRevocationStateAsync(
                    blobStorageReader : tailsReader,
                    revRegDef : registryDefinition.ObjectJson,
                    revRegDelta : delta.ObjectJson,
                    timestamp : (long)delta.Timestamp,
                    credRevId : credential.CredentialRevocationId);

                if (!result.ContainsKey(credential.RevocationRegistryId))
                {
                    result.Add(credential.RevocationRegistryId, new Dictionary <string, JObject>());
                }

                requestedCredential.Timestamp = (long)delta.Timestamp;
                if (!result[credential.RevocationRegistryId].ContainsKey($"{delta.Timestamp}"))
                {
                    result[credential.RevocationRegistryId].Add($"{delta.Timestamp}", JObject.Parse(state));
                }
            }

            return(result.ToJson());
        }
        private async Task <string> BuildRevocationStatesAsync(Pool pool,
                                                               IEnumerable <CredentialInfo> credentialObjects,
                                                               RequestedCredentials requestedCredentials)
        {
            var allCredentials = new List <RequestedAttribute>();

            allCredentials.AddRange(requestedCredentials.RequestedAttributes.Values);
            allCredentials.AddRange(requestedCredentials.RequestedPredicates.Values);

            var result = new Dictionary <string, Dictionary <string, JObject> >();

            foreach (var requestedCredential in allCredentials)
            {
                // ReSharper disable once PossibleMultipleEnumeration
                var credential = credentialObjects.First(x => x.Referent == requestedCredential.CredentialId);
                if (credential.RevocationRegistryId == null)
                {
                    continue;
                }

                var timestamp = requestedCredential.Timestamp ??
                                throw new Exception(
                                          "Timestamp must be provided for credential that supports revocation");

                if (result.ContainsKey(credential.RevocationRegistryId) &&
                    result[credential.RevocationRegistryId].ContainsKey($"{timestamp}"))
                {
                    continue;
                }

                var registryDefinition =
                    await LedgerService.LookupRevocationRegistryDefinitionAsync(pool,
                                                                                credential.RevocationRegistryId);

                var delta = await LedgerService.LookupRevocationRegistryDeltaAsync(pool,
                                                                                   credential.RevocationRegistryId, -1, timestamp);

                var tailsfile = await TailsService.EnsureTailsExistsAsync(pool, credential.RevocationRegistryId);

                var tailsReader = await TailsService.OpenTailsAsync(tailsfile);

                var state = await AnonCreds.CreateRevocationStateAsync(tailsReader, registryDefinition.ObjectJson,
                                                                       delta.ObjectJson, (long)delta.Timestamp, credential.CredentialRevocationId);

                if (!result.ContainsKey(credential.RevocationRegistryId))
                {
                    result.Add(credential.RevocationRegistryId, new Dictionary <string, JObject>());
                }

                result[credential.RevocationRegistryId].Add($"{timestamp}", JObject.Parse(state));

                // TODO: Revocation state should provide the state between a certain period
                // that can be requested in the proof request in the 'non_revocation' field.
            }

            return(result.ToJson());
        }
Exemplo n.º 3
0
        public static async Task Execute()
        {
            Console.WriteLine("Anoncreds Revocation sample -> started");

            var issuerWalletName = "issuerWallet";
            var proverWalletName = "proverWallet";

            var issuerWalletCredentials = "{\"key\":\"issuer_wallet_key\"}";
            var proverWalletCredentials = "{\"key\":\"prover_wallet_key\"}";

            var issuerDid = "NcYxiDXkpYi6ov5FcYDi1e";
            var proverDid = "VsKV7grR1BUE29mG2Fm2kX";

            try
            {
                //1. Create and Open Pool
                await PoolUtils.CreatePoolLedgerConfig();

                //2. Issuer Create and Open Wallet
                await WalletUtils.CreateWalletAsync(PoolUtils.DEFAULT_POOL_NAME, issuerWalletName, "default", null, issuerWalletCredentials);

                //3. Prover Create and Open Wallet
                await WalletUtils.CreateWalletAsync(PoolUtils.DEFAULT_POOL_NAME, proverWalletName, "default", null, proverWalletCredentials);

                // Open pool and wallets in using statements to ensure they are closed when finished.
                using (var pool = await Pool.OpenPoolLedgerAsync(PoolUtils.DEFAULT_POOL_NAME, "{}"))
                    using (var issuerWallet = await Wallet.OpenWalletAsync(issuerWalletName, null, issuerWalletCredentials))
                        using (var proverWallet = await Wallet.OpenWalletAsync(proverWalletName, null, proverWalletCredentials))
                        {
                            //4. Issuer Creates Credential Schema
                            var schemaName         = "gvt";
                            var schemaVersion      = "1.0";
                            var schemaAttributes   = "[\"name\", \"age\", \"sex\", \"height\"]";
                            var createSchemaResult = await AnonCreds.IssuerCreateSchemaAsync(issuerDid, schemaName, schemaVersion, schemaAttributes);

                            var schemaId   = createSchemaResult.SchemaId;
                            var schemaJson = createSchemaResult.SchemaJson;

                            //5. Issuer create Credential Definition
                            var credDefTag          = "Tag1";
                            var credDefConfigJson   = "{\"support_revocation\":true}";
                            var createCredDefResult = await AnonCreds.IssuerCreateAndStoreCredentialDefAsync(issuerWallet, issuerDid, schemaJson, credDefTag, null, credDefConfigJson);

                            var credDefId   = createCredDefResult.CredDefId;
                            var credDefJson = createCredDefResult.CredDefJson;

                            //6. Issuer create Revocation Registry
                            var revRegDefConfig   = "{\"issuance_type\":\"ISSUANCE_ON_DEMAND\",\"max_cred_num\":5}";
                            var tailsWriterConfig = string.Format("{{\"base_dir\":\"{0}\", \"uri_pattern\":\"\"}}", EnvironmentUtils.GetIndyHomePath("tails")).Replace('\\', '/');
                            var tailsWriter       = await BlobStorage.OpenWriterAsync("default", tailsWriterConfig);

                            var revRegDefTag       = "Tag2";
                            var createRevRegResult = await AnonCreds.IssuerCreateAndStoreRevocRegAsync(issuerWallet, issuerDid, null, revRegDefTag, credDefId, revRegDefConfig, tailsWriter);

                            var revRegId      = createRevRegResult.RevRegId;
                            var revRegDefJson = createRevRegResult.RevRegDefJson;

                            //7. Prover create Master Secret
                            var masterSecretId = await AnonCreds.ProverCreateMasterSecretAsync(proverWallet, null);

                            //8. Issuer Creates Credential Offer
                            var credOffer = await AnonCreds.IssuerCreateCredentialOfferAsync(issuerWallet, credDefId);

                            //9. Prover Creates Credential Request
                            var createCredReqResult = await AnonCreds.ProverCreateCredentialReqAsync(proverWallet, proverDid, credOffer, credDefJson, masterSecretId);

                            var credReqJson         = createCredReqResult.CredentialRequestJson;
                            var credReqMetadataJson = createCredReqResult.CredentialRequestMetadataJson;

                            //10. Issuer open Tails Reader
                            var blobStorageReaderCfg = await BlobStorage.OpenReaderAsync("default", tailsWriterConfig);

                            //11. Issuer create Credential
                            var credValuesJson = "{\n" +
                                                 "        \"sex\": {\"raw\": \"male\", \"encoded\": \"594465709955896723921094925839488742869205008160769251991705001\"},\n" +
                                                 "        \"name\": {\"raw\": \"Alex\", \"encoded\": \"1139481716457488690172217916278103335\"},\n" +
                                                 "        \"height\": {\"raw\": \"175\", \"encoded\": \"175\"},\n" +
                                                 "        \"age\": {\"raw\": \"28\", \"encoded\": \"28\"}\n" +
                                                 "    }";

                            var createCredentialResult = await AnonCreds.IssuerCreateCredentialAsync(issuerWallet, credOffer, credReqJson, credValuesJson, revRegId, blobStorageReaderCfg);

                            var credential      = createCredentialResult.CredentialJson;
                            var revRegDeltaJson = createCredentialResult.RevocRegDeltaJson;
                            var credRevId       = createCredentialResult.RevocId;

                            //12. Prover Stores Credential
                            await AnonCreds.ProverStoreCredentialAsync(proverWallet, null, credReqMetadataJson, credential, credDefJson, revRegDefJson);

                            //13. Prover Gets Credentials for Proof Request
                            var proofRequestJson = "{\n" +
                                                   "                   \"nonce\":\"123432421212\",\n" +
                                                   "                   \"name\":\"proof_req_1\",\n" +
                                                   "                   \"version\":\"0.1\", " +
                                                   "                   \"requested_attributes\":{" +
                                                   "                          \"attr1_referent\":{\"name\":\"name\"}" +
                                                   "                    },\n" +
                                                   "                    \"requested_predicates\":{" +
                                                   "                          \"predicate1_referent\":{\"name\":\"age\",\"p_type\":\">=\",\"p_value\":18}" +
                                                   "                    }" +
                                                   "               }";

                            var credentialsForProofJson = await AnonCreds.ProverGetCredentialsForProofReqAsync(proverWallet, proofRequestJson);

                            var credentials              = JObject.Parse(credentialsForProofJson);
                            var credentialsForAttr1      = (JArray)credentials["attrs"]["attr1_referent"];
                            var credentialsForPredicate1 = (JArray)credentials["predicates"]["predicate1_referent"];

                            var credIdForAttr1 = credentialsForAttr1[0]["cred_info"]["referent"].ToObject <string>();
                            var credIdForPred1 = credentialsForPredicate1[0]["cred_info"]["referent"].ToObject <string>();

                            //14. Prover create RevocationState
                            long timestamp    = 100;
                            var  revStateJson = await AnonCreds.CreateRevocationStateAsync(blobStorageReaderCfg, revRegDefJson, revRegDeltaJson, timestamp, credRevId);

                            //15. Prover Creates Proof
                            var requestedCredentialsJson = string.Format("{{" +
                                                                         "\"self_attested_attributes\":{{}}," +
                                                                         "\"requested_attributes\":{{\"attr1_referent\":{{\"cred_id\":\"{0}\", \"revealed\":true, \"timestamp\":{1} }}}}," +
                                                                         "\"requested_predicates\":{{\"predicate1_referent\":{{\"cred_id\":\"{2}\", \"timestamp\":{3}}}}}" +
                                                                         "}}", credIdForAttr1, timestamp, credIdForPred1, timestamp);

                            var schemas        = string.Format("{{\"{0}\":{1}}}", schemaId, schemaJson);
                            var credentialDefs = string.Format("{{\"{0}\":{1}}}", credDefId, credDefJson);
                            var revStates      = string.Format("{{\"{0}\": {{ \"{1}\":{2} }}}}", revRegId, timestamp, revStateJson);

                            var proofJson = await AnonCreds.ProverCreateProofAsync(proverWallet, proofRequestJson, requestedCredentialsJson, masterSecretId, schemas, credentialDefs, revStates);

                            var proof = JObject.Parse(proofJson);

                            //16. Verifier verify Proof
                            var revealedAttr1 = proof["requested_proof"]["revealed_attrs"]["attr1_referent"];
                            Debug.Assert("Alex" == revealedAttr1["raw"].ToObject <string>());

                            var revRegDefs = string.Format("{{\"{0}\":{1}}}", revRegId, revRegDefJson);
                            var revRegs    = string.Format("{{\"{0}\": {{ \"{1}\":{2} }}}}", revRegId, timestamp, revRegDeltaJson);

                            var valid = await AnonCreds.VerifierVerifyProofAsync(proofRequestJson, proofJson, schemas, credentialDefs, revRegDefs, revRegs);

                            Debug.Assert(valid);

                            await issuerWallet.CloseAsync();

                            await proverWallet.CloseAsync();

                            await pool.CloseAsync();
                        }
            }
            finally
            {
                //17. Delete wallets and Pool ledger config
                await WalletUtils.DeleteWalletAsync(issuerWalletName, issuerWalletCredentials);

                await WalletUtils.DeleteWalletAsync(proverWalletName, proverWalletCredentials);

                await PoolUtils.DeletePoolLedgerConfigAsync(PoolUtils.DEFAULT_POOL_NAME);
            }

            Console.WriteLine("Anoncreds Revocation sample -> completed");
        }
        public async Task TestIssuerRevokeProofWorks()
        {
            // Create wallet, get wallet handle
            var walletConfig = JsonConvert.SerializeObject(new { id = "revocationWallet" });
            await Wallet.CreateWalletAsync(walletConfig, CREDENTIALS);

            var wallet = await Wallet.OpenWalletAsync(walletConfig, CREDENTIALS);

            // Issuer create Schema
            var createSchemaResult = await AnonCreds.IssuerCreateSchemaAsync(issuerDid, gvtSchemaName, schemaVersion, gvtSchemaAttributes);

            var schemaId   = createSchemaResult.SchemaId;
            var schemaJson = createSchemaResult.SchemaJson;

            // Issuer create issuer1GvtCredential definition
            var revocationCredentialDefConfig = "{\"support_revocation\":true}";
            var createCredentialDefResult     = await AnonCreds.IssuerCreateAndStoreCredentialDefAsync(wallet, issuerDid, schemaJson, tag, null, revocationCredentialDefConfig);

            var credDefId   = createCredentialDefResult.CredDefId;
            var credDefJson = createCredentialDefResult.CredDefJson;

            // Issuer create revocation registry
            var tailsWriter = await BlobStorage.OpenWriterAsync("default", tailsWriterConfig);

            var revRegConfig       = "{\"issuance_type\":null,\"max_cred_num\":5}";
            var createRevRegResult = await AnonCreds.IssuerCreateAndStoreRevocRegAsync(wallet, issuerDid, null, tag, credDefId, revRegConfig, tailsWriter);

            var revRegId  = createRevRegResult.RevRegId;
            var revRegDef = createRevRegResult.RevRegDefJson;

            // Prover create Master Secret
            await AnonCreds.ProverCreateMasterSecretAsync(wallet, masterSecretId);

            // Issuer create Credential Offer
            var credOfferJson = await AnonCreds.IssuerCreateCredentialOfferAsync(wallet, credDefId);

            // Prover create Credential Request
            var createCredReqResult =
                await AnonCreds.ProverCreateCredentialReqAsync(wallet, proverDid, credOfferJson, credDefJson, masterSecretId);

            var credentialReqJson         = createCredReqResult.CredentialRequestJson;
            var credentialReqMetadataJson = createCredReqResult.CredentialRequestMetadataJson;

            // Issuer open TailsReader
            var blobReader = await BlobStorage.OpenReaderAsync("default", tailsWriterConfig);

            //9. Issuer create Credential
            var createCredentialResult = await AnonCreds.IssuerCreateCredentialAsync(wallet, credOfferJson, credentialReqJson, gvtCredentialValuesJson, revRegId, blobReader);

            var credJson    = createCredentialResult.CredentialJson;
            var credRevocId = createCredentialResult.RevocId;
            var revRegDelta = createCredentialResult.RevocRegDeltaJson;

            // Prover create RevocationState
            var timestamp    = 100;
            var revStateJson = await AnonCreds.CreateRevocationStateAsync(blobReader, revRegDef, revRegDelta, timestamp, credRevocId);

            // Prover store received Credential
            await AnonCreds.ProverStoreCredentialAsync(wallet, credentialId1, credentialReqMetadataJson, credJson, credDefJson, revRegDef);

            // Prover gets Credentials for Proof Request
            var credentialsJson = await AnonCreds.ProverGetCredentialsForProofReqAsync(wallet, proofRequest);

            var credentials         = JObject.Parse(credentialsJson);
            var credentialsForAttr1 = credentials["attrs"]["attr1_referent"];

            var credentialUuid = credentialsForAttr1[0]["cred_info"]["referent"];

            // Prover create Proof
            var requestedCredentialsJson = string.Format("{{" +
                                                         "\"self_attested_attributes\":{{}}," +
                                                         "\"requested_attributes\":{{\"attr1_referent\":{{\"cred_id\":\"{0}\", \"revealed\":true, \"timestamp\":{1} }}}}," +
                                                         "\"requested_predicates\":{{\"predicate1_referent\":{{\"cred_id\":\"{2}\", \"timestamp\":{3}}}}}" +
                                                         "}}", credentialUuid, timestamp, credentialUuid, timestamp);

            var schemasJson        = JObject.Parse(string.Format("{{\"{0}\":{1}}}", schemaId, schemaJson)).ToString();
            var credentialDefsJson = JObject.Parse(string.Format("{{\"{0}\":{1}}}", credDefId, credDefJson)).ToString();
            var revStatesJson      = JObject.Parse(string.Format("{{\"{0}\":{{\"{1}\":{2}}}}}", revRegId, timestamp, revStateJson)).ToString();

            var proofJson = await AnonCreds.ProverCreateProofAsync(wallet, proofRequest, requestedCredentialsJson, masterSecretId, schemasJson, credentialDefsJson, revStatesJson);

            var proof = JObject.Parse(proofJson);

            // Issuer revoke Credential
            revRegDelta = await AnonCreds.IssuerRevokeCredentialAsync(wallet, blobReader, revRegId, credRevocId);

            // Verifier verify proof
            var revealedAttr1 = proof["requested_proof"]["revealed_attrs"]["attr1_referent"];

            Assert.AreEqual("Alex", revealedAttr1["raw"]);

            var revRegDefsJson = JObject.Parse(string.Format("{{\"{0}\":{1}}}", revRegId, revRegDef)).ToString();
            var revRegs        = JObject.Parse(string.Format("{{\"{0}\":{{\"{1}\":{2}}}}}", revRegId, timestamp, revRegDelta)).ToString();

            var valid = await AnonCreds.VerifierVerifyProofAsync(proofRequest, proofJson, schemasJson, credentialDefsJson, revRegDefsJson, revRegs);

            Assert.IsFalse(valid);

            //// Close and Delete Wallet
            await wallet.CloseAsync();

            await Wallet.DeleteWalletAsync(walletConfig, CREDENTIALS);
        }
Exemplo n.º 5
0
        public async Task testAnoncredsRevocationInteractionIssuanceByDefault()
        {
            // Issuer create DID
            var trusteeDidInfo = await Did.CreateAndStoreMyDidAsync(this.wallet, JsonConvert.SerializeObject(new { seed = TRUSTEE_SEED }));

            var issuerDidInfo = await Did.CreateAndStoreMyDidAsync(this.wallet, "{}");

            var nymRequest = await Ledger.BuildNymRequestAsync(trusteeDidInfo.Did, issuerDidInfo.Did,
                                                               issuerDidInfo.VerKey, null, "TRUSTEE");

            await Ledger.SignAndSubmitRequestAsync(pool, wallet, trusteeDidInfo.Did, nymRequest);

            var issuerDid = issuerDidInfo.Did;

            // Prover create DID
            var proverDidInfo = await Did.CreateAndStoreMyDidAsync(proverWallet, "{}");

            var proverDid    = proverDidInfo.Did;
            var proverVerkey = proverDidInfo.VerKey;

            // Issuer publish Prover DID
            nymRequest = await Ledger.BuildNymRequestAsync(issuerDid, proverDid, proverVerkey, null, null);

            await Ledger.SignAndSubmitRequestAsync(pool, wallet, issuerDid, nymRequest);

            // ISSUER post to Ledger Schema, CredentialDefinition, RevocationRegistry

            // Issuer creates Schema
            var schemaInfo =
                await AnonCreds.IssuerCreateSchemaAsync(issuerDidInfo.Did, GVT_SCHEMA_NAME,
                                                        SCHEMA_VERSION, GVT_SCHEMA_ATTRIBUTES);

            var schemaJson = schemaInfo.SchemaJson;

            // Issuer posts Schema to Ledger
            var schemaRequest = await Ledger.BuildSchemaRequestAsync(issuerDid, schemaJson);

            await Ledger.SignAndSubmitRequestAsync(pool, wallet, issuerDid, schemaRequest);

            // Issuer get Schema from Ledger
            var getSchemaRequest = await Ledger.BuildGetSchemaRequestAsync(issuerDid, schemaInfo.SchemaId);

            var getSchemaResponse = await PoolUtils.EnsurePreviousRequestAppliedAsync(pool, getSchemaRequest, response => {
                var getSchemaResponseObject = JObject.Parse(response);
                return(getSchemaResponseObject["result"]["seqNo"] != null);
            });

            // !!IMPORTANT!!
            // It is important to get Schema from Ledger and parse it to get the correct schema JSON and correspondent id in Ledger
            // After that we can create CredentialDefinition for received Schema(not for result of indy_issuer_create_schema)

            ParseResponseResult schemaInfo1 = await Ledger.ParseGetSchemaResponseAsync(getSchemaResponse);

            schemaJson = schemaInfo1.ObjectJson;

            // Issuer creates CredentialDefinition

            var credDefInfo =
                await AnonCreds.IssuerCreateAndStoreCredentialDefAsync(wallet, issuerDid, schemaJson,
                                                                       TAG, null, JsonConvert.SerializeObject(new { support_revocation = true }));

            var credDefId   = credDefInfo.CredDefId;
            var credDefJson = credDefInfo.CredDefJson;

            // Issuer post CredentialDefinition to Ledger
            var credDefRequest = await Ledger.BuildCredDefRequestAsync(issuerDid, credDefJson);

            await Ledger.SignAndSubmitRequestAsync(pool, wallet, issuerDid, credDefRequest);

            // Issuer creates RevocationRegistry
            /* FIXME: getIndyHomePath hard coded forward slash "/". It will not work for Windows. */
            var tailsWriterConfig = JsonConvert.SerializeObject(
                new
            {
                base_dir    = EnvironmentUtils.GetIndyHomePath("tails"),
                uri_pattern = string.Empty
            }
                );

            var tailsWriterHandle = await BlobStorage.OpenWriterAsync("default", tailsWriterConfig);

            var revRegInfo =
                await AnonCreds.IssuerCreateAndStoreRevocRegAsync(wallet, issuerDid, null, TAG,
                                                                  credDefId,
                                                                  JsonConvert.SerializeObject(new { max_cred_num = 5, issuance_type = "ISSUANCE_BY_DEFAULT" }),
                                                                  tailsWriterHandle);

            var revRegId        = revRegInfo.RevRegId;
            var revRegDefJson   = revRegInfo.RevRegDefJson;
            var revRegEntryJson = revRegInfo.RevRegEntryJson;

            // Issuer posts RevocationRegistryDefinition to Ledger
            var revRegDefRequest = await Ledger.BuildRevocRegDefRequestAsync(issuerDid, revRegDefJson);

            await Ledger.SignAndSubmitRequestAsync(pool, wallet, issuerDid, revRegDefRequest);

            // Issuer posts RevocationRegistryEntry to Ledger
            var revRegEntryRequest = await Ledger.BuildRevocRegEntryRequestAsync(issuerDid, revRegId, REVOC_REG_TYPE, revRegEntryJson);

            await Ledger.SignAndSubmitRequestAsync(pool, wallet, issuerDid, revRegEntryRequest);

            // Issuance Credential for Prover

            // Prover creates Master Secret
            await AnonCreds.ProverCreateMasterSecretAsync(proverWallet, COMMON_MASTER_SECRET);

            // Issuer creates Credential Offer
            var credOfferJson = await AnonCreds.IssuerCreateCredentialOfferAsync(wallet, credDefId);

            // Prover gets CredentialDefinition from Ledger
            var getCredDefRequest = await Ledger.BuildGetCredDefRequestAsync(proverDid, credDefInfo.CredDefId);

            var getCredDefResponse = await Ledger.SubmitRequestAsync(pool, getCredDefRequest);

            ParseResponseResult credDefIdInfo = await Ledger.ParseGetCredDefResponseAsync(getCredDefResponse);

            credDefId   = credDefIdInfo.Id;
            credDefJson = credDefIdInfo.ObjectJson;

            // Prover creates Credential Request
            var credReqInfo =
                await AnonCreds.ProverCreateCredentialReqAsync(proverWallet, proverDid, credOfferJson,
                                                               credDefJson, COMMON_MASTER_SECRET);

            var credReqJson         = credReqInfo.CredentialRequestJson;
            var credReqMetadataJson = credReqInfo.CredentialRequestMetadataJson;

            // Issuer creates TailsReader
            BlobStorageReader blobStorageReader = await BlobStorage.OpenReaderAsync(TYPE, tailsWriterConfig);

            // Issuer creates Credential
            // Issuer must not post rev_reg_delta to ledger for ISSUANCE_BY_DEFAULT strategy

            var credRegInfo =
                await AnonCreds.IssuerCreateCredentialAsync(wallet, credOfferJson, credReqJson,
                                                            GVT_CRED_VALUES, revRegId,
                                                            blobStorageReader);

            var credJson  = credRegInfo.CredentialJson;
            var credRevId = credRegInfo.RevocId;

            // Prover gets RevocationRegistryDefinition
            var getRevRegDefRequest = await Ledger.BuildGetRevocRegDefRequestAsync(proverDid, revRegId);

            var getRevRegDefResponse = await Ledger.SubmitRequestAsync(pool, getRevRegDefRequest);

            ParseResponseResult revRegInfo1 = await Ledger.ParseGetRevocRegDefResponseAsync(getRevRegDefResponse);

            revRegId = revRegInfo1.Id;
            var revocRegDefJson = revRegInfo1.ObjectJson;

            // Prover store received Credential

            await AnonCreds.ProverStoreCredentialAsync(proverWallet, "credential1_id",
                                                       credReqMetadataJson, credJson, credDefJson,
                                                       revocRegDefJson);

            // Verifying Prover Credential
            Thread.Sleep(3000);

            long to = (long)(DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalMilliseconds / 1000;

            var proofRequest = JsonConvert.SerializeObject(
                new
            {
                nonce   = "123432421212",
                name    = "proof_req_1",
                version = "0.1",
                requested_attributes = new
                {
                    attr1_referent = new
                    {
                        name = "name"
                    }
                },
                requested_predicates = new
                {
                    predicate1_referent = new
                    {
                        name    = "age",
                        p_type  = ">=",
                        p_value = 18
                    }
                },
                non_revoked = new
                {
                    to = to
                }
            }
                );

            // Prover gets Claims for Proof Request

            var credentialsJson = await AnonCreds.ProverGetCredentialsForProofReqAsync(proverWallet, proofRequest);

            var credentials      = JObject.Parse(credentialsJson);
            var credsForReferent = (JArray)credentials["attrs"]["attr1_referent"];
            var credential       = credsForReferent[0]["cred_info"];

            // Prover gets RevocationRegistryDelta from Ledger

            /* FIXME */
            var getRevRegDeltaRequest = await Ledger.BuildGetRevocRegDeltaRequestAsync(proverDid, revRegId, -1, (int)to);

            var getRevRegDeltaResponse = await Ledger.SubmitRequestAsync(pool, getRevRegDeltaRequest);

            var revRegInfo2 = await Ledger.ParseGetRevocRegDeltaResponseAsync(getRevRegDeltaResponse);

            revRegId = revRegInfo2.Id;
            var revocRegDeltaJson = revRegInfo2.ObjectJson;

            // Prover creates RevocationState
            var timestamp = to;

            var revStateJson = await AnonCreds.CreateRevocationStateAsync(blobStorageReader,
                                                                          revocRegDefJson, revocRegDeltaJson, (int)timestamp, credRevId);

            // Prover gets Schema from Ledger
            getSchemaRequest = await Ledger.BuildGetSchemaRequestAsync(proverDid, schemaInfo1.Id);

            getSchemaResponse = await Ledger.SubmitRequestAsync(pool, getSchemaRequest);

            ParseResponseResult schemaInfo2 = await Ledger.ParseGetSchemaResponseAsync(getSchemaResponse);

            var schemaId = schemaInfo2.Id;

            schemaJson = schemaInfo2.ObjectJson;

            // Prover creates Proof
            var requestedCredentialsJson = JsonConvert.SerializeObject(
                new
            {
                self_attested_attributes = new { },
                requested_attributes     = new
                {
                    attr1_referent = new
                    {
                        cred_id   = credential["referent"],
                        timestamp = timestamp,
                        revealed  = true
                    }
                },
                requested_predicates = new
                {
                    predicate1_referent = new
                    {
                        cred_id   = credential["referent"],
                        timestamp = timestamp
                    }
                }
            }
                );


            var schemasJson   = new JObject(new JProperty(schemaId, JObject.Parse(schemaJson))).ToString();
            var credDefsJson  = new JObject(new JProperty(credDefId, JObject.Parse(credDefJson))).ToString();
            var revStatesJson = new JObject(new JProperty(revRegId, new JObject(new JProperty(timestamp.ToString(), JObject.Parse(revStateJson))))).ToString();

            var proofJson = await AnonCreds.ProverCreateProofAsync(proverWallet, proofRequest,
                                                                   requestedCredentialsJson, COMMON_MASTER_SECRET,
                                                                   schemasJson, credDefsJson, revStatesJson);


            var proof = JObject.Parse(proofJson);

            // Verifier gets RevocationRegistry from Ledger

            var getRevRegReq = await Ledger.BuildGetRevocRegRequestAsync(DID_MY1, revRegId, (int)timestamp);

            var getRevRegResp = await Ledger.SubmitRequestAsync(pool, getRevRegReq);

            var revRegInfo3 = await Ledger.ParseGetRevocRegResponseAsync(getRevRegResp);

            revRegId = revRegInfo3.Id;
            var revRegJson = revRegInfo3.ObjectJson;

            // Verifier verifies proof
            Assert.AreNotEqual("Alex", proof["requested_proof"]["revealed_attrs"]["attr1_referent"].ToString());

            var revRegDefsJson = new JObject(new JProperty(revRegId, JObject.Parse(revRegDefJson))).ToString();
            var revRegsJson    = new JObject(new JProperty(revRegId, new JObject(new JProperty(timestamp.ToString(), JObject.Parse(revRegJson))))).ToString();

            var valid = await AnonCreds.VerifierVerifyProofAsync(proofRequest,
                                                                 proofJson,
                                                                 schemasJson,
                                                                 credDefsJson,
                                                                 revRegDefsJson,
                                                                 revRegsJson);

            Assert.IsTrue(valid);

            // Issuer revokes credential
            var revRegDeltaJson = await AnonCreds.IssuerRevokeCredentialAsync(wallet,
                                                                              blobStorageReader,
                                                                              revRegId, credRevId);

            // Issuer post RevocationRegistryDelta to Ledger
            revRegEntryRequest = await Ledger.BuildRevocRegEntryRequestAsync(issuerDid, revRegId, REVOC_REG_TYPE, revRegDeltaJson);

            await Ledger.SignAndSubmitRequestAsync(pool, wallet, issuerDid, revRegEntryRequest);

            // Verifying Prover Credential after Revocation
            Thread.Sleep(3000);

            long from = to;

            to = (long)(DateTime.UtcNow - new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc)).TotalMilliseconds / 1000;

            // Prover gets RevocationRegistryDelta from Ledger
            getRevRegDeltaRequest = await Ledger.BuildGetRevocRegDeltaRequestAsync(proverDid, revRegId, (int)from, (int)to);

            getRevRegDeltaResponse = await Ledger.SubmitRequestAsync(pool, getRevRegDeltaRequest);

            var revRegInfo4 = await Ledger.ParseGetRevocRegDeltaResponseAsync(getRevRegDeltaResponse);

            revRegId          = revRegInfo4.Id;
            revocRegDeltaJson = revRegInfo4.ObjectJson;
            timestamp         = (long)revRegInfo4.Timestamp;

            // Prover creates RevocationState
            revStateJson = await AnonCreds.CreateRevocationStateAsync(blobStorageReader,
                                                                      revocRegDefJson, revocRegDeltaJson, (int)timestamp, credRevId);

            requestedCredentialsJson = JsonConvert.SerializeObject(
                new
            {
                self_attested_attributes = new { },
                requested_attributes     = new
                {
                    attr1_referent = new
                    {
                        cred_id   = credential["referent"],
                        timestamp = timestamp,
                        revealed  = true
                    }
                },
                requested_predicates = new
                {
                    predicate1_referent = new
                    {
                        cred_id   = credential["referent"],
                        timestamp = timestamp
                    }
                }
            }
                );

            revStatesJson = new JObject(new JProperty(revRegId, new JObject(new JProperty(timestamp.ToString(), JObject.Parse(revStateJson))))).ToString();

            proofJson = await AnonCreds.ProverCreateProofAsync(proverWallet,
                                                               proofRequest,
                                                               requestedCredentialsJson,
                                                               COMMON_MASTER_SECRET,
                                                               schemasJson,
                                                               credDefsJson,
                                                               revStatesJson);

            // Verifier gets RevocationRegistry from Ledger
            getRevRegReq = await Ledger.BuildGetRevocRegRequestAsync(DID_MY1, revRegId, (int)timestamp);

            getRevRegResp = await Ledger.SubmitRequestAsync(pool, getRevRegReq);

            var revRegInfo5 = await Ledger.ParseGetRevocRegResponseAsync(getRevRegResp);

            revRegId   = revRegInfo5.Id;
            revRegJson = revRegInfo5.ObjectJson;
            timestamp  = (long)revRegInfo5.Timestamp;

            revRegsJson = new JObject(new JProperty(revRegId, new JObject(new JProperty(timestamp.ToString(), JObject.Parse(revRegJson))))).ToString();

            valid = await AnonCreds.VerifierVerifyProofAsync(proofRequest,
                                                             proofJson,
                                                             schemasJson,
                                                             credDefsJson,
                                                             revRegDefsJson,
                                                             revRegsJson);

            Assert.IsFalse(valid);
        }
Exemplo n.º 6
0
        public async Task TestAnonCredsWorksForRevocationProof()
        {
            // Issuer create Schema
            var createSchemaResult = await AnonCreds.IssuerCreateSchemaAsync(issuerDid, GVT_SCHEMA_NAME, SCHEMA_VERSION, GVT_SCHEMA_ATTRIBUTES);

            var gvtSchemaId = createSchemaResult.SchemaId;
            var schemaJson  = createSchemaResult.SchemaJson;

            // Issuer create credential definition
            var revocationCredentialDefConfig = JsonConvert.SerializeObject(new { support_revocation = true });
            var createCredentialDefResult     = await AnonCreds.IssuerCreateAndStoreCredentialDefAsync(issuerWallet, issuerDid, schemaJson, TAG, null, revocationCredentialDefConfig);

            var credDefId = createCredentialDefResult.CredDefId;
            var credDef   = createCredentialDefResult.CredDefJson;

            // Issuer create revocation registry
            var revRegConfig      = JsonConvert.SerializeObject(new { issuance_type = (object)null, max_cred_num = 5 });
            var tailsWriterConfig = JsonConvert.SerializeObject(
                new
            {
                base_dir    = EnvironmentUtils.GetIndyHomePath("tails"),
                uri_pattern = string.Empty
            }
                );
            var tailsWriter = await BlobStorage.OpenWriterAsync("default", tailsWriterConfig);

            var createRevRegResult = await AnonCreds.IssuerCreateAndStoreRevocRegAsync(issuerWallet, issuerDid, null, TAG, credDefId, revRegConfig, tailsWriter);

            var revRegId  = createRevRegResult.RevRegId;
            var revRegDef = createRevRegResult.RevRegDefJson;

            // Prover create Master Secret
            await AnonCreds.ProverCreateMasterSecretAsync(proverWallet, masterSecretId);

            // Issuer create Credential Offer
            var credOffer = await AnonCreds.IssuerCreateCredentialOfferAsync(issuerWallet, credDefId);

            // Prover create Credential Request
            var createCredReqResult = await AnonCreds.ProverCreateCredentialReqAsync(proverWallet, proverDid, credOffer, credDef, masterSecretId);

            var credReq         = createCredReqResult.CredentialRequestJson;
            var credReqMetadata = createCredReqResult.CredentialRequestMetadataJson;

            // Issuer open TailsReader
            var blobStorageReader = await BlobStorage.OpenReaderAsync("default", tailsWriterConfig);

            // Issuer create Credential
            var createCredentialResult = await AnonCreds.IssuerCreateCredentialAsync(issuerWallet, credOffer, credReq, gvtCredentialValues, revRegId, blobStorageReader);

            var credential  = createCredentialResult.CredentialJson;
            var revRegDelta = createCredentialResult.RevocRegDeltaJson;
            var credRevId   = createCredentialResult.RevocId;

            // Prover store received Credential
            await AnonCreds.ProverStoreCredentialAsync(proverWallet, credentialId1, credReqMetadata, credential, credDef, revRegDef);

            // Prover gets Credentials for Proof Request
            var proofRequestJson = JsonConvert.SerializeObject(
                new
            {
                nonce   = "123432421212",
                name    = "proof_req_1",
                version = "0.1",
                requested_attributes = new
                {
                    attr1_referent = new { name = "name" },
                },
                requested_predicates = new
                {
                    predicate1_referent = new { name = "age", p_type = ">=", p_value = 18 },
                }
            }
                );

            var credentialsJson = await AnonCreds.ProverGetCredentialsForProofReqAsync(proverWallet, proofRequestJson);

            var credentials         = JObject.Parse(credentialsJson);
            var credentialsForAttr1 = (JArray)credentials["attrs"]["attr1_referent"];

            var credentialUuid = credentialsForAttr1[0]["cred_info"]["referent"];

            // Prover create RevocationState
            int timestamp    = 100;
            var revStateJson = await AnonCreds.CreateRevocationStateAsync(blobStorageReader, revRegDef, revRegDelta, timestamp, credRevId);


            // Prover create Proof
            var requestedCredentialsJson = JsonConvert.SerializeObject(
                new
            {
                self_attested_attributes = new { },
                requested_attributes     = new
                {
                    attr1_referent = new { cred_id = credentialUuid, revealed = true, timestamp = timestamp },
                },
                requested_predicates = new
                {
                    predicate1_referent = new { cred_id = credentialUuid, timestamp = timestamp },
                }
            }
                );

            var schemas        = new JObject(new JProperty(gvtSchemaId, JObject.Parse(schemaJson))).ToString();
            var credentialDefs = new JObject(new JProperty(credDefId, JObject.Parse(credDef))).ToString();
            var revStates      = new JObject(new JProperty(revRegId, new JObject(new JProperty(timestamp.ToString(), JObject.Parse(revStateJson))))).ToString();

            var proofJson = await AnonCreds.ProverCreateProofAsync(proverWallet, proofRequestJson, requestedCredentialsJson, masterSecretId, schemas,
                                                                   credentialDefs, revStates);

            var proof = JObject.Parse(proofJson);

            // Verifier verify proof
            var revealedAttr1 = proof["requested_proof"]["revealed_attrs"]["attr1_referent"];

            Assert.AreEqual("Alex", revealedAttr1["raw"]);

            var revRegDefs = new JObject(new JProperty(revRegId, JObject.Parse(revRegDef))).ToString();
            var revRegs    = new JObject(new JProperty(revRegId, new JObject(new JProperty(timestamp.ToString(), JObject.Parse(revRegDelta))))).ToString();

            var valid = await AnonCreds.VerifierVerifyProofAsync(proofRequestJson, proofJson, schemas, credentialDefs, revRegDefs, revRegs);

            Assert.IsTrue(valid);
        }