private void ProcessAuthentication(TransitionAuthenticationProofs transitionAuthentication) { _clientCryptoService.DecodeEcdhTuple(transitionAuthentication.EncodedPayload, transitionAuthentication.TransactionPublicKey, out byte[] bf, out byte[] assetId, out byte[] issuer, out byte[] payload); string sessionKey = payload.ToHexString(); bool isAuthenticationProofValid = ConfidentialAssetsHelper.VerifySurjectionProof(transitionAuthentication.AuthenticationProof, transitionAuthentication.AssetCommitment); if (isAuthenticationProofValid && _dataAccessService.GetServiceProviderRegistrationId(_accountId, transitionAuthentication.AuthenticationProof.AssetCommitments[0], out ulong id)) { bool isEligibilityCorrect = CheckEligibilityProofs(transitionAuthentication.AssetCommitment, transitionAuthentication.EligibilityProof, issuer); if (isEligibilityCorrect) { ProceedCorrectAuthentication(transitionAuthentication, sessionKey); } else { _idenitiesHubContext.Clients.Group(sessionKey).SendAsync("PushSpAuthorizationFailed", new { Code = 2, Message = "Eligibility proofs were wrong" }); } } else { _idenitiesHubContext.Clients.Group(sessionKey).SendAsync("PushSpAuthorizationFailed", new { Code = 1, Message = "User is not registered" }); } }
private void ProceedCorrectAuthentication(TransitionAuthenticationProofs transitionAuthentication, string sessionKey) { byte[] keyImage = transitionAuthentication.KeyImage.Value.ToArray(); if (!_keyImageToSessonKeyMap.ContainsKey(keyImage)) { _keyImageToSessonKeyMap.Add(keyImage, sessionKey); } //TODO: here goes logic of successfull authentication var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appConfig.GetString("appSettings:secret")); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, sessionKey), new Claim(ClaimTypes.Role, "spuser") }), Expires = DateTime.UtcNow.AddDays(7), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); _idenitiesHubContext.Clients.Group(sessionKey).SendAsync("PushSpAuthorizationSucceeded", new { Token = tokenString }); }
protected override Memory <byte> ParseUtxoConfidential(ushort version, Memory <byte> spanBody, out UtxoConfidentialBase utxoConfidentialBase) { UtxoConfidentialBase block = null; if (version == 1) { int readBytes = 0; ReadCommitment(ref spanBody, ref readBytes, out byte[] assetCommitment); ReadEcdhTupleProofs(ref spanBody, ref readBytes, out EcdhTupleProofs ecdhTuple); ReadSurjectionProof(ref spanBody, ref readBytes, out SurjectionProof ownershipProofs); ReadSurjectionProof(ref spanBody, ref readBytes, out SurjectionProof eligibilityProofs); ReadSurjectionProof(ref spanBody, ref readBytes, out SurjectionProof authenticationProofs); block = new TransitionAuthenticationProofs { AssetCommitment = assetCommitment, EncodedPayload = ecdhTuple, OwnershipProof = ownershipProofs, EligibilityProof = eligibilityProofs, AuthenticationProof = authenticationProofs }; utxoConfidentialBase = block; return(spanBody.Slice(readBytes)); } throw new BlockVersionNotSupportedException(version, BlockType); }