Support ADA RFC 004 Data Agreement Proofs protocol (Audit functions)

Signed-off-by: George J Padayatti <[email protected]>

Author: georgepadayatti

mydata_did/v1_0/handlers/data_agreement_verify_handler.py

@@ -0,0 +1,185 @@
+from aries_cloudagent.messaging.base_handler import BaseHandler, BaseResponder, RequestContext
+from aries_cloudagent.storage.record import StorageRecord
+from aries_cloudagent.wallet.base import BaseWallet
+from aries_cloudagent.wallet.indy import IndyWallet
+
+from ..messages.data_agreement_verify import DataAgreementVerify
+from ..messages.data_agreement_verify_response import DataAgreementVerifyResponse
+from ..models.exchange_records.data_agreement_record import DataAgreementV1Record
+from ..manager import ADAManager, ADAManagerError
+from ..utils.did.mydata_did import DIDMyData
+from ..utils.jsonld.data_agreement import verify_data_agreement, verify_data_agreement_with_proof_chain
+from ..models.exchange_records.auditor_didcomm_transaction_record import AuditorDIDCommTransactionRecord
+
+import json
+
+
+class DataAgreementVerifyHandler(BaseHandler):
+    """
+    Handler for data agreement verify request.
+    """
+
+    async def handle(self, context: RequestContext, responder: BaseResponder):
+        """
+        Message handler logic for data agreement verify.
+        """
+
+        # Assert if received message is of type DataAgreementVerify
+        assert isinstance(context.message, DataAgreementVerify)
+
+        self._logger.info(
+            "Received data-agreement-proofs/1.0/verify-request message: \n%s",
+            json.dumps(context.message.serialize(), indent=4)
+        )
+
+        # Check if the connection is ready.
+        if not context.connection_ready:
+            self._logger.info(
+                "Connection not active, skipping data-agreement-proofs/1.0/verify-request handler: %s",
+                context.message_receipt.sender_did,
+            )
+            return
+
+        data_agreement_verify_request = context.message
+        data_agreement = data_agreement_verify_request.body.data_agreement
+
+        # Wallet instance from request context
+        wallet: IndyWallet = await context.inject(BaseWallet)
+
+        # Initialize ADA manager
+        ada_manager = ADAManager(context)
+
+        # Create auditor didcomm transaction record
+        auditor_didcomm_transaction_record = AuditorDIDCommTransactionRecord(
+            thread_id=data_agreement_verify_request._id,
+            messages_list=[data_agreement_verify_request.serialize()],
+            connection_id=context.connection_record.connection_id,
+        )
+
+        await auditor_didcomm_transaction_record.save(context)
+
+        try:
+
+            data_controller_did = DIDMyData.from_did(
+                data_agreement.event[0].did)
+            principle_did = DIDMyData.from_did(data_agreement.principle_did)
+
+            # Verify data controller did
+            # Fetch controller did from did registry
+            await ada_manager.resolve_remote_mydata_did(mydata_did=data_controller_did.did)
+
+            valid = False
+
+            if len(data_agreement.event) == 3:
+                verkeys = []
+
+                for event in data_agreement.event:
+                    temp_verkey = DIDMyData.from_did(event.did).public_key_b58
+                    verkeys.append(temp_verkey)
+
+                valid = await verify_data_agreement(
+                    data_agreement.serialize(),
+                    verkeys[-1],
+                    wallet,
+                    drop_proof_chain=False
+                )
+
+                # drop last event and proof
+                data_agreement.event.pop()
+                data_agreement.proof_chain.pop()
+
+            if len(data_agreement.event) == 2:
+                # Verify signatures on data agreement
+                valid = await verify_data_agreement_with_proof_chain(
+                    data_agreement.serialize(),
+                    [
+                        data_controller_did.public_key_b58,
+                        principle_did.public_key_b58
+                    ],
+                    wallet
+                )
+
+                # drop last event and proof
+                data_agreement.event.pop()
+                data_agreement.proof_chain.pop()
+
+                # Convert proof chain to single proof
+                data_agreement.proof = data_agreement.proof_chain[0]
+                data_agreement.proof_chain = None
+
+            if len(data_agreement.event) == 1:
+                # Verify signatures on data agreement
+                valid = await verify_data_agreement(
+                    data_agreement.serialize(),
+                    data_controller_did.public_key_b58,
+                    wallet
+                )
+
+            if valid:
+
+                # Verification successful
+
+                self._logger.info(
+                    "Data-agreement-proofs/1.0/verify-request message verification successful: \n%s",
+                    json.dumps(data_agreement.serialize(), indent=4)
+                )
+
+                data_agreement_verify_response = DataAgreementVerifyResponse(
+                    status="OK",
+                    explain=f"Signature verification successful."
+                )
+
+                data_agreement_verify_response.assign_thread_id(
+                    thid=data_agreement_verify_request._id
+                )
+
+                auditor_didcomm_transaction_record.messages_list.append(
+                    data_agreement_verify_response.serialize()
+                )
+
+                await auditor_didcomm_transaction_record.save(context)
+
+                await responder.send_reply(data_agreement_verify_response)
+
+            else:
+
+                # Verification failed
+
+                data_agreement_verify_response = DataAgreementVerifyResponse(
+                    status="NOT OK",
+                    explain=f"Signature verification failed."
+                )
+
+                data_agreement_verify_response.assign_thread_id(
+                    thid=data_agreement_verify_request._id
+                )
+
+                auditor_didcomm_transaction_record.messages_list.append(
+                    data_agreement_verify_response.serialize()
+                )
+
+                await auditor_didcomm_transaction_record.save(context)
+
+                await responder.send_reply(data_agreement_verify_response)
+
+        except (ADAManagerError, Exception) as err:
+            self._logger.exception("Failed to verify data agreement")
+
+            data_agreement_verify_response = DataAgreementVerifyResponse(
+                status="NOT OK",
+                explain=f"Failed to verify data agreement: {err}"
+            )
+
+            data_agreement_verify_response.assign_thread_id(
+                thid=data_agreement_verify_request._id
+            )
+
+            auditor_didcomm_transaction_record.messages_list.append(
+                data_agreement_verify_response.serialize()
+            )
+
+            await auditor_didcomm_transaction_record.save(context)
+
+            await responder.send_reply(data_agreement_verify_response)
+
+            return

mydata_did/v1_0/handlers/data_agreement_verify_response_handler.py

@@ -0,0 +1,72 @@
+from aries_cloudagent.messaging.base_handler import BaseHandler, BaseResponder, RequestContext
+from aries_cloudagent.storage.record import StorageRecord
+from aries_cloudagent.storage.error import StorageNotFoundError, StorageSearchError, StorageDuplicateError, StorageError
+from aries_cloudagent.wallet.base import BaseWallet
+from aries_cloudagent.wallet.indy import IndyWallet
+
+from ..messages.data_agreement_verify_response import DataAgreementVerifyResponse
+from ..models.exchange_records.data_agreement_record import DataAgreementV1Record
+from ..manager import ADAManager, ADAManagerError
+from ..utils.did.mydata_did import DIDMyData
+from ..models.exchange_records.auditor_didcomm_transaction_record import AuditorDIDCommTransactionRecord
+
+import json
+
+
+class DataAgreementVerifyResponseHandler(BaseHandler):
+    """
+    Handler for data agreement verify response.
+    """
+
+    async def handle(self, context: RequestContext, responder: BaseResponder):
+        """
+        Message handler logic for data agreement verify response.
+        """
+
+        # Assert if received message is of type DataAgreementVerifyResponse
+        assert isinstance(context.message, DataAgreementVerifyResponse)
+
+        self._logger.info(
+            "Received data-agreement-proofs/1.0/verify-response message: \n%s",
+            json.dumps(context.message.serialize(), indent=4)
+        )
+
+        # Check if the connection is ready.
+        if not context.connection_ready:
+            self._logger.info(
+                "Connection not active, skipping data-agreement-proofs/1.0/verify-response handler: %s",
+                context.message_receipt.sender_did,
+            )
+            return
+
+        data_agreement_verify_response = context.message
+
+        # Wallet instance from request context
+        wallet: IndyWallet = await context.inject(BaseWallet)
+
+        # Initialize ADA manager
+        ada_manager = ADAManager(context)
+
+        # Retrieve auditor didcomm transaction record
+        try:
+            auditor_didcomm_transaction_record: AuditorDIDCommTransactionRecord = await AuditorDIDCommTransactionRecord.retrieve_by_tag_filter(
+                context,
+                {
+                    "thread_id": data_agreement_verify_response._thread_id
+                }
+            )
+
+            # Update the auditor didcomm transaction record
+            auditor_didcomm_transaction_record.messages_list.append(
+                data_agreement_verify_response.serialize()
+            )
+
+            await auditor_didcomm_transaction_record.save(context)
+
+        except (StorageNotFoundError, StorageDuplicateError) as e:
+            # No record found
+            self._logger.debug(
+                "Failed to process data-agreement-proofs/1.0/verify-response message; "
+                "No auditor didcomm transaction record found for thread_id: %s", data_agreement_verify_response._thread_id
+            )
+            return

mydata_did/v1_0/manager.py

@@ -53,6 +53,7 @@
 from .messages.data_agreement_accept import DataAgreementNegotiationAcceptMessage, DataAgreementNegotiationAcceptMessageSchema
 from .messages.data_agreement_reject import DataAgreementNegotiationRejectMessage, DataAgreementNegotiationRejectMessageSchema
 from .messages.data_agreement_terminate import DataAgreementTerminationTerminateMessage, DataAgreementTerminationTerminateMessageSchema
+from .messages.data_agreement_verify import DataAgreementVerify
 
 from .models.data_agreement_model import DATA_AGREEMENT_V1_SCHEMA_CONTEXT, DataAgreementEventSchema, DataAgreementV1, DataAgreementPersonalData, DataAgreementV1Schema
 from .models.read_data_agreement_model import ReadDataAgreementBody
@@ -67,6 +68,7 @@
 from .models.data_agreement_negotiation_accept_model import DataAgreementNegotiationAcceptBody, DataAgreementNegotiationAcceptBodySchema
 from .models.data_agreement_negotiation_reject_model import DataAgreementNegotiationRejectBody, DataAgreementNegotiationRejectBodySchema
 from .models.data_agreement_termination_terminate_model import DataAgreementTerminationTerminateBody, DataAgreementTerminationTerminateBodySchema
+from .models.data_agreement_verify_model import DataAgreementVerifyBody, DataAgreementVerifyBodySchema
 
 from .utils.diddoc import DIDDoc
 from .utils.did.mydata_did import DIDMyData
@@ -2833,3 +2835,62 @@ async def query_data_agreement_instances(self, tag_query: dict = None) -> typing
                     pass
 
         return data_agreement_instances
+
+    async def construct_data_agreement_verify_request(self, *, data_agreement_id: str) -> DataAgreementVerify:
+        """Construct data agreement verify request message"""
+
+        # Wallet instance from context
+        wallet: IndyWallet = await self.context.inject(BaseWallet)
+
+        # Storage instance from context
+        storage: BaseStorage = await self.context.inject(BaseStorage)
+
+        # Fetch auditor connection record
+        auditor_connection_record, err = await self.fetch_auditor_connection_record()
+        if err:
+            raise ADAManagerError(
+                f"Failed to construct data agreement verify request message: {err}"
+            )
+        
+        # from_did
+        pairwise_local_did_record = await wallet.get_local_did(auditor_connection_record.my_did)
+        from_did = DIDMyData.from_public_key_b58(
+            pairwise_local_did_record.verkey, key_type=KeyType.ED25519)
+
+        # to_did
+        pairwise_remote_did_record = await storage.search_records(
+            type_filter=ConnectionManager.RECORD_TYPE_DID_KEY,
+            tag_query={"did": auditor_connection_record.their_did}
+        ).fetch_single()
+        to_did = DIDMyData.from_public_key_b58(
+            pairwise_remote_did_record.value, key_type=KeyType.ED25519)
+
+        # Fetch data agreement instance
+        data_agreement_instances = await self.query_data_agreement_instances(
+            {
+                "data_agreement_id": data_agreement_id
+            }
+        )
+
+        if len(data_agreement_instances) != 1:
+            raise ADAManagerError(
+                f"Failed to construct data agreement verify request message: "
+                f"{len(data_agreement_instances)} data agreement instances found for data agreement id: {data_agreement_id}"
+            )
+        
+        data_agreement_instance: DataAgreementInstance = DataAgreementInstanceSchema().load(
+            data_agreement_instances[0].get("data_agreement")
+        )
+
+        # Construct data agreement verify message
+
+        data_agreement_verify = DataAgreementVerify(
+            from_did=from_did.did,
+            to_did=to_did.did,
+            created_time=str(int(datetime.datetime.utcnow().timestamp())),
+            body=DataAgreementVerifyBody(
+                data_agreement=data_agreement_instance
+            )
+        )
+
+        return data_agreement_verify

mydata_did/v1_0/message_types.py

@@ -40,9 +40,8 @@
 DATA_AGREEMENT_TERMINATION_PROBLEM_REPORT = f"data-agreement-termination/1.0/problem-report"
 
 # Message types for ADA RFC 0004 - Data Agreement Proofs Protocol 1.0
-DATA_AGREEMENT_PROOFS_VERIFY = f"data-agreement-proofs/1.0/verify"
-DATA_AGREEMENT_PROOFS_VERIFIED = f"data-agreement-proofs/1.0/verified"
-DATA_AGREEMENT_PROOFS_UNVERIFIED = f"data-agreement-proofs/1.0/unverified"
+DATA_AGREEMENT_PROOFS_VERIFY = f"data-agreement-proofs/1.0/verify-request"
+DATA_AGREEMENT_PROOFS_VERIFY_RESPONSE = f"data-agreement-proofs/1.0/verify-response"
 
 # Protocol package path
 PROTOCOL_PACKAGE = "mydata_did.v1_0"
@@ -94,6 +93,12 @@
         ),
         DATA_AGREEMENT_TERMINATION_PROBLEM_REPORT: (
             f"{PROTOCOL_PACKAGE}.messages.problem_report.DataAgreementTerminationProblemReport"
+        ),
+        DATA_AGREEMENT_PROOFS_VERIFY: (
+            f"{PROTOCOL_PACKAGE}.messages.data_agreement_verify.DataAgreementVerify"
+        ),
+        DATA_AGREEMENT_PROOFS_VERIFY_RESPONSE: (
+            f"{PROTOCOL_PACKAGE}.messages.data_agreement_verify_response.DataAgreementVerifyResponse"
         )
     },
 )