diff --git a/aries_cloudagent/anoncreds/holder.py b/aries_cloudagent/anoncreds/holder.py index 42b2a6ccd9..ebb2c04176 100644 --- a/aries_cloudagent/anoncreds/holder.py +++ b/aries_cloudagent/anoncreds/holder.py @@ -316,6 +316,7 @@ async def store_credential_w3c( credential_definition, rev_reg_def, ) + # TODO cred_recvd = Credential.from_w3c(cred_w3c) except AnoncredsError as err: raise AnonCredsHolderError("Error processing received credential") from err diff --git a/aries_cloudagent/indy/models/cred.py b/aries_cloudagent/indy/models/cred.py index 6e03efaca3..d0c7f7537a 100644 --- a/aries_cloudagent/indy/models/cred.py +++ b/aries_cloudagent/indy/models/cred.py @@ -155,42 +155,3 @@ class Meta: witness = fields.Dict( allow_none=True, metadata={"description": "Witness for revocation proof"} ) - - -class VCDIIndyCredential(BaseModel): - """VCDI Indy credential.""" - - class Meta: - """VCDI Indy credential metadata.""" - - schema_class = "VCDIIndyCredentialSchema" - - def __init__( - self, - credential: dict = None, - **kwargs, - ): - """Initialize vcdi cred abstract object. - - Args: - data_model_versions_supported: supported versions for data model - binding_required: boolean value - binding_methods: required if binding_required is true - credential: credential object - """ - super().__init__(**kwargs) - self.credential = credential - - -class VCDIIndyCredentialSchema(BaseModelSchema): - """VCDI Indy credential schema.""" - - class Meta: - """VCDI Indy credential schemametadata.""" - - model_class = VCDIIndyCredential - unknown = EXCLUDE - - credential = fields.Dict( - fields.Str(), required=True, metadata={"description": "", "example": ""} - ) diff --git a/aries_cloudagent/indy/models/cred_abstract.py b/aries_cloudagent/indy/models/cred_abstract.py index d48f35e51e..9abdbd5bb3 100644 --- a/aries_cloudagent/indy/models/cred_abstract.py +++ b/aries_cloudagent/indy/models/cred_abstract.py @@ -1,7 +1,6 @@ """Cred abstract artifacts to attach to RFC 453 messages.""" -from typing import Sequence, Union -from ...vc.vc_ld.models.credential import CredentialSchema, VerifiableCredential +from typing import Sequence from marshmallow import EXCLUDE, fields @@ -153,200 +152,3 @@ class Meta: required=True, metadata={"description": "Key correctness proof"}, ) - - -class AnoncredsLinkSecret(BaseModel): - """Anoncreds Link Secret Model.""" - - class Meta: - """AnoncredsLinkSecret metadata.""" - - schema_class = "AnoncredsLinkSecretSchema" - - def __init__( - self, - nonce: str = None, - cred_def_id: str = None, - key_correctness_proof: str = None, - **kwargs, - ): - """Initialize values for AnoncredsLinkSecret.""" - super().__init__(**kwargs) - self.nonce = nonce - self.cred_def_id = cred_def_id - self.key_correctness_proof = key_correctness_proof - - -class AnoncredsLinkSecretSchema(BaseModelSchema): - """Anoncreds Link Secret Schema.""" - - class Meta: - """AnoncredsLinkSecret schema metadata.""" - - model_class = AnoncredsLinkSecret - unknown = EXCLUDE - - nonce = fields.Str( - required=True, - validate=NUM_STR_WHOLE_VALIDATE, - metadata={ - "description": "Nonce in credential abstract", - "example": NUM_STR_WHOLE_EXAMPLE, - }, - ) - - cred_def_id = fields.Str( - required=True, - validate=INDY_CRED_DEF_ID_VALIDATE, - metadata={ - "description": "Credential definition identifier", - "example": INDY_CRED_DEF_ID_EXAMPLE, - }, - ) - - key_correctness_proof = fields.Nested( - IndyKeyCorrectnessProofSchema(), - required=True, - metadata={"description": "Key correctness proof"}, - ) - - -class DidcommSignedAttachment(BaseModel): - """Didcomm Signed Attachment Model.""" - - class Meta: - """DidcommSignedAttachment metadata.""" - - schema_class = "DidcommSignedAttachmentSchema" - - def __init__( - self, - algs_supported: Sequence[str] = None, - did_methods_supported: Sequence[str] = None, - nonce: str = None, - **kwargs, - ): - """Initialize values for DidcommSignedAttachment.""" - super().__init__(**kwargs) - self.algs_supported = algs_supported - self.did_methods_supported = did_methods_supported - self.nonce = nonce - - -class DidcommSignedAttachmentSchema(BaseModelSchema): - """Didcomm Signed Attachment Schema.""" - - class Meta: - """Didcomm signed attachment schema metadata.""" - - model_class = DidcommSignedAttachment - unknown = EXCLUDE - - algs_supported = fields.List(fields.Str(), required=True) - - did_methods_supported = fields.List(fields.Str(), required=True) - - nonce = fields.Str( - required=True, - validate=NUM_STR_WHOLE_VALIDATE, - metadata={ - "description": "Nonce in credential abstract", - "example": NUM_STR_WHOLE_EXAMPLE, - }, - ) - - -class BindingMethod(BaseModel): - """Binding Method Model.""" - - class Meta: - """Binding method metadata.""" - - schema_class = "BindingMethodSchema" - - def __init__( - self, - anoncreds_link_secret: Union[dict, AnoncredsLinkSecret] = None, - didcomm_signed_attachment: Union[dict, DidcommSignedAttachment] = None, - **kwargs, - ): - """Initialize values for DidcommSignedAttachment.""" - super().__init__(**kwargs) - self.anoncreds_link_secret = anoncreds_link_secret - self.didcomm_signed_attachment = didcomm_signed_attachment - - -class BindingMethodSchema(BaseModelSchema): - """VCDI Binding Method Schema.""" - - class Meta: - """VCDI binding method schema metadata.""" - - model_class = BindingMethod - unknown = EXCLUDE - - anoncreds_link_secret = fields.Nested(AnoncredsLinkSecretSchema, required=False) - didcomm_signed_attachment = fields.Nested( - DidcommSignedAttachmentSchema, required=True - ) - - -class VCDICredAbstract(BaseModel): - """VCDI Credential Abstract.""" - - class Meta: - """VCDI credential abstract metadata.""" - - schema_class = "VCDICredAbstractSchema" - - def __init__( - self, - data_model_versions_supported: Sequence[str] = None, - binding_required: str = None, - binding_method: str = None, - credential: Union[dict, VerifiableCredential] = None, - **kwargs, - ): - """Initialize vcdi cred abstract object. - - Args: - data_model_versions_supported: supported versions for data model - binding_required: boolean value - binding_methods: required if binding_required is true - credential: credential object - """ - super().__init__(**kwargs) - self.data_model_versions_supported = data_model_versions_supported - self.binding_required = binding_required - self.binding_method = binding_method - self.credential = credential - - -class VCDICredAbstractSchema(BaseModelSchema): - """VCDI Credential Abstract Schema.""" - - class Meta: - """VCDICredAbstractSchema metadata.""" - - model_class = VCDICredAbstract - unknown = EXCLUDE - - data_model_versions_supported = fields.List( - fields.Str(), required=True, metadata={"description": "", "example": ""} - ) - - binding_required = fields.Bool( - required=False, metadata={"description": "", "example": ""} - ) - - binding_method = fields.Nested( - BindingMethodSchema(), - required=binding_required, - metadata={"description": "", "example": ""}, - ) - - credential = fields.Nested( - CredentialSchema(), - required=True, - metadata={"description": "", "example": ""}, - ) diff --git a/aries_cloudagent/indy/models/cred_request.py b/aries_cloudagent/indy/models/cred_request.py index 4438a99259..805cdaa61d 100644 --- a/aries_cloudagent/indy/models/cred_request.py +++ b/aries_cloudagent/indy/models/cred_request.py @@ -1,6 +1,6 @@ """Cred request artifacts to attach to RFC 453 messages.""" -from typing import Mapping, Union +from typing import Mapping from marshmallow import EXCLUDE, fields @@ -8,8 +8,6 @@ from ...messaging.valid import ( INDY_CRED_DEF_ID_EXAMPLE, INDY_CRED_DEF_ID_VALIDATE, - INDY_DID_EXAMPLE, - INDY_DID_VALIDATE, UUID4_EXAMPLE, NUM_STR_WHOLE_EXAMPLE, NUM_STR_WHOLE_VALIDATE, @@ -81,178 +79,3 @@ class Meta: "example": NUM_STR_WHOLE_EXAMPLE, }, ) - - -class AnoncredsLinkSecret(BaseModel): - """Binding proof model.""" - - class Meta: - """VCDI credential request schema metadata.""" - - schema_class = "BindingProofSchema" - - def __init__( - self, - entropy: str = None, - cred_def_id: str = None, - blinded_ms: Mapping = None, - blinded_ms_correctness_proof: Mapping = None, - nonce: str = None, - **kwargs, - ): - """Initialize indy credential request.""" - super().__init__(**kwargs) - self.entropy = entropy - self.cred_def_id = cred_def_id - self.blinded_ms = blinded_ms - self.blinded_ms_correctness_proof = blinded_ms_correctness_proof - self.nonce = nonce - - -class AnoncredsLinkSecretSchema(BaseModelSchema): - """VCDI credential request schema.""" - - class Meta: - """VCDI credential request schema metadata.""" - - model_class = AnoncredsLinkSecret - unknown = EXCLUDE - - entropy = fields.Str( - required=True, - validate=INDY_DID_VALIDATE, - metadata={"description": "Prover DID", "example": INDY_DID_EXAMPLE}, - ) - cred_def_id = fields.Str( - required=True, - validate=INDY_CRED_DEF_ID_VALIDATE, - metadata={ - "description": "Credential definition identifier", - "example": INDY_CRED_DEF_ID_EXAMPLE, - }, - ) - blinded_ms = fields.Dict( - required=True, metadata={"description": "Blinded master secret"} - ) - blinded_ms_correctness_proof = fields.Dict( - required=True, - metadata={"description": "Blinded master secret correctness proof"}, - ) - nonce = fields.Str( - required=True, - validate=NUM_STR_WHOLE_VALIDATE, - metadata={ - "description": "Nonce in credential request", - "example": NUM_STR_WHOLE_EXAMPLE, - }, - ) - - -class DidcommSignedAttachment(BaseModel): - """Didcomm Signed Attachment Model.""" - - class Meta: - """Didcomm signed attachment metadata.""" - - schema_class = "DidcommSignedAttachmentSchema" - - def __init__(self, attachment_id: str = None, **kwargs): - """Initialize DidcommSignedAttachment.""" - super().__init__(**kwargs) - self.attachment_id = attachment_id - - -class DidcommSignedAttachmentSchema(BaseModelSchema): - """Didcomm Signed Attachment Schema.""" - - class Meta: - """Didcomm Signed Attachment schema metadata.""" - - model_class = DidcommSignedAttachment - unknown = EXCLUDE - - attachment_id = fields.Str( - required=True, metadata={"description": "", "example": ""} - ) - - -class BindingProof(BaseModel): - """Binding Proof Model.""" - - class Meta: - """Binding proof metadata.""" - - schema_class = "BindingProofSchema" - - def __init__( - self, - anoncreds_link_secret: str = None, - didcomm_signed_attachment: str = None, - **kwargs, - ): - """Initialize binding proof.""" - super().__init__(**kwargs) - self.anoncreds_link_secret = anoncreds_link_secret - self.didcomm_signed_attachment = didcomm_signed_attachment - - -class BindingProofSchema(BaseModelSchema): - """Binding Proof Schema.""" - - class Meta: - """Binding proof schema metadata.""" - - model_class = BindingProof - unknown = EXCLUDE - - anoncreds_link_secret = fields.Nested( - AnoncredsLinkSecretSchema(), - required=True, - metadata={"description": "", "example": ""}, - ) - - didcomm_signed_attachment = fields.Nested( - DidcommSignedAttachmentSchema(), - required=True, - metadata={"description": "", "example": ""}, - ) - - -class VCDICredRequest(BaseModel): - """VCDI credential request model.""" - - class Meta: - """VCDI credential request metadata.""" - - schema_class = "VCDICredRequestSchema" - - def __init__( - self, - data_model_version: str = None, - binding_proof: Union[dict, BindingProof] = None, - **kwargs, - ): - """Initialize values for VCDICredRequest.""" - super().__init__(**kwargs) - self.data_model_version = data_model_version - self.binding_proof = binding_proof - - -class VCDICredRequestSchema(BaseModelSchema): - """VCDI credential request schema.""" - - class Meta: - """VCDI credential request schema metadata.""" - - model_class = VCDICredRequest - unknown = EXCLUDE - - data_model_version = fields.Str( - required=True, metadata={"description": "", "example": ""} - ) - - binding_proof = fields.Nested( - BindingProofSchema(), - required=True, - metadata={"description": "", "example": ""}, - ) diff --git a/aries_cloudagent/protocols/issue_credential/v2_0/formats/vc_di/handler.py b/aries_cloudagent/protocols/issue_credential/v2_0/formats/vc_di/handler.py index 87e96d2c51..d884216811 100644 --- a/aries_cloudagent/protocols/issue_credential/v2_0/formats/vc_di/handler.py +++ b/aries_cloudagent/protocols/issue_credential/v2_0/formats/vc_di/handler.py @@ -7,10 +7,31 @@ import json import logging from typing import Mapping, Tuple -from aries_cloudagent.protocols.issue_credential.v2_0.models.detail.vc_di import ( - V20CredExRecordVCDI, + +from ...models.cred_ex_record import V20CredExRecord +from ...models.detail.indy import ( + V20CredExRecordIndy, +) +from .models.cred import ( + VCDIIndyCredentialSchema, ) +from .models.cred_request import ( + AnoncredsLinkSecretRequest, + BindingProof, + DidcommSignedAttachmentRequest, + VCDICredRequest, + VCDICredRequestSchema, +) + +from aries_cloudagent.vc.vc_ld.models.credential import VerifiableCredential +from .models.cred_offer import ( + AnoncredsLinkSecret, + BindingMethod, + DidcommSignedAttachment, + VCDICredAbstract, + VCDICredAbstractSchema, +) from marshmallow import RAISE from ......anoncreds.revocation import AnonCredsRevocation @@ -20,9 +41,6 @@ from ......anoncreds.issuer import ( AnonCredsIssuer, ) -from ......indy.models.cred import VCDIIndyCredentialSchema -from ......indy.models.cred_abstract import VCDICredAbstractSchema -from ......indy.models.cred_request import VCDICredRequestSchema from ......cache.base import BaseCache from ......ledger.base import BaseLedger from ......ledger.multiple_ledger.ledger_requests_executor import ( @@ -50,7 +68,7 @@ from ...messages.cred_offer import V20CredOffer from ...messages.cred_proposal import V20CredProposal from ...messages.cred_request import V20CredRequest -from ...models.cred_ex_record import V20CredExRecord + from ..handler import CredFormatAttachment, V20CredFormatError, V20CredFormatHandler LOGGER = logging.getLogger(__name__) @@ -90,7 +108,7 @@ def validate_fields(cls, message_type: str, attachment_data: Mapping): # Validate, throw if not valid Schema(unknown=RAISE).load(attachment_data) - async def get_detail_record(self, cred_ex_id: str) -> V20CredExRecordVCDI: + async def get_detail_record(self, cred_ex_id: str) -> V20CredExRecordIndy: """Retrieve credential exchange detail record by cred_ex_id.""" async with self.profile.session() as session: @@ -175,7 +193,9 @@ async def create_proposal( return self.get_format_data(CRED_20_PROPOSAL, proposal_data) async def receive_proposal( - self, cred_ex_record: V20CredExRecord, cred_proposal_message: V20CredProposal + self, + cred_ex_record: V20CredExRecord, + cred_proposal_message: V20CredProposal, ) -> None: """Receive vcdi credential proposal. @@ -204,6 +224,7 @@ async def _create(): offer_str = await issuer.create_credential_offer(cred_def_id) return json.loads(offer_str) + # TODO multitenant_mgr = self.profile.inject_or(BaseMultitenantManager) if multitenant_mgr: ledger_exec_inst = IndyLedgerRequestsExecutor(self.profile) @@ -239,36 +260,39 @@ async def _create(): if not cred_offer: cred_offer = await _create() - vcdi_cred_offer = { - "data_model_versions_supported": ["1.1"], - "binding_required": True, - "binding_method": { - "anoncreds_link_secret": { - "cred_def_id": cred_offer["cred_def_id"], - "key_correctness_proof": cred_offer["key_correctness_proof"], - "nonce": cred_offer["nonce"], - }, - "didcomm_signed_attachment": { - "algs_supported": ["EdDSA"], - "did_methods_supported": ["key"], - "nonce": cred_offer["nonce"], - }, - }, - "credential": { - "@context": [ - "https://www.w3.org/2018/credentials/v1", - "https://w3id.org/security/data-integrity/v2", - {"@vocab": "https://www.w3.org/ns/credentials/issuer-dependent#"}, - ], - "type": ["VerifiableCredential"], - "issuer": public_did, - "credentialSubject": cred_proposal_message.credential_preview.attr_dict(), - "issuanceDate": datetime.datetime.now( - datetime.timezone.utc - ).isoformat(), - }, - } - return self.get_format_data(CRED_20_OFFER, vcdi_cred_offer) + credential = VerifiableCredential( + issuer=public_did, + credential_subject=cred_proposal_message.credential_preview.attr_dict(), + issuance_date=datetime.datetime.now(datetime.timezone.utc).isoformat(), + ) + + anoncreds_link_secret_instance = AnoncredsLinkSecret( + cred_def_id=cred_offer["cred_def_id"], + key_correctness_proof=cred_offer["key_correctness_proof"], + nonce=cred_offer["nonce"], + ) + + didcomm_signed_attachment_instance = DidcommSignedAttachment( + algs_supported=["EdDSA"], + did_methods_supported=["key"], + nonce=cred_offer["nonce"], + ) + + binding_method_instance = BindingMethod( + anoncreds_link_secret=anoncreds_link_secret_instance, + didcomm_signed_attachment=didcomm_signed_attachment_instance, + ) + + vcdi_cred_abstract = VCDICredAbstract( + data_model_versions_supported=["1.1"], + binding_required=True, + binding_method=binding_method_instance, + credential=credential, + ) + + return self.get_format_data( + CRED_20_OFFER, json.loads(vcdi_cred_abstract.to_json()) + ) async def receive_offer( self, cred_ex_record: V20CredExRecord, cred_offer_message: V20CredOffer @@ -304,6 +328,7 @@ async def create_request( ] ledger = self.profile.inject(BaseLedger) + # TODO multitenant_mgr = self.profile.inject_or(BaseMultitenantManager) if multitenant_mgr: ledger_exec_inst = IndyLedgerRequestsExecutor(self.profile) @@ -326,14 +351,7 @@ async def _create(): self.profile, cred_def_id ) - legacy_offer = { - "schema_id": schema_id, - "cred_def_id": cred_def_id, - "key_correctness_proof": cred_offer["binding_method"][ - "anoncreds_link_secret" - ]["key_correctness_proof"], - "nonce": cred_offer["binding_method"]["anoncreds_link_secret"]["nonce"], - } + legacy_offer = await self._prepare_legacy_offer(cred_offer, schema_id) holder = AnonCredsHolder(self.profile) request_json, metadata_json = await holder.create_credential_request( @@ -357,32 +375,40 @@ async def _create(): await entry.set_result(cred_req_result, 3600) if not cred_req_result: cred_req_result = await _create() - detail_record = V20CredExRecordVCDI( + detail_record = V20CredExRecordIndy( cred_ex_id=cred_ex_record.cred_ex_id, cred_request_metadata=cred_req_result["metadata"], ) - vcdi_cred_request = { - "data_model_version": "2.0", - "binding_proof": { - "anoncreds_link_secret": { - "entropy": cred_req_result["request"]["prover_did"], - "cred_def_id": cred_req_result["request"]["cred_def_id"], - "blinded_ms": cred_req_result["request"]["blinded_ms"], - "blinded_ms_correctness_proof": cred_req_result["request"][ - "blinded_ms_correctness_proof" - ], - "nonce": cred_req_result["request"]["nonce"], - }, - "didcomm_signed_attachment": {"attachment_id": "test"}, - }, - } + anoncreds_link_secret_instance = AnoncredsLinkSecretRequest( + entropy=cred_req_result["request"]["prover_did"], + cred_def_id=cred_req_result["request"]["cred_def_id"], + blinded_ms=cred_req_result["request"]["blinded_ms"], + blinded_ms_correctness_proof=cred_req_result["request"][ + "blinded_ms_correctness_proof" + ], + nonce=cred_req_result["request"]["nonce"], + ) + + didcomm_signed_attachment_instance = DidcommSignedAttachmentRequest( + attachment_id="test" + ) + + binding_proof_instance = BindingProof( + anoncreds_link_secret=anoncreds_link_secret_instance, + didcomm_signed_attachment=didcomm_signed_attachment_instance, + ) + + vcdi_cred_request = VCDICredRequest( + data_model_version="2.0", binding_proof=binding_proof_instance + ) async with self.profile.session() as session: await detail_record.save(session, reason="create v2.0 credential request") - tmp = self.get_format_data(CRED_20_REQUEST, vcdi_cred_request) - return tmp + return self.get_format_data( + CRED_20_REQUEST, json.loads(vcdi_cred_request.to_json()) + ) async def receive_request( self, cred_ex_record: V20CredExRecord, cred_request_message: V20CredRequest @@ -412,6 +438,7 @@ async def issue_credential( ] ledger = self.profile.inject(BaseLedger) + # TODO multitenant_mgr = self.profile.inject_or(BaseMultitenantManager) if multitenant_mgr: ledger_exec_inst = IndyLedgerRequestsExecutor(self.profile) @@ -427,43 +454,15 @@ async def issue_credential( async with ledger: schema_id = await ledger.credential_definition_id2schema_id(cred_def_id) - legacy_offer = { - "schema_id": schema_id, - "cred_def_id": cred_def_id, - "key_correctness_proof": cred_offer["binding_method"][ - "anoncreds_link_secret" - ]["key_correctness_proof"], - "nonce": cred_offer["binding_method"]["anoncreds_link_secret"]["nonce"], - } - legacy_request = { - "prover_did": cred_request["binding_proof"]["anoncreds_link_secret"][ - "entropy" - ], - "cred_def_id": cred_def_id, - "blinded_ms": cred_request["binding_proof"]["anoncreds_link_secret"][ - "blinded_ms" - ], - "blinded_ms_correctness_proof": cred_request["binding_proof"][ - "anoncreds_link_secret" - ]["blinded_ms_correctness_proof"], - "nonce": cred_request["binding_proof"]["anoncreds_link_secret"]["nonce"], - } + legacy_offer = await self._prepare_legacy_offer(cred_offer, schema_id) + legacy_request = await self._prepare_legacy_request(cred_request, cred_def_id) issuer = AnonCredsIssuer(self.profile) - # IC - implement a separate create_credential for vcdi + credential = await issuer.create_credential_w3c( legacy_offer, legacy_request, cred_values ) - # IC: this needs to be re-formatted into a vc_di credential issue message - # see test vectors here: https://github.com/TimoGlastra/anoncreds-w3c-test-vectors - # the relevant example is this one (I think): - # https://github.com/TimoGlastra/anoncreds-w3c-test-vectors/ - # blob/main/test-vectors/aries-issue-credential-di-issue.json - # Note that we ALSO need a schema for this - # (like was implemented for VCDICredAbstractSchema or VCDICredRequestSchema) - # ... in order to validate received messages ... - vcdi_credential = { "credential": json.loads(credential), } @@ -474,7 +473,7 @@ async def issue_credential( rev_reg_def_id = None async with self._profile.transaction() as txn: - detail_record = V20CredExRecordVCDI( + detail_record = V20CredExRecordIndy( cred_ex_id=cred_ex_record.cred_ex_id, rev_reg_id=rev_reg_def_id, cred_rev_id=cred_rev_id, @@ -500,6 +499,34 @@ async def issue_credential( return result + async def _prepare_legacy_offer(self, cred_offer: dict, schema_id: str) -> dict: + """Convert current offer to legacy offer format.""" + return { + "schema_id": schema_id, + "cred_def_id": cred_offer["binding_method"]["anoncreds_link_secret"][ + "cred_def_id" + ], + "key_correctness_proof": cred_offer["binding_method"][ + "anoncreds_link_secret" + ]["key_correctness_proof"], + "nonce": cred_offer["binding_method"]["anoncreds_link_secret"]["nonce"], + } + + async def _prepare_legacy_request(self, cred_request: dict, cred_def_id: str): + return { + "prover_did": cred_request["binding_proof"]["anoncreds_link_secret"][ + "entropy" + ], + "cred_def_id": cred_def_id, + "blinded_ms": cred_request["binding_proof"]["anoncreds_link_secret"][ + "blinded_ms" + ], + "blinded_ms_correctness_proof": cred_request["binding_proof"][ + "anoncreds_link_secret" + ]["blinded_ms_correctness_proof"], + "nonce": cred_request["binding_proof"]["anoncreds_link_secret"]["nonce"], + } + async def receive_credential( self, cred_ex_record: V20CredExRecord, cred_issue_message: V20CredIssue ) -> None: diff --git a/aries_cloudagent/protocols/issue_credential/v2_0/formats/vc_di/models/__init__.py b/aries_cloudagent/protocols/issue_credential/v2_0/formats/vc_di/models/__init__.py new file mode 100644 index 0000000000..e69de29bb2 diff --git a/aries_cloudagent/protocols/issue_credential/v2_0/formats/vc_di/models/cred.py b/aries_cloudagent/protocols/issue_credential/v2_0/formats/vc_di/models/cred.py new file mode 100644 index 0000000000..a00e1e08db --- /dev/null +++ b/aries_cloudagent/protocols/issue_credential/v2_0/formats/vc_di/models/cred.py @@ -0,0 +1,43 @@ +"""Cred request artifacts to attach to RFC 453 messages.""" + +from aries_cloudagent.messaging.models.base import BaseModel, BaseModelSchema +from marshmallow import EXCLUDE, fields + + +class VCDIIndyCredential(BaseModel): + """VCDI Indy credential.""" + + class Meta: + """VCDI Indy credential metadata.""" + + schema_class = "VCDIIndyCredentialSchema" + + def __init__( + self, + credential: dict = None, + **kwargs, + ): + """Initialize vcdi cred abstract object. + + Args: + data_model_versions_supported: supported versions for data model + binding_required: boolean value + binding_methods: required if binding_required is true + credential: credential object + """ + super().__init__(**kwargs) + self.credential = credential + + +class VCDIIndyCredentialSchema(BaseModelSchema): + """VCDI Indy credential schema.""" + + class Meta: + """VCDI Indy credential schemametadata.""" + + model_class = VCDIIndyCredential + unknown = EXCLUDE + + credential = fields.Dict( + fields.Str(), required=True, metadata={"description": "", "example": ""} + ) diff --git a/aries_cloudagent/protocols/issue_credential/v2_0/formats/vc_di/models/cred_offer.py b/aries_cloudagent/protocols/issue_credential/v2_0/formats/vc_di/models/cred_offer.py new file mode 100644 index 0000000000..0a837b4254 --- /dev/null +++ b/aries_cloudagent/protocols/issue_credential/v2_0/formats/vc_di/models/cred_offer.py @@ -0,0 +1,214 @@ +"""Cred request artifacts to attach to RFC 453 messages.""" + +from typing import Sequence, Union +from aries_cloudagent.indy.models.cred_abstract import IndyKeyCorrectnessProofSchema +from aries_cloudagent.messaging.models.base import BaseModel, BaseModelSchema +from aries_cloudagent.vc.vc_ld.models.credential import ( + CredentialSchema, + VerifiableCredential, +) +from aries_cloudagent.messaging.valid import ( + INDY_CRED_DEF_ID_EXAMPLE, + INDY_CRED_DEF_ID_VALIDATE, + NUM_STR_WHOLE_EXAMPLE, + NUM_STR_WHOLE_VALIDATE, +) + +from marshmallow import EXCLUDE, fields + + +class AnoncredsLinkSecret(BaseModel): + """Anoncreds Link Secret Model.""" + + class Meta: + """AnoncredsLinkSecret metadata.""" + + schema_class = "AnoncredsLinkSecretSchema" + + def __init__( + self, + nonce: str = None, + cred_def_id: str = None, + key_correctness_proof: str = None, + **kwargs, + ): + """Initialize values for AnoncredsLinkSecret.""" + super().__init__(**kwargs) + self.nonce = nonce + self.cred_def_id = cred_def_id + self.key_correctness_proof = key_correctness_proof + + +class AnoncredsLinkSecretSchema(BaseModelSchema): + """Anoncreds Link Secret Schema.""" + + class Meta: + """AnoncredsLinkSecret schema metadata.""" + + model_class = AnoncredsLinkSecret + unknown = EXCLUDE + + nonce = fields.Str( + required=True, + validate=NUM_STR_WHOLE_VALIDATE, + metadata={ + "description": "Nonce in credential abstract", + "example": NUM_STR_WHOLE_EXAMPLE, + }, + ) + + cred_def_id = fields.Str( + required=True, + validate=INDY_CRED_DEF_ID_VALIDATE, + metadata={ + "description": "Credential definition identifier", + "example": INDY_CRED_DEF_ID_EXAMPLE, + }, + ) + + key_correctness_proof = fields.Nested( + IndyKeyCorrectnessProofSchema(), + required=True, + metadata={"description": "Key correctness proof"}, + ) + + +class DidcommSignedAttachment(BaseModel): + """Didcomm Signed Attachment Model.""" + + class Meta: + """DidcommSignedAttachment metadata.""" + + schema_class = "DidcommSignedAttachmentSchema" + + def __init__( + self, + algs_supported: Sequence[str] = None, + did_methods_supported: Sequence[str] = None, + nonce: str = None, + **kwargs, + ): + """Initialize values for DidcommSignedAttachment.""" + super().__init__(**kwargs) + self.algs_supported = algs_supported + self.did_methods_supported = did_methods_supported + self.nonce = nonce + + +class DidcommSignedAttachmentSchema(BaseModelSchema): + """Didcomm Signed Attachment Schema.""" + + class Meta: + """Didcomm signed attachment schema metadata.""" + + model_class = DidcommSignedAttachment + unknown = EXCLUDE + + algs_supported = fields.List(fields.Str(), required=True) + + did_methods_supported = fields.List(fields.Str(), required=True) + + nonce = fields.Str( + required=True, + validate=NUM_STR_WHOLE_VALIDATE, + metadata={ + "description": "Nonce in credential abstract", + "example": NUM_STR_WHOLE_EXAMPLE, + }, + ) + + +class BindingMethod(BaseModel): + """Binding Method Model.""" + + class Meta: + """Binding method metadata.""" + + schema_class = "BindingMethodSchema" + + def __init__( + self, + anoncreds_link_secret: Union[dict, AnoncredsLinkSecret] = None, + didcomm_signed_attachment: Union[dict, DidcommSignedAttachment] = None, + **kwargs, + ): + """Initialize values for DidcommSignedAttachment.""" + super().__init__(**kwargs) + self.anoncreds_link_secret = anoncreds_link_secret + self.didcomm_signed_attachment = didcomm_signed_attachment + + +class BindingMethodSchema(BaseModelSchema): + """VCDI Binding Method Schema.""" + + class Meta: + """VCDI binding method schema metadata.""" + + model_class = BindingMethod + unknown = EXCLUDE + + anoncreds_link_secret = fields.Nested(AnoncredsLinkSecretSchema, required=False) + didcomm_signed_attachment = fields.Nested( + DidcommSignedAttachmentSchema, required=True + ) + + +class VCDICredAbstract(BaseModel): + """VCDI Credential Abstract.""" + + class Meta: + """VCDI credential abstract metadata.""" + + schema_class = "VCDICredAbstractSchema" + + def __init__( + self, + data_model_versions_supported: Sequence[str] = None, + binding_required: str = None, + binding_method: str = None, + credential: Union[dict, VerifiableCredential] = None, + **kwargs, + ): + """Initialize vcdi cred abstract object. + + Args: + data_model_versions_supported: supported versions for data model + binding_required: boolean value + binding_methods: required if binding_required is true + credential: credential object + """ + super().__init__(**kwargs) + self.data_model_versions_supported = data_model_versions_supported + self.binding_required = binding_required + self.binding_method = binding_method + self.credential = credential + + +class VCDICredAbstractSchema(BaseModelSchema): + """VCDI Credential Abstract Schema.""" + + class Meta: + """VCDICredAbstractSchema metadata.""" + + model_class = VCDICredAbstract + unknown = EXCLUDE + + data_model_versions_supported = fields.List( + fields.Str(), required=True, metadata={"description": "", "example": ""} + ) + + binding_required = fields.Bool( + required=False, metadata={"description": "", "example": ""} + ) + + binding_method = fields.Nested( + BindingMethodSchema(), + required=binding_required, + metadata={"description": "", "example": ""}, + ) + + credential = fields.Nested( + CredentialSchema(), + required=True, + metadata={"description": "", "example": ""}, + ) diff --git a/aries_cloudagent/protocols/issue_credential/v2_0/formats/vc_di/models/cred_request.py b/aries_cloudagent/protocols/issue_credential/v2_0/formats/vc_di/models/cred_request.py new file mode 100644 index 0000000000..83f4306982 --- /dev/null +++ b/aries_cloudagent/protocols/issue_credential/v2_0/formats/vc_di/models/cred_request.py @@ -0,0 +1,189 @@ +"""Cred request artifacts to attach to RFC 453 messages.""" + +from typing import Mapping, Union +from aries_cloudagent.messaging.models.base import BaseModel, BaseModelSchema +from aries_cloudagent.messaging.valid import ( + INDY_CRED_DEF_ID_EXAMPLE, + INDY_CRED_DEF_ID_VALIDATE, + INDY_DID_EXAMPLE, + INDY_DID_VALIDATE, + NUM_STR_WHOLE_EXAMPLE, + NUM_STR_WHOLE_VALIDATE, +) + +from marshmallow import EXCLUDE, fields + + +class AnoncredsLinkSecretRequest(BaseModel): + """Binding proof model.""" + + class Meta: + """VCDI credential request schema metadata.""" + + schema_class = "BindingProofSchema" + + def __init__( + self, + entropy: str = None, + cred_def_id: str = None, + blinded_ms: Mapping = None, + blinded_ms_correctness_proof: Mapping = None, + nonce: str = None, + **kwargs, + ): + """Initialize indy credential request.""" + super().__init__(**kwargs) + self.entropy = entropy + self.cred_def_id = cred_def_id + self.blinded_ms = blinded_ms + self.blinded_ms_correctness_proof = blinded_ms_correctness_proof + self.nonce = nonce + + +class AnoncredsLinkSecretSchema(BaseModelSchema): + """VCDI credential request schema.""" + + class Meta: + """VCDI credential request schema metadata.""" + + model_class = AnoncredsLinkSecretRequest + unknown = EXCLUDE + + entropy = fields.Str( + required=True, + validate=INDY_DID_VALIDATE, + metadata={"description": "Prover DID", "example": INDY_DID_EXAMPLE}, + ) + cred_def_id = fields.Str( + required=True, + validate=INDY_CRED_DEF_ID_VALIDATE, + metadata={ + "description": "Credential definition identifier", + "example": INDY_CRED_DEF_ID_EXAMPLE, + }, + ) + blinded_ms = fields.Dict( + required=True, metadata={"description": "Blinded master secret"} + ) + blinded_ms_correctness_proof = fields.Dict( + required=True, + metadata={"description": "Blinded master secret correctness proof"}, + ) + nonce = fields.Str( + required=True, + validate=NUM_STR_WHOLE_VALIDATE, + metadata={ + "description": "Nonce in credential request", + "example": NUM_STR_WHOLE_EXAMPLE, + }, + ) + + +class DidcommSignedAttachmentRequest(BaseModel): + """Didcomm Signed Attachment Model.""" + + class Meta: + """Didcomm signed attachment metadata.""" + + schema_class = "DidcommSignedAttachmentSchema" + + def __init__(self, attachment_id: str = None, **kwargs): + """Initialize DidcommSignedAttachment.""" + super().__init__(**kwargs) + self.attachment_id = attachment_id + + +class DidcommSignedAttachmentSchema(BaseModelSchema): + """Didcomm Signed Attachment Schema.""" + + class Meta: + """Didcomm Signed Attachment schema metadata.""" + + model_class = DidcommSignedAttachmentRequest + unknown = EXCLUDE + + attachment_id = fields.Str( + required=True, metadata={"description": "", "example": ""} + ) + + +class BindingProof(BaseModel): + """Binding Proof Model.""" + + class Meta: + """Binding proof metadata.""" + + schema_class = "BindingProofSchema" + + def __init__( + self, + anoncreds_link_secret: str = None, + didcomm_signed_attachment: str = None, + **kwargs, + ): + """Initialize binding proof.""" + super().__init__(**kwargs) + self.anoncreds_link_secret = anoncreds_link_secret + self.didcomm_signed_attachment = didcomm_signed_attachment + + +class BindingProofSchema(BaseModelSchema): + """Binding Proof Schema.""" + + class Meta: + """Binding proof schema metadata.""" + + model_class = BindingProof + unknown = EXCLUDE + + anoncreds_link_secret = fields.Nested( + AnoncredsLinkSecretSchema(), + required=True, + metadata={"description": "", "example": ""}, + ) + + didcomm_signed_attachment = fields.Nested( + DidcommSignedAttachmentSchema(), + required=True, + metadata={"description": "", "example": ""}, + ) + + +class VCDICredRequest(BaseModel): + """VCDI credential request model.""" + + class Meta: + """VCDI credential request metadata.""" + + schema_class = "VCDICredRequestSchema" + + def __init__( + self, + data_model_version: str = None, + binding_proof: Union[dict, BindingProof] = None, + **kwargs, + ): + """Initialize values for VCDICredRequest.""" + super().__init__(**kwargs) + self.data_model_version = data_model_version + self.binding_proof = binding_proof + + +class VCDICredRequestSchema(BaseModelSchema): + """VCDI credential request schema.""" + + class Meta: + """VCDI credential request schema metadata.""" + + model_class = VCDICredRequest + unknown = EXCLUDE + + data_model_version = fields.Str( + required=True, metadata={"description": "", "example": ""} + ) + + binding_proof = fields.Nested( + BindingProofSchema(), + required=True, + metadata={"description": "", "example": ""}, + ) diff --git a/aries_cloudagent/protocols/issue_credential/v2_0/formats/vc_di/tests/test_handler.py b/aries_cloudagent/protocols/issue_credential/v2_0/formats/vc_di/tests/test_handler.py index 85979fc7f8..7267f229dd 100644 --- a/aries_cloudagent/protocols/issue_credential/v2_0/formats/vc_di/tests/test_handler.py +++ b/aries_cloudagent/protocols/issue_credential/v2_0/formats/vc_di/tests/test_handler.py @@ -29,12 +29,10 @@ V20CredAttrSpec, V20CredPreview, ) -from aries_cloudagent.protocols.issue_credential.v2_0.models.cred_ex_record import ( - V20CredExRecord, -) -from aries_cloudagent.protocols.issue_credential.v2_0.models.detail.vc_di import ( - V20CredExRecordVCDI, +from aries_cloudagent.protocols.issue_credential.v2_0.models.detail.indy import ( + V20CredExRecordIndy, ) + from aries_cloudagent.storage.record import StorageRecord from unittest import IsolatedAsyncioTestCase @@ -309,12 +307,12 @@ async def test_validate_fields(self): async def test_get_vcdi_detail_record(self): cred_ex_id = "dummy" details_vcdi = [ - V20CredExRecordVCDI( + V20CredExRecordIndy( cred_ex_id=cred_ex_id, rev_reg_id="rr-id", cred_rev_id="0", ), - V20CredExRecordVCDI( + V20CredExRecordIndy( cred_ex_id=cred_ex_id, rev_reg_id="rr-id", cred_rev_id="1", @@ -471,9 +469,9 @@ async def test_create_request(self): # TODO here offers_attach=[AttachDecorator.data_base64(VCDI_OFFER, ident="0")], ) - cred_ex_record = V20CredExRecord( + cred_ex_record = V20CredExRecordIndy( cred_ex_id="dummy-id", - state=V20CredExRecord.STATE_OFFER_RECEIVED, + state=V20CredExRecordIndy.STATE_OFFER_RECEIVED, cred_offer=cred_offer.serialize(), ) @@ -570,13 +568,13 @@ async def test_issue_credential_revocable(self): requests_attach=[AttachDecorator.data_base64(VCDI_CRED_REQ, ident="0")], ) - cred_ex_record = V20CredExRecord( + cred_ex_record = V20CredExRecordIndy( cred_ex_id="dummy-cxid", cred_offer=cred_offer.serialize(), cred_request=cred_request.serialize(), - initiator=V20CredExRecord.INITIATOR_SELF, - role=V20CredExRecord.ROLE_ISSUER, - state=V20CredExRecord.STATE_REQUEST_RECEIVED, + initiator=V20CredExRecordIndy.INITIATOR_SELF, + role=V20CredExRecordIndy.ROLE_ISSUER, + state=V20CredExRecordIndy.STATE_REQUEST_RECEIVED, ) cred_rev_id = "1000" @@ -659,13 +657,13 @@ async def test_issue_credential_non_revocable(self): requests_attach=[AttachDecorator.data_base64(VCDI_CRED_REQ, ident="0")], ) - cred_ex_record = V20CredExRecord( + cred_ex_record = V20CredExRecordIndy( cred_ex_id="dummy-cxid", cred_offer=cred_offer.serialize(), cred_request=cred_request.serialize(), - initiator=V20CredExRecord.INITIATOR_SELF, - role=V20CredExRecord.ROLE_ISSUER, - state=V20CredExRecord.STATE_REQUEST_RECEIVED, + initiator=V20CredExRecordIndy.INITIATOR_SELF, + role=V20CredExRecordIndy.ROLE_ISSUER, + state=V20CredExRecordIndy.STATE_REQUEST_RECEIVED, ) self.issuer.create_credential = mock.CoroutineMock( diff --git a/aries_cloudagent/protocols/issue_credential/v2_0/messages/cred_format.py b/aries_cloudagent/protocols/issue_credential/v2_0/messages/cred_format.py index 0a6e71dc7f..a9d6253ce7 100644 --- a/aries_cloudagent/protocols/issue_credential/v2_0/messages/cred_format.py +++ b/aries_cloudagent/protocols/issue_credential/v2_0/messages/cred_format.py @@ -13,7 +13,6 @@ from .....utils.classloader import DeferLoad from ..models.detail.indy import V20CredExRecordIndy from ..models.detail.ld_proof import V20CredExRecordLDProof -from ..models.detail.vc_di import V20CredExRecordVCDI if TYPE_CHECKING: from ..formats.handler import V20CredFormatHandler @@ -64,7 +63,7 @@ class Format(Enum): VC_DI = FormatSpec( "didcomm/", - V20CredExRecordVCDI, + V20CredExRecordIndy, DeferLoad( "aries_cloudagent.protocols.issue_credential.v2_0" ".formats.vc_di.handler.VCDICredFormatHandler" diff --git a/aries_cloudagent/protocols/issue_credential/v2_0/models/detail/vc_di.py b/aries_cloudagent/protocols/issue_credential/v2_0/models/detail/vc_di.py deleted file mode 100644 index 06f62173fd..0000000000 --- a/aries_cloudagent/protocols/issue_credential/v2_0/models/detail/vc_di.py +++ /dev/null @@ -1,159 +0,0 @@ -"""VCDI-specific credential exchange information with non-secrets storage.""" - -from typing import Any, Mapping, Sequence - -from marshmallow import EXCLUDE, fields - -from ......core.profile import ProfileSession -from ......messaging.models.base_record import BaseRecord, BaseRecordSchema -from ......messaging.valid import ( - INDY_CRED_REV_ID_EXAMPLE, - INDY_CRED_REV_ID_VALIDATE, - INDY_REV_REG_ID_EXAMPLE, - INDY_REV_REG_ID_VALIDATE, - UUID4_EXAMPLE, -) -from .. import UNENCRYPTED_TAGS - - -class V20CredExRecordVCDI(BaseRecord): - """Credential exchange vc_di detail record.""" - - class Meta: - """V20CredExRecordVCDI metadata.""" - - schema_class = "V20CredExRecordVCDISchema" - - RECORD_ID_NAME = "cred_ex_vc_di_id" - RECORD_TYPE = "vc_di_cred_ex_v20" - TAG_NAMES = {"~cred_ex_id"} if UNENCRYPTED_TAGS else {"cred_ex_id"} - RECORD_TOPIC = "issue_credential_v2_0_vc_di" - - def __init__( - self, - cred_ex_vc_di_id: str = None, - *, - cred_ex_id: str = None, - cred_id_stored: str = None, - cred_request_metadata: Mapping = None, - rev_reg_id: str = None, - cred_rev_id: str = None, - **kwargs, - ): - """Initialize vc_di credential exchange record details. - - Args: - cred_ex_vc_di_id: The ID associated with this exchange. - cred_ex_id: Corresponding v2.0 credential exchange record identifier. - cred_id_stored: Credential identifier stored in wallet. - cred_request_metadata: Credential request metadata for indy holder. - rev_reg_id: Revocation registry identifier. - cred_rev_id: Credential revocation identifier within revocation registry. - """ - super().__init__(cred_ex_vc_di_id, **kwargs) - - self.cred_ex_id = cred_ex_id - self.cred_id_stored = cred_id_stored - self.cred_request_metadata = cred_request_metadata - self.rev_reg_id = rev_reg_id - self.cred_rev_id = cred_rev_id - - @property - def cred_ex_vc_di_id(self) -> str: - """Accessor for the ID associated with this exchange.""" - return self._id - - @property - def record_value(self) -> dict: - """Accessor for the JSON record value generated for this credential exchange.""" - return { - prop: getattr(self, prop) - for prop in ( - "cred_id_stored", - "cred_request_metadata", - "rev_reg_id", - "cred_rev_id", - ) - } - - @classmethod - async def query_by_cred_ex_id( - cls, - session: ProfileSession, - cred_ex_id: str, - ) -> Sequence["V20CredExRecordVCDI"]: - """Retrieve credential exchange vc_di detail record(s) by its cred ex id. - - Args: - session: The profile session to use for the query. - cred_ex_id: The credential exchange ID. - - Returns: - A sequence of V20CredExRecordVCDI objects matching the given cred ex id. - """ - return await cls.query( - session=session, - tag_filter={"cred_ex_id": cred_ex_id}, - ) - - def __eq__(self, other: Any) -> bool: - """Comparison between records. - - Args: - other: The other object to compare. - - Returns: - True if the records are equal, False otherwise. - """ - return super().__eq__(other) - - -class V20CredExRecordVCDISchema(BaseRecordSchema): - """Credential exchange vc_di detail record detail schema.""" - - class Meta: - """Credential exchange vc_di detail record schema metadata.""" - - model_class = V20CredExRecordVCDI - unknown = EXCLUDE - - cred_ex_vc_di_id = fields.Str( - required=False, - metadata={"description": "Record identifier", "example": UUID4_EXAMPLE}, - ) - cred_ex_id = fields.Str( - required=False, - metadata={ - "description": "Corresponding v2.0 credential exchange record identifier", - "example": UUID4_EXAMPLE, - }, - ) - cred_id_stored = fields.Str( - required=False, - metadata={ - "description": "Credential identifier stored in wallet", - "example": UUID4_EXAMPLE, - }, - ) - cred_request_metadata = fields.Dict( - required=False, - metadata={"description": "Credential request metadata for indy holder"}, - ) - rev_reg_id = fields.Str( - required=False, - validate=INDY_REV_REG_ID_VALIDATE, - metadata={ - "description": "Revocation registry identifier", - "example": INDY_REV_REG_ID_EXAMPLE, - }, - ) - cred_rev_id = fields.Str( - required=False, - validate=INDY_CRED_REV_ID_VALIDATE, - metadata={ - "description": ( - "Credential revocation identifier within revocation registry" - ), - "example": INDY_CRED_REV_ID_EXAMPLE, - }, - ) diff --git a/aries_cloudagent/protocols/issue_credential/v2_0/routes.py b/aries_cloudagent/protocols/issue_credential/v2_0/routes.py index f209a2b1bf..a966b63690 100644 --- a/aries_cloudagent/protocols/issue_credential/v2_0/routes.py +++ b/aries_cloudagent/protocols/issue_credential/v2_0/routes.py @@ -13,9 +13,6 @@ response_schema, ) from marshmallow import ValidationError, fields, validate, validates_schema -from aries_cloudagent.protocols.issue_credential.v2_0.models.detail.vc_di import ( - V20CredExRecordVCDISchema, -) from ....admin.request_context import AdminRequestContext from ....anoncreds.holder import AnonCredsHolderError @@ -111,7 +108,7 @@ class V20CredExRecordDetailSchema(OpenAPISchema): indy = fields.Nested(V20CredExRecordIndySchema, required=False) ld_proof = fields.Nested(V20CredExRecordLDProofSchema, required=False) - vc_di = fields.Nested(V20CredExRecordVCDISchema, required=False) + vc_di = fields.Nested(V20CredExRecordSchema, required=False) class V20CredExRecordListResultSchema(OpenAPISchema):