Merge pull request #327 from Concordium/acceptable-request

Acceptable request

CHANGELOG.md

@@ -10,6 +10,7 @@
 - Added method `findAtLowestHeight` for finding the earliest block satisfying some condition.
 - Added method `findAccountCreation` for finding the block in which an account was created.
 - Fixed an issue where `ConcordiumHdWallet.fromSeedPhrase` always produced an invalid seed as hex.
+- Added `AcceptableRequest` class with `acceptableRequest` and `acceptableAtomicStatement` to check if a request satisfies wallet rules.
 
 ## 7.0.0
 - Make the `energy` parameter for invoking an instance `Optional`.

concordium-sdk/src/main/java/com/concordium/sdk/crypto/CryptoJniNative.java

@@ -7,6 +7,8 @@
 import com.concordium.sdk.crypto.wallet.UnsignedCredentialInput;
 import com.concordium.sdk.crypto.wallet.credential.CredentialDeploymentDetails;
 import com.concordium.sdk.crypto.wallet.credential.CredentialDeploymentSerializationContext;
+import com.concordium.sdk.crypto.wallet.web3Id.AcceptableRequest;
+import com.concordium.sdk.crypto.wallet.web3Id.AttributeCheck;
 import com.concordium.sdk.exceptions.JNIError;
 import com.concordium.sdk.transactions.InitName;
 import com.concordium.sdk.transactions.ReceiveName;
@@ -316,4 +318,31 @@ public static String getVerifiableCredentialBackupEncryptionKey(String seedAsHex
      * {@link Web3IdProof} as JSON.
      */
     public static native String createWeb3IdProof(String input);
+
+    /**
+     * Check that a request is acceptable
+     *
+     * @param input {@link Request} serialized as JSON.
+     * @return JSON representing {@link VoidResult}. If successful the field
+     *         'result' is empty,
+     *         but if not acceptable the reason will be contained in the error.
+     */
+    public static native String isAcceptableRequest(String input);
+
+    /**
+     * Check that an atomic is acceptable, with the given restrictions
+     *
+     * @param input     {@link Request} serialized as JSON.
+     * @param rangeTags the list of tags, which may be used for range statements,
+     *                  serialized as JSON.
+     * @param setTags   the list of tags, which may be used for membership
+     *                  statements, serialized as JSON.
+     * @param check     provides the function to check whether the statement value
+     *                  is acceptable.
+     * @return JSON representing {@link VoidResult}. If successful the field
+     *         'result' is empty,
+     *         but if not acceptable the reason will be contained in the error.
+     */
+    public static native String isAcceptableAtomicStatement(String input, String rangeTags, String setTags,
+            AcceptableRequest.RawAttributeCheck check);
 }

concordium-sdk/src/main/java/com/concordium/sdk/crypto/wallet/ErrorResult.java

@@ -0,0 +1,16 @@
+package com.concordium.sdk.crypto.wallet;
+
+import com.concordium.sdk.exceptions.JNIError;
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+public class ErrorResult extends StringResult {
+
+    @JsonCreator
+    ErrorResult(
+            @JsonProperty("Ok") String ok,
+            @JsonProperty("Err") JNIError err
+    ) {
+        super(ok, err);
+    }
+}

concordium-sdk/src/main/java/com/concordium/sdk/crypto/wallet/web3Id/AcceptableRequest.java

@@ -0,0 +1,101 @@
+package com.concordium.sdk.crypto.wallet.web3Id;
+
+import java.util.List;
+import com.concordium.sdk.crypto.CryptoJniNative;
+import com.concordium.sdk.crypto.NativeResolver;
+import com.concordium.sdk.crypto.wallet.ErrorResult;
+import com.concordium.sdk.crypto.wallet.StringResult;
+import com.concordium.sdk.crypto.wallet.web3Id.Statement.AtomicStatement;
+import com.concordium.sdk.exceptions.CryptoJniException;
+import com.concordium.sdk.serializing.JsonMapper;
+import com.fasterxml.jackson.core.JsonProcessingException;
+
+public class AcceptableRequest {
+    // Static block to load native library.
+    static {
+        NativeResolver.loadLib();
+    }
+
+    /**
+     * Check that a request is acceptable:
+     * That range statements are only on the attributes "dob", "idiDocIssuedAt" or
+     * "idDocExpiredAt"
+     * That membership statement are only on the attributes "Country of residence",
+     * "Nationality", "IdDocType" or "IdDocIssuer"
+     * That attribute tags are not reused within a credentialStatement
+     *
+     * @param input the request that should be checked
+     * @throws NotAcceptableException if the request is not acceptable
+     * @Throws CryptoJniException if there an error occurs duting the check
+     * @returns if the request is acceptable, otherwise throws a
+     *          NotAcceptableException
+     */
+    public static void acceptableRequest(QualifiedRequest request) throws NotAcceptableException {
+        ErrorResult result = null;
+        try {
+            String jsonStr = CryptoJniNative.isAcceptableRequest(JsonMapper.INSTANCE.writeValueAsString(request));
+            result = JsonMapper.INSTANCE.readValue(jsonStr, ErrorResult.class);
+        } catch (JsonProcessingException e) {
+            throw new RuntimeException(e);
+        }
+        if (!result.isSuccess()) {
+            throw CryptoJniException.from(result.getErr());
+        }
+        if (result.getResult() != null) {
+            throw new NotAcceptableException(result.getResult());
+        }
+    }
+
+    /**
+     * Check that a statement is acceptable
+     *
+     * @param statement      the statement that should be checked
+     * @param rangeTag       the attribute tags that may be used for range
+     *                       statements
+     * @param setTags        the attribute tags that may be used for set statements
+     * @param attributeCheck custom check on the value of the statement.
+     * @throws NotAcceptableException if the request is not acceptable
+     * @Throws CryptoJniException if there an error occurs duting the check
+     * @returns if the request is acceptable, otherwise throws a
+     *          NotAcceptableException
+     */
+    public static void acceptableAtomicStatement(AtomicStatement statement, List<String> rangeTags,
+            List<String> setTags, AttributeCheck attributeCheck) throws NotAcceptableException {
+        StringResult result = null;
+        try {
+
+            String jsonStr = CryptoJniNative.isAcceptableAtomicStatement(
+                    JsonMapper.INSTANCE.writeValueAsString(statement),
+                    JsonMapper.INSTANCE.writeValueAsString(rangeTags),
+                    JsonMapper.INSTANCE.writeValueAsString(setTags),
+                    new RawAttributeCheck(attributeCheck));
+            result = JsonMapper.INSTANCE.readValue(jsonStr, StringResult.class);
+        } catch (JsonProcessingException e) {
+            throw new RuntimeException(e);
+        }
+        if (!result.isSuccess()) {
+            throw CryptoJniException.from(result.getErr());
+        }
+        if (result.getResult() != null) {
+            throw new NotAcceptableException(result.getResult());
+        }
+    }
+
+    public static class RawAttributeCheck {
+        AttributeCheck checker;
+
+        public RawAttributeCheck(AttributeCheck checker) {
+            this.checker = checker;
+        }
+
+        public void check_attribute(String tag, String value) throws Exception {
+            checker.checkAttribute(tag, JsonMapper.INSTANCE.readValue(value, CredentialAttribute.class));
+        }
+    }
+
+    public static class NotAcceptableException extends Exception {
+        public NotAcceptableException(String errorMessage) {
+            super(errorMessage);
+        }
+    }
+}

concordium-sdk/src/main/java/com/concordium/sdk/crypto/wallet/web3Id/AttributeCheck.java

@@ -0,0 +1,12 @@
+package com.concordium.sdk.crypto.wallet.web3Id;
+
+
+public interface AttributeCheck {
+    /**
+     * This check should throw an exception if the given attribute value is not valid.
+     * @param tag the attribute tag for the statement
+     * @param value the attribute value used in the statement
+     * @throws Exception to indicate the attribute is not valid.
+    */
+    public void checkAttribute(String tag, CredentialAttribute value) throws Exception;
+}

concordium-sdk/src/test/java/com/concordium/sdk/crypto/wallet/web3Id/RequestStatementTest.java

@@ -4,6 +4,7 @@
 import static org.junit.Assert.assertTrue;
 
 import java.nio.charset.Charset;
+import java.util.Collections;
 import java.util.List;
 
 import org.junit.Test;
@@ -12,8 +13,11 @@
 import com.concordium.sdk.crypto.wallet.FileHelpers;
 import com.concordium.sdk.crypto.wallet.Network;
 import com.concordium.sdk.crypto.wallet.identityobject.IdentityObject;
+import com.concordium.sdk.crypto.wallet.web3Id.AcceptableRequest.NotAcceptableException;
+import com.concordium.sdk.crypto.wallet.web3Id.CredentialAttribute.CredentialAttributeType;
 import com.concordium.sdk.crypto.wallet.web3Id.Statement.AtomicStatement;
 import com.concordium.sdk.crypto.wallet.web3Id.Statement.QualifiedRequestStatement;
+import com.concordium.sdk.crypto.wallet.web3Id.Statement.RangeStatement;
 import com.concordium.sdk.crypto.wallet.web3Id.Statement.RequestStatement;
 import com.concordium.sdk.crypto.wallet.web3Id.Statement.StatementType;
 import com.concordium.sdk.serializing.JsonMapper;
@@ -51,6 +55,49 @@ public void testGetsUnsatisfiedStatement() throws Exception {
         assertEquals(requestStatement1.getStatement().get(0), unsatisfied.get(0));
     }
 
+    @Test
+    public void testIsAcceptableRequest() throws Exception {
+        QualifiedRequest request = ProofTest.loadRequest("accountRequest.json");
+        AcceptableRequest.acceptableRequest(request);
+    }
+
+    @Test
+    public void testIsAcceptableAtomicStatement() throws NotAcceptableException {
+        AtomicStatement statement = RangeStatement.builder().attributeTag("dob")
+                .lower(CredentialAttribute.builder().type(CredentialAttributeType.STRING).value("20140112").build())
+                .upper(CredentialAttribute.builder().type(CredentialAttributeType.STRING).value("20150112").build())
+                .build();
+
+        AcceptableRequest.acceptableAtomicStatement(statement, Collections.singletonList("dob"), Collections.emptyList(), new AttributeCheck() {
+            @Override
+            public void checkAttribute(String tag, CredentialAttribute value) {}});
+    }
+
+    @Test(expected = AcceptableRequest.NotAcceptableException.class)
+    public void testIllegalTagStatementThrowsNotAcceptable() throws NotAcceptableException {
+        AtomicStatement statement = RangeStatement.builder().attributeTag("dob")
+                .lower(CredentialAttribute.builder().type(CredentialAttributeType.STRING).value("20140112").build())
+                .upper(CredentialAttribute.builder().type(CredentialAttributeType.STRING).value("20150112").build())
+                .build();
+
+        AcceptableRequest.acceptableAtomicStatement(statement, Collections.emptyList(), Collections.emptyList(), new AttributeCheck() {
+            @Override
+            public void checkAttribute(String tag, CredentialAttribute value) {}});
+    }
+
+    @Test(expected = AcceptableRequest.NotAcceptableException.class)
+    public void testAttributeCheckThrowingErrorReturnsNotAcceptable() throws NotAcceptableException {
+        AtomicStatement statement = RangeStatement.builder().attributeTag("dob")
+                .lower(CredentialAttribute.builder().type(CredentialAttributeType.STRING).value("20140112").build())
+                .upper(CredentialAttribute.builder().type(CredentialAttributeType.STRING).value("20150112").build())
+                .build();
+
+        AcceptableRequest.acceptableAtomicStatement(statement, Collections.emptyList(), Collections.emptyList(), new AttributeCheck() {
+            @Override
+            public void checkAttribute(String tag, CredentialAttribute value) throws Exception {
+                throw new Exception("Not okay");
+            }});
+    }
     @Test
     public void testCanQualifyStatement() throws Exception {
         // Arrange
@@ -61,6 +108,7 @@ public void testCanQualifyStatement() throws Exception {
                 "8a3a87f3f38a7a507d1e85dc02a92b8bcaa859f5cf56accb3c1bc7c40e1789b4933875a38dd4c0646ca3e940a02c42d8");
         ContractAddress contractAddress = ContractAddress.from(1232, 3);
         ED25519PublicKey publicKey = ED25519PublicKey
+
                 .from("16afdb3cb3568b5ad8f9a0fa3c741b065642de8c53e58f7920bf449e63ff2bf9");
 
         // Act