Merge pull request #1591 from andrewwhitehead/fix/askar-rev

Fixes for revocable credential issuance
hyperledger · Jan 10, 2022 · 686a6f6 · 686a6f6
2 parents f7ca8e0 + e8d90d4
commit 686a6f6
Show file tree

Hide file tree

Showing 2 changed files with 66 additions and 64 deletions.
diff --git a/aries_cloudagent/indy/credx/issuer.py b/aries_cloudagent/indy/credx/issuer.py
@@ -279,63 +279,67 @@ async def create_credential(
 
  if revoc_reg_id:
  try:
- txn = await self._profile.transaction()
- rev_reg = await txn.handle.fetch(CATEGORY_REV_REG, revoc_reg_id)
- rev_reg_info = await txn.handle.fetch(
- CATEGORY_REV_REG_INFO, revoc_reg_id, for_update=True
- )
- rev_reg_def = await txn.handle.fetch(CATEGORY_REV_REG_DEF, revoc_reg_id)
- rev_key = await txn.handle.fetch(
- CATEGORY_REV_REG_DEF_PRIVATE, revoc_reg_id
- )
- if not rev_reg:
- raise IndyIssuerError("Revocation registry not found")
- if not rev_reg_info:
- raise IndyIssuerError("Revocation registry metadata not found")
- if not rev_reg_def:
- raise IndyIssuerError("Revocation registry definition not found")
- if not rev_key:
- raise IndyIssuerError(
- "Revocation registry definition private data not found"
+ async with self._profile.transaction() as txn:
+ rev_reg = await txn.handle.fetch(CATEGORY_REV_REG, revoc_reg_id)
+ rev_reg_info = await txn.handle.fetch(
+ CATEGORY_REV_REG_INFO, revoc_reg_id, for_update=True
  )
- # NOTE: we increment the index ahead of time to keep the
- # transaction short. The revocation registry itself will NOT
- # be updated because we always use ISSUANCE_BY_DEFAULT.
- # If something goes wrong later, the index will be skipped.
- # FIXME - double check issuance type in case of upgraded wallet?
- rev_info = rev_reg_info.value_json
- rev_reg_index = rev_info["curr_id"] + 1
- try:
- rev_reg_def = RevocationRegistryDefinition.load(
- rev_reg_def.raw_value
+ rev_reg_def = await txn.handle.fetch(
+ CATEGORY_REV_REG_DEF, revoc_reg_id
  )
- except CredxError as err:
- raise IndyIssuerError(
- "Error loading revocation registry definition"
- ) from err
- if rev_reg_index > rev_reg_def.max_cred_num:
- raise IndyIssuerRevocationRegistryFullError(
- "Revocation registry is full"
+ rev_key = await txn.handle.fetch(
+ CATEGORY_REV_REG_DEF_PRIVATE, revoc_reg_id
+ )
+ if not rev_reg:
+ raise IndyIssuerError("Revocation registry not found")
+ if not rev_reg_info:
+ raise IndyIssuerError("Revocation registry metadata not found")
+ if not rev_reg_def:
+ raise IndyIssuerError(
+ "Revocation registry definition not found"
+ )
+ if not rev_key:
+ raise IndyIssuerError(
+ "Revocation registry definition private data not found"
+ )
+ # NOTE: we increment the index ahead of time to keep the
+ # transaction short. The revocation registry itself will NOT
+ # be updated because we always use ISSUANCE_BY_DEFAULT.
+ # If something goes wrong later, the index will be skipped.
+ # FIXME - double check issuance type in case of upgraded wallet?
+ rev_info = rev_reg_info.value_json
+ rev_reg_index = rev_info["curr_id"] + 1
+ try:
+ rev_reg_def = RevocationRegistryDefinition.load(
+ rev_reg_def.raw_value
+ )
+ except CredxError as err:
+ raise IndyIssuerError(
+ "Error loading revocation registry definition"
+ ) from err
+ if rev_reg_index > rev_reg_def.max_cred_num:
+ raise IndyIssuerRevocationRegistryFullError(
+ "Revocation registry is full"
+ )
+ rev_info["curr_id"] = rev_reg_index
+ await txn.handle.replace(
+ CATEGORY_REV_REG_INFO, revoc_reg_id, value_json=rev_info
  )
- rev_info["curr_id"] = rev_reg_index
- await txn.handle.replace(
- CATEGORY_REV_REG_INFO, revoc_reg_id, value_json=rev_info
- )
 
- issuer_cr_rec = IssuerCredRevRecord(
- state=IssuerCredRevRecord.STATE_ISSUED,
- cred_ex_id=cred_ex_id,
- rev_reg_id=revoc_reg_id,
- cred_rev_id=str(rev_reg_index),
- )
- await issuer_cr_rec.save(
- txn,
- reason=(
- "Created issuer cred rev record for "
- f"rev reg id {revoc_reg_id}, {rev_reg_index}"
- ),
- )
- await txn.commit()
+  issuer_cr_rec = IssuerCredRevRecord(
+  state=IssuerCredRevRecord.STATE_ISSUED,
+  cred_ex_id=cred_ex_id,
+  rev_reg_id=revoc_reg_id,
+  cred_rev_id=str(rev_reg_index),
+  )
+  await issuer_cr_rec.save(
+  txn,
+  reason=(
+  "Created issuer cred rev record for "
+  f"rev reg id {revoc_reg_id}, {rev_reg_index}"
+  ),
+  )
+  await txn.commit()
  except AskarError as err:
  raise IndyIssuerError(
  "Error updating revocation registry index"

diff --git a/aries_cloudagent/revocation/routes.py b/aries_cloudagent/revocation/routes.py
@@ -1081,7 +1081,7 @@ async def on_revocation_registry_event(profile: Profile, event: Event):
  try:
  tails_base_url = profile.settings.get("tails_server_base_url")
  if not tails_base_url:
- raise RevocationError(reason="tails_server_base_url not configured")
+ raise RevocationError("tails_server_base_url not configured")
 
  # Create registry
  revoc = IndyRevocation(profile)
@@ -1103,7 +1103,7 @@ async def on_revocation_registry_event(profile: Profile, event: Event):
  endorser_did=endorser_did,
  )
  except RevocationError as e:
- raise RevocationError(reason=e.message) from e
+ raise RevocationError(e.message) from e
  except RevocationNotSupportedError as e:
  raise RevocationNotSupportedError(reason=e.message) from e
 
@@ -1179,7 +1179,7 @@ async def on_revocation_entry_event(profile: Profile, event: Event):
  try:
  tails_base_url = profile.settings.get("tails_server_base_url")
  if not tails_base_url:
- raise RevocationError(reason="tails_server_base_url not configured")
+ raise RevocationError("tails_server_base_url not configured")
 
  revoc = IndyRevocation(profile)
  registry_record = await revoc.get_issuer_rev_reg_record(rev_reg_id)
@@ -1189,9 +1189,9 @@ async def on_revocation_entry_event(profile: Profile, event: Event):
  endorser_did=endorser_did,
  )
  except RevocationError as e:
- raise RevocationError(reason=e.message) from e
+ raise RevocationError(e.message) from e
  except RevocationNotSupportedError as e:
- raise RevocationError(reason=e.message) from e
+ raise RevocationError(e.message) from e
 
  if not create_transaction_for_endorser:
  meta_data = event.payload
@@ -1210,7 +1210,7 @@ async def on_revocation_entry_event(profile: Profile, event: Event):
  meta_data=event.payload,
  )
  except StorageError as err:
- raise RevocationError(reason=err.roll_up) from err
+ raise RevocationError(err.roll_up) from err
 
  # if auto-request, send the request to the endorser
  if profile.settings.get_value("endorser.auto_request"):
@@ -1225,7 +1225,7 @@ async def on_revocation_entry_event(profile: Profile, event: Event):
  # endorser_write_txn=endorser_write_txn,
  )
  except (StorageError, TransactionManagerError) as err:
- raise RevocationError(reason=err.roll_up) from err
+ raise RevocationError(err.roll_up) from err
 
  async with profile.session() as session:
  responder = session.inject_or(BaseResponder)
@@ -1246,7 +1246,7 @@ async def on_revocation_tails_file_event(profile: Profile, event: Event):
  """Handle revocation tails file event."""
  tails_base_url = profile.settings.get("tails_server_base_url")
  if not tails_base_url:
- raise RevocationError(reason="tails_server_base_url not configured")
+ raise RevocationError("tails_server_base_url not configured")
 
  tails_server = profile.inject(BaseTailsServer)
  revoc_reg_id = event.payload["context"]["rev_reg_id"]
@@ -1261,9 +1261,7 @@ async def on_revocation_tails_file_event(profile: Profile, event: Event):
  )
  if not upload_success:
  raise RevocationError(
- reason=(
- f"Tails file for rev reg {revoc_reg_id} " f"failed to upload: {reason}"
- )
+ f"Tails file for rev reg {revoc_reg_id} failed to upload: {reason}"
  )
 
  # create a "pending" registry if one is requested