Securely Store Location Data + Other improvements #747
Conversation
Securely store locations in encrypted Realm db
|
@tstirrat @kenpugsley Can you assign yourselves as reviewers? |
|
Encryption review is pending. Lets hold off on merging until we get an approval. |
android/app/src/main/java/org/pathcheck/covidsafepaths/storage/Location.kt
Show resolved
Hide resolved
|
Great work! |
|
This is wonderful stuff @troach-sf . |
troach-sf
force-pushed
the
feature/secure-location-stroage
branch
from
51ce4b2
to
f50f857
Compare
|
@tstirrat, I've completed testing on both sides. Looks like there is 1 conflicting file that needs to be resolved now. I'll merge that in tomorrow morning. |
…ation-stroage # Conflicts: # app/views/LocationTracking.js
|
Thanks! How does one run the native tests? It would be good to encode that into 2 more jobs in the |
|
I just wrote a document on how to manually capture encryption key for develop builds to allow for opening the database. This should help for manual tests. https://gist.github.com/troach-sf/f257bb7b80e6dddd4f3bade81b7b1410 For running the automatic tests. Android: iOS: |
|
Right now Android requires a device/emulator. I don't think Realm is compatible with Robolectric for unit testing without a device. That may make it tricky to get working on GH Actions. |
|
Note to others ... I'm currently working on doing some functional testing on this, and will try to run new native tests locally. |
This doesn't work for me. It's failing in the geolocation tests ... any ideas? |
|
@kenpugsley ah sorry, run :app:androidConnectedTest to limit to just our own tests. Good eye on the backfill. I discussed this with @Ferrumofomega and @tremblerz that we would only store real locations in the db. It would be easy enough to add backfilling in on the js layer when pulling locations. After discussing that a bit, I believe we came to an agreement that if there is a delay we shouldn't make assumptions someone stayed in one spot if the previous location had barely changed. I'll leave that up to you all to decide, but if we add it back in, rather than throwing assumed locations in the db, we should only add during processing. |
I think that logic applies to the intersection, but this also have effects on the flow of data to safe paths. I see the point about not wanting location data that is inferred stored, but this will be a breaking change to the "contract" (not that there is one explicitly) with Safe Places. If we don't store the points in the local db, then in both the intersection as well as the data export we have to remember to backfill the gaps. Seems like a service layer thing to me. |
|
Closing this in favor of #788 where we are automating tests and merging conflicts. |
I'm getting compilation errors (Android) when I add this immediately after SecureRandom().nextBytes(newKey) in getEncryptionKey() |
|
@AdamLeonSmith, I have updated the gist. There was a missing ")". |
Securely store locations in encrypted Realm db
This PR securely stores all captured Geolocation coordinates in an encrypted Realm database.
Linked issues:
#527
Fixes safe-paths-contrib#29
How to test
For debug builds, you can download the Realm database inside the apps storage. You can open the database using Realm Studio: https://realm.io/products/realm-studio/. Because the database is encrypted, you will need to log a hex-encoded encryption key.