This repository has been archived by the owner on Jun 20, 2023. It is now read-only.
DOB hash calculation & wiring (EXPOSUREAPP-7488, EXPOSUREAPP-7509) #3317
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Member
d4rken
commented
May 28, 2021
•
d4rken
commented
- Adds date of birth hash calculation for PCR test registration
- Wires up date of birth hash to be passed from to verification server (UI test registration request -> corona test repo -> test processor -> playbook -> server -> api)
- Extends verification server API with new attribute and adjusts request padding calculation
…ated properties. +Some additional wiring, plumbing and tests for future PRs.
# Conflicts: # Corona-Warn-App/src/main/java/de/rki/coronawarnapp/coronatest/type/rapidantigen/RapidAntigenProcessor.kt
…tests' into feature/7487-dgc-properties-for-tests
d4rken
changed the base branch from
release/2.4.x
to
feature/7487-dgc-properties-for-tests
mtwalli
previously approved these changes
May 28, 2021
Base automatically changed from
feature/7487-dgc-properties-for-tests
to
release/2.4.x
May 28, 2021 13:21
Some refactoring to make it less complicated to adjust for future changes.
# Conflicts: # Corona-Warn-App/src/main/java/de/rki/coronawarnapp/coronatest/type/pcr/PCRProcessor.kt
d4rken
changed the title
d4rken
commented
May 31, 2021
| @SerializedName("requestPadding") val requestPadding: String? = null | ||
| @SerializedName("keyType") val keyType: VerificationKeyType, | ||
| @SerializedName("key") val key: String, | ||
| @SerializedName("keyDob") val dateOfBirthKey: String? = null, |
There was a problem hiding this comment.
The new optional attribute
d4rken
commented
May 31, 2021
Comment on lines
+6
to
+10
| @SerializedName("GUID") | ||
| GUID, | ||
|
|
||
| @SerializedName("TELETAN") | ||
| TELETAN; |
There was a problem hiding this comment.
We previously just relied on the enums never being renamed or obfuscated, this was a bit too fragile for my taste.
d4rken
commented
May 31, 2021
Comment on lines
+187
to
+212
| /** | ||
| * The specific sizes are not important, but all requests should be padded up to the same size. | ||
| * Pick a total size that is guaranteed to be above or equal to the maximum size a request can be. | ||
| */ | ||
| // `"requestPadding":""` | ||
| private const val BODY_SIZE_PADDING_OVERHEAD = 19 // | ||
|
|
||
| // `{}` json brackets | ||
| private const val BODY_SIZE_OVERHEAD = BODY_SIZE_PADDING_OVERHEAD + 2 | ||
| private const val BODY_SIZE_EXPECTED = 250 | ||
|
|
||
| /** | ||
| * The header itself is larger. | ||
| * We care about the header fields we set that are request specific. | ||
| * We don't need to pad for device specific fields set by OK http. | ||
| */ | ||
| // `POST /version/v1/registrationToken` -> 34 (longest method + url atm) use 64 to have a buffer | ||
| private const val HEADER_SIZE_LONGEST_METHOD = 34 | ||
|
|
||
| const val PADDING_LENGTH_HEADER_REGISTRATION_TOKEN = 0 | ||
| const val PADDING_LENGTH_BODY_REGISTRATION_TOKEN_TELETAN = 51 + VERIFICATION_BODY_FILL | ||
| const val PADDING_LENGTH_BODY_REGISTRATION_TOKEN_GUID = 0 + VERIFICATION_BODY_FILL | ||
| // `cwa-fake 0\n` -> 12 | ||
| private const val HEADER_SIZE_VAL_FAKE = 12 | ||
|
|
||
| // padding test result | ||
| const val PADDING_LENGTH_HEADER_TEST_RESULT = 7 | ||
| const val PADDING_LENGTH_BODY_TEST_RESULT = 31 + VERIFICATION_BODY_FILL | ||
| // `cwa-header-padding\n` -> 22 | ||
| private const val HEADER_SIZE_VAL_PADDING = 22 | ||
| private const val HEADER_SIZE_OVERHEAD = HEADER_SIZE_VAL_FAKE + HEADER_SIZE_VAL_PADDING | ||
| private const val HEADER_SIZE_OUR_DATA = HEADER_SIZE_LONGEST_METHOD + HEADER_SIZE_OVERHEAD |
There was a problem hiding this comment.
We pad the request for plausible deniability, so they all have the same size.
Previously the padding was difficult to understand why a certain value was picked, as we summed up the differences to other API requests, this was a bit too 🧙.
This PR changes the padding calculation to start of with an expected size, and then each API call subtracts its own size, and what we are left with is the required padding.
d4rken
commented
May 31, 2021
Comment on lines
+16
to
+20
| val key by lazy { | ||
| val dobFormatted = dateOfBirth.toString(DOB_FORMATTER) | ||
| val keyHash = "${testGuid}$dobFormatted".toSHA256() | ||
| "x${keyHash.substring(1)}" | ||
| } |
There was a problem hiding this comment.
Date of Birth hash calculation
kolyaopahle
approved these changes
May 31, 2021
|
Kudos, SonarCloud Quality Gate passed! |
chris-cwa
approved these changes
May 31, 2021
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.