Skip to content
This repository has been archived by the owner on May 16, 2023. It is now read-only.

Payload Signature verification #1810

Merged
merged 1 commit into from
Apr 27, 2022
Merged

Payload Signature verification #1810

merged 1 commit into from
Apr 27, 2022

Conversation

ioangut
Copy link
Contributor

@ioangut ioangut commented Apr 27, 2022

Description

Dcc revocation list payload signature verification

@ioangut ioangut marked this pull request as ready for review April 27, 2022 08:10
@ioangut ioangut requested review from a team, T-Bendrath and AliceBilc April 27, 2022 08:10
@ioangut ioangut changed the base branch from main to release/2.22 April 27, 2022 08:18
@ioangut ioangut changed the base branch from release/2.22 to main April 27, 2022 08:18
hilmarf
hilmarf reviewed Apr 27, 2022
View reviewed changes
...in/java/app/coronawarn/server/services/distribution/dcc/decode/DccRevocationListDecoder.java
Comment on lines +42 to +49
PublicKey publicKey = getPublicKeyFromString(
distributionServiceConfig.getDccRevocation().getClient().getPublicKey());
CBORObject cborObject = CBORObject.DecodeFromBytes(data);
byte[] ecdsaSignature = getEcdsaEncodeFromSignature(cborObject.get(3).GetByteString());
ArrayList<Object> signedPayload = new ArrayList<>(Arrays.asList("Signature1", cborObject.get(0).GetByteString(),
new byte[0], cborObject.get(2).GetByteString()));

ecdsaSignatureVerification(ecdsaSignature, publicKey, cborEncode(signedPayload));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we have tests for this?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes

@hilmarf hilmarf added this to the 2.22 milestone Apr 27, 2022
@hilmarf hilmarf merged commit 2f2c7f4 into main Apr 27, 2022
@hilmarf hilmarf deleted the revocation-payload-signature branch April 27, 2022 08:30
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@hilmarf hilmarf hilmarf approved these changes

@T-Bendrath T-Bendrath Awaiting requested review from T-Bendrath

@AliceBilc AliceBilc Awaiting requested review from AliceBilc

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
2.22
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@ioangut @hilmarf