Implemented 4.2

d9af24d3 · Klaus Fischer · f00ec999 · d9af24d3 · d9af24d3 · d9af24d3
Commit d9af24d3 authored 2 years ago by Klaus Fischer
--- a/FitConnect/SecurityEventException.cs
+++ b/FitConnect/SecurityEventException.cs
+using FitConnect.Models.v1.Api;
+
+namespace FitConnect;
+
+public class SecurityEventException : Exception {
+    public string Title { get; }
+    public string Detail { get; }
+
+    public SecurityEventException(Problems problem, Exception? innerException = null) : base(
+        $"{problem.title}: {problem.detail}", innerException) {
+        Title = problem.title;
+        Detail = problem.detail;
+    }
+
+    public SecurityEventException(Problems[] problem, Exception? innerException = null) : base(
+        $"{problem[0].title}: {problem[0].detail}", innerException) {
+        Title = problem.Select(p => p.title).Aggregate((a, b) => a + "\r\n" + b);
+        Detail = problem.Select(p => p.detail).Aggregate((a, b) => a + "\r\n" + b);
+    }
+
+    public SecurityEventException(string title, string detail, Exception? innerException = null) :
+        base(
+            $"{title}: {detail}", innerException) {
+        Title = title;
+        Detail = detail;
+    }
+}
--- a/FitConnect/Services/Models/v1/Api/Problems.cs
+++ b/FitConnect/Services/Models/v1/Api/Problems.cs
@@ -12,11 +12,13 @@ public class Problems {
    public const string TitleAuthenticationTagMissing = "Fehlende Authentication-Tags";
    public const string TitleAuthenticationTagInvalid = "Authentication-Tag ungültig";
    public const string DetailAuthenticationTagMissing = "Das Event 'submit-submission' enthält keine Authentication-Tags.";
+    public const string DetailAuthenticationTagDataInvalid = "Das Authentication-Tag des Fachdatensatzes ist ungültig.";
    public const string DetailAuthenticationMetadataInvalid = "Das Authentication-Tag des Metadatensatzes ist ungültig.";
    public const string DetailAuthenticationAttachmentInvalid = "Das Authentication-Tag der Anlage {attachmentId} ist ungültig.";
    
    public const string TitleEncryptionIssue = "Entschlüsselungs-Fehler";
-    public const string DetailEncryptionIssue = "Die Entschlüsselung des Metadatensatzes ist fehlgeschlagen.";
+    public const string DetailEncryptionIssueMetadata = "Die Entschlüsselung des Metadatensatzes ist fehlgeschlagen.";
+    public const string DetailEncryptionIssueData = "Der Fachdatensatz konnte nicht entschlüsselt werden.";
    
    public const string TitleMissingData = "Fachdatensatz fehlt";
    public const string DetailMissingData = "Der Fachdatensatz fehlt.";
@@ -170,6 +172,7 @@ public class Problems {
        this.instance = problemInstance switch {
            ProblemInstanceEnum.Metadata => "metadata",
            ProblemInstanceEnum.Submission => "submission",
+            ProblemInstanceEnum.Data => "data",
            _ => throw new ArgumentOutOfRangeException(nameof(problemInstance), problemType, null)
        };
    }

--- a/FitConnect/Subscriber.cs
+++ b/FitConnect/Subscriber.cs
@@ -101,7 +101,7 @@ public class Subscriber : FitConnectClient,
        catch (Exception e) {
            // SuccessCriteria:3.2
            var problem = new Problems(Problems.ProblemTypeEnum.EncryptionIssue,
-                Problems.DetailEncryptionIssue);
+                Problems.DetailEncryptionIssueMetadata);
            RejectSubmission(submission, problem);
            throw new SecurityEventException(problem, e);
        }
@@ -164,9 +164,19 @@ public class Subscriber : FitConnectClient,


        if (submission.EncryptedData != null) {
-            var (dataString, _, dataHash) = Encryption.Decrypt(submission.EncryptedData);
-            submission.Data = dataString;
-            VerifyDataHash(submission, dataString);
+            try {
+                var (dataString, _, dataHash) = Encryption.Decrypt(submission.EncryptedData);
+                submission.Data = dataString;
+                VerifyDataHash(submission, dataString);
+            }
+            catch (Exception e) {
+                // SuccessCriteria: 4.2
+                var problem = new Problems(Problems.ProblemTypeEnum.EncryptionIssue,
+                    Problems.DetailEncryptionIssueMetadata, Problems.DetailEncryptionIssueData,
+                    Problems.ProblemInstanceEnum.Data);
+                RejectSubmission(problem);
+                throw new SecurityEventException(problem, e);
+            }
        }

        // SuccessCriteria:3.10
@@ -240,9 +250,12 @@ public class Subscriber : FitConnectClient,
            submission.Metadata?.ContentStructure.Data.Hash.Content,
            FitEncryption.CalculateHash(dataString));

-        // TODO: Check if problem is correct
+        // SuccessCriteria: 4.1
+        var problem = new Problems(Problems.ProblemTypeEnum.IncorrectAuthenticationTag,
+            Problems.TitleAuthenticationTagInvalid,
+            detail: Problems.DetailAuthenticationTagDataInvalid, Problems.ProblemInstanceEnum.Data);
        RejectSubmission(submission, Problems.EncryptionIssue);
-        throw new Exception("Data hash mismatch");
+        throw new SecurityEventException(problem);
    }


@@ -308,8 +321,13 @@ public class Subscriber : FitConnectClient,
        return submitEvent;
    }

+    /// <summary>
+    /// Checking Attachments
+    /// Criteria 3.12, 5.2
+    /// </summary>
+    /// <exception cref="SecurityEventException"></exception>
    private void CheckAttachments(Submission submission,
-        Dictionary<string, string> attachmentSignatures) {
+        IReadOnlyDictionary<string, string> attachmentSignatures) {
        if (submission?.Attachments != null) {
            // SuccessCriteria:3.12
            if (submission.Attachments.Count != attachmentSignatures.Count ||
@@ -465,27 +483,3 @@ public enum FinishSubmissionStatus {
    Rejected
    // Forwarded
 }
-
-public class SecurityEventException : Exception {
-    public string Title { get; }
-    public string Detail { get; }
-
-    public SecurityEventException(Problems problem, Exception? innerException = null) : base(
-        $"{problem.title}: {problem.detail}", innerException) {
-        Title = problem.title;
-        Detail = problem.detail;
-    }
-
-    public SecurityEventException(Problems[] problem, Exception? innerException = null) : base(
-        $"{problem[0].title}: {problem[0].detail}", innerException) {
-        Title = problem.Select(p => p.title).Aggregate((a, b) => a + "\r\n" + b);
-        Detail = problem.Select(p => p.detail).Aggregate((a, b) => a + "\r\n" + b);
-    }
-
-    public SecurityEventException(string title, string detail, Exception? innerException = null) :
-        base(
-            $"{title}: {detail}", innerException) {
-        Title = title;
-        Detail = detail;
-    }
-}