Implemented 3.12, 5.2

FitConnect/Services/Models/v1/Api/Problems.cs

@@ -13,6 +13,7 @@ public class Problems {
     public const string TitleAuthenticationTagInvalid = "Authentication-Tag ungültig";
     public const string DetailAuthenticationTagMissing = "Das Event 'submit-submission' enthält keine Authentication-Tags.";
     public const string DetailAuthenticationMetadataInvalid = "Das Authentication-Tag des Metadatensatzes ist ungültig.";
+    public const string DetailAuthenticationAttachmentInvalid = "Das Authentication-Tag der Anlage {attachmentId} ist ungültig.";
     
     public const string TitleEncryptionIssue = "Entschlüsselungs-Fehler";
     public const string DetailEncryptionIssue = "Die Entschlüsselung des Metadatensatzes ist fehlgeschlagen.";
@@ -78,7 +79,7 @@ public class Problems {
         switch (problemType) {
             case ProblemTypeEnum.MissingAttachments:
                 type += "missing-attachment";
-                title = TitleEventLogInconsistent;
+                title = TitleAttachmentsMismatch;
                 instance = "submission";
                 break;
             case ProblemTypeEnum.AttachmentMismatch:
@@ -178,7 +179,7 @@ public class Problems {
             ProblemTypeEnum.AttachmentMismatch,
             "Fehlerhafte Anlagen-Liste",
             "Die Liste der Anlagen in Submission und Event-Log stimmt nicht überein.",
-            ProblemInstanceEnum.Submission);
+            ProblemInstanceEnum.Metadata);
 
     public static readonly Problems EncryptionIssue =
         new Problems(

FitConnect/Subscriber.cs

@@ -216,6 +216,8 @@ public class Subscriber : FitConnectClient,
             ? null
             : (JsonConvert.DeserializeObject(jsonString) as JObject)?["$schema"]?.ToString();
 
+    #region Check Submission and Reject if needed
+
     private void CheckDataSchema(string dataSchema, Submission submission) {
         var dataSchemaObject = JsonSchema.FromUrlAsync(dataSchema).Result;
         var jSchema = JSchema.Parse(dataSchemaObject.ToJson());
@@ -229,7 +231,6 @@ public class Subscriber : FitConnectClient,
         }
     }
 
-    #region Check Submission and Reject if needed
 
     private void VerifyDataHash(Submission submission, string dataString) {
         if (submission.Metadata?.ContentStructure.Data.Hash.Content ==
@@ -310,16 +311,28 @@ public class Subscriber : FitConnectClient,
     private void CheckAttachments(Submission submission,
         Dictionary<string, string> attachmentSignatures) {
         if (submission?.Attachments != null) {
-            if (submission.Attachments.Count != attachmentSignatures.Count) {
-                RejectSubmission(submission, Problems.AttachmentsMismatch);
-                throw new ArgumentException("Attachment count mismatch");
+            // SuccessCriteria:3.12
+            if (submission.Attachments.Count != attachmentSignatures.Count ||
+                !submission.Attachments.TrueForAll(a => attachmentSignatures.ContainsKey(a.Id))) {
+                var problem = new Problems(Problems.ProblemTypeEnum.AttachmentMismatch,
+                    Problems.DetailAttachmentsMismatch);
+                RejectSubmission(submission, problem);
+                throw new SecurityEventException(problem);
             }
 
+            // SuccessCriteria:5.2
+            var problems = new List<Problems>();
             foreach (var attachment in submission.Attachments) {
                 if (attachmentSignatures?[attachment.Id] !=
                     attachment.AttachmentAuthentication) {
-                    RejectSubmission(submission, Problems.IncorrectAuthenticationTag);
-                    throw new AggregateException("Attachment signature mismatch");
+                    var problem = new Problems(Problems.ProblemTypeEnum.IncorrectAuthenticationTag,
+                        Problems.DetailAuthenticationAttachmentInvalid);
+                    problems.Add(problem);
+                }
+
+                if (problems.Count > 0) {
+                    RejectSubmission(submission, problems.ToArray());
+                    throw new SecurityEventException(problems.ToArray());
                 }
             }
         }
@@ -463,6 +476,12 @@ public class SecurityEventException : Exception {
         Detail = problem.detail;
     }
 
+    public SecurityEventException(Problems[] problem, Exception? innerException = null) : base(
+        $"{problem[0].title}: {problem[0].detail}", innerException) {
+        Title = problem.Select(p => p.title).Aggregate((a, b) => a + "\r\n" + b);
+        Detail = problem.Select(p => p.detail).Aggregate((a, b) => a + "\r\n" + b);
+    }
+
     public SecurityEventException(string title, string detail, Exception? innerException = null) :
         base(
             $"{title}: {detail}", innerException) {

IntegrationTests/Sender/SenderTestHappyPath.cs

@@ -95,8 +95,8 @@ public class SenderTestHappyPath : SenderTestBase {
         public string Schema { get; set; } =
             "https://git.fitko.de/fit-connect/sdk-dotnet/-/raw/feature/594-auto-reject/simple_schema.json";
 
-        public string FirstName { get; set; }
-        public string LastName { get; set; }
+        public string? FirstName { get; set; }
+        public string? LastName { get; set; }
         public int Age { get; set; }
     }