Merge pull request #29 from corona-warn-app/fix/signing-race-condition

ascheibal · web-flow · commit 177336a3ed6c · 2021-06-16T22:54:10.000+02:00
Fix: Possible Race Condition when Signing DCC
diff --git a/src/main/java/app/coronawarn/dcc/controller/InternalDccController.java b/src/main/java/app/coronawarn/dcc/controller/InternalDccController.java
@@ -116,12 +116,10 @@ public ResponseEntity<?> uploadDcc(
       throw new DccServerException(HttpStatus.BAD_REQUEST, "Invalid Base64 in DEK or encrypted DCC.");
     }
 
-    dccRegistrationService.updateDccRegistration(
-      dccRegistration,
-      uploadRequest.getDccHash(),
-      uploadRequest.getEncryptedDcc(),
-      uploadRequest.getDataEncryptionKey(),
-      partnerId);
+    dccRegistration.setDccHash(uploadRequest.getDccHash());
+    dccRegistration.setDccEncryptedPayload(uploadRequest.getEncryptedDcc());
+    dccRegistration.setEncryptedDataEncryptionKey(uploadRequest.getDataEncryptionKey());
+    dccRegistration.setPartnerId(partnerId);
 
     try {
       dccRegistration = dccService.sign(dccRegistration);
@@ -140,6 +138,13 @@ public ResponseEntity<?> uploadDcc(
         .body(new DccUnexpectedError(dccRegistration.getError()));
     }
 
+    dccRegistrationService.updateDccRegistration(
+      dccRegistration,
+      uploadRequest.getDccHash(),
+      uploadRequest.getEncryptedDcc(),
+      uploadRequest.getDataEncryptionKey(),
+      partnerId);
+
     return ResponseEntity.ok(new DccUploadResponse(dccRegistration.getDcc()));
   }
 }
diff --git a/src/main/java/app/coronawarn/dcc/service/DccRegistrationService.java b/src/main/java/app/coronawarn/dcc/service/DccRegistrationService.java
@@ -36,6 +36,7 @@
 import java.util.Base64;
 import java.util.List;
 import java.util.Optional;
+import javax.validation.constraints.NotNull;
 import lombok.Getter;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
@@ -133,24 +134,30 @@ public DccRegistration updateDccRegistration(
 
   /**
    * Sets the Error Property on a DCC Registration and saves it into DB.
+   * This method also deletes previously saved DCC details from entity.
    *
    * @param registration The target DCC Registration
    * @param reason       the new Error Reason
    * @return the updated Registration Entity
    */
   public DccRegistration setError(DccRegistration registration, DccErrorReason reason) {
+    registration.setDcc(null);
+    registration.setDccHash(null);
+    registration.setPartnerId(null);
+    registration.setEncryptedDataEncryptionKey(null);
     registration.setError(reason);
     return dccRegistrationRepository.save(registration);
   }
 
   /**
-   * Sets the DCC Property on a DCC Registration and saves it into DB.
+   * Sets the DCC Property and resets error on a DCC Registration and saves it into DB.
    *
    * @param registration The target DCC Registration
    * @param dcc          the base64 encoded DCC
    * @return the updated Registration Entity
    */
-  public DccRegistration setDcc(DccRegistration registration, String dcc) {
+  public DccRegistration setDcc(DccRegistration registration, @NotNull String dcc) {
+    registration.setError(null);
     registration.setDcc(dcc);
     return dccRegistrationRepository.save(registration);
   }
diff --git a/src/main/java/app/coronawarn/dcc/service/DccService.java b/src/main/java/app/coronawarn/dcc/service/DccService.java
@@ -76,14 +76,7 @@ public DccRegistration sign(DccRegistration registration) throws DccGenerateExce
       }
     }
 
-    registration = dccRegistrationService.setDcc(registration, Base64.getEncoder().encodeToString(coseBytes));
-
-    // Reset Error if everything is ok and it previously exists
-    if (registration.getError() != null) {
-      dccRegistrationService.setError(registration, null);
-    }
-
-    return registration;
+    return dccRegistrationService.setDcc(registration, Base64.getEncoder().encodeToString(coseBytes));
   }
 
   private byte[] callSigningApiWithRetry(String hashBase64, String hashedLabId, String hashedDcci) {
diff --git a/src/test/java/app/coronawarn/dcc/service/DccServiceTest.java b/src/test/java/app/coronawarn/dcc/service/DccServiceTest.java
@@ -224,6 +224,11 @@ void testSigningFailedOnFirstRequestButSuccessOnSecond() throws NoSuchAlgorithmE
     Assertions.assertEquals(DccErrorReason.SIGNING_SERVER_ERROR, registrationWithFailedSigning.getError());
     Assertions.assertNull(registrationWithFailedSigning.getDcc());
 
+    registrationWithFailedSigning.setDccHash(dccHash);
+    registrationWithFailedSigning.setDccEncryptedPayload(Base64.getEncoder().encodeToString(encryptedDcc));
+    registrationWithFailedSigning.setEncryptedDataEncryptionKey(Base64.getEncoder().encodeToString(encryptedDek));
+    registrationWithFailedSigning.setPartnerId(partnerId);
+
     Assertions.assertDoesNotThrow(() -> dccService.sign(registrationWithFailedSigning));
 
     registration = dccRegistrationService.findByRegistrationToken(registrationTokenValue).orElseThrow();

Original file line number	Diff line number	Diff line change
`@@ -76,14 +76,7 @@ public DccRegistration sign(DccRegistration registration) throws DccGenerateExce`
`76`	`76`	`}`
`77`	`77`	`}`
`78`	`78`
`79`		`- registration = dccRegistrationService.setDcc(registration, Base64.getEncoder().encodeToString(coseBytes));`
`80`		`-`
`81`		`- // Reset Error if everything is ok and it previously exists`
`82`		`- if (registration.getError() != null) {`
`83`		`- dccRegistrationService.setError(registration, null);`
`84`		`- }`
`85`		`-`
`86`		`- return registration;`
	`79`	`+ return dccRegistrationService.setDcc(registration, Base64.getEncoder().encodeToString(coseBytes));`
`87`	`80`	`}`
`88`	`81`
`89`	`82`	`private byte[] callSigningApiWithRetry(String hashBase64, String hashedLabId, String hashedDcci) {`