From b76bbd2f212d244d6faab2fce85bad53dabe7fec Mon Sep 17 00:00:00 2001 From: Mykhailo Nester Date: Fri, 3 Sep 2021 17:28:59 +0300 Subject: [PATCH] - anonymize COSE content according to debug mode rules; (#60) --- .../verifier/app/decoder/cose/CoseService.kt | 2 ++ .../app/decoder/cose/DefaultCoseService.kt | 32 +++++++++++++++++++ 2 files changed, 34 insertions(+) diff --git a/decoder/src/main/java/dgca/verifier/app/decoder/cose/CoseService.kt b/decoder/src/main/java/dgca/verifier/app/decoder/cose/CoseService.kt index 21582a5..6895cfc 100644 --- a/decoder/src/main/java/dgca/verifier/app/decoder/cose/CoseService.kt +++ b/decoder/src/main/java/dgca/verifier/app/decoder/cose/CoseService.kt @@ -31,4 +31,6 @@ import dgca.verifier.app.decoder.model.VerificationResult interface CoseService { fun decode(input: ByteArray, verificationResult: VerificationResult): CoseData? + + fun anonymizeCose(input: ByteArray): ByteArray? } \ No newline at end of file diff --git a/decoder/src/main/java/dgca/verifier/app/decoder/cose/DefaultCoseService.kt b/decoder/src/main/java/dgca/verifier/app/decoder/cose/DefaultCoseService.kt index 522ce9d..e78d26a 100644 --- a/decoder/src/main/java/dgca/verifier/app/decoder/cose/DefaultCoseService.kt +++ b/decoder/src/main/java/dgca/verifier/app/decoder/cose/DefaultCoseService.kt @@ -23,6 +23,7 @@ package dgca.verifier.app.decoder.cose import COSE.HeaderKeys +import com.google.common.primitives.Bytes import com.upokecenter.cbor.CBORObject import dgca.verifier.app.decoder.model.CoseData import dgca.verifier.app.decoder.model.VerificationResult @@ -60,4 +61,35 @@ class DefaultCoseService : CoseService { unprotectedHeader.get(key) } } + + override fun anonymizeCose(input: ByteArray): ByteArray? { + return try { + val messageObject = CBORObject.DecodeFromBytes(input) + + val content = messageObject[2].EncodeToBytes() + val index = Bytes.indexOf(input, content) + + val newArray = ByteArray(input.size) + + val anonymize = ByteArray(content.size) + anonymize.forEachIndexed { i, _ -> + anonymize[i] = 0x58 + } + + System.arraycopy(input, 0, newArray, 0, index) + System.arraycopy(anonymize, 0, newArray, index, anonymize.size) + System.arraycopy( + input, + index + anonymize.size, + newArray, + index + anonymize.size, + input.size - (anonymize.size + index) + ) + + newArray + + } catch (e: Throwable) { + null + } + } } \ No newline at end of file