Merge pull request #32 from OSGP/feature/FDP-2239-hash-obv-nieuwe-psk

FDP-2239: use new psk for calculating hash
OSGP · May 31, 2024 · 0aa6795 · 0aa6795
2 parents f7f10a3 + 12e868a
commit 0aa6795
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 14 deletions.
diff --git a/application/src/main/kotlin/org/gxf/crestdeviceservice/coap/DownlinkService.kt b/application/src/main/kotlin/org/gxf/crestdeviceservice/coap/DownlinkService.kt
@@ -25,17 +25,14 @@ class DownlinkService(private val pskService: PskService) {
         logger.debug { "Check if device $identity needs key change" }
         if (pskService.needsKeyChange(identity)) {
             logger.info { "Device $identity needs key change" }
-            val oldKey =
-                pskService.getCurrentActiveKey(identity)
-                    ?: throw NoExistingPskException("No current key found to calculate hash")
             val newKey = pskService.setReadyKeyForIdentityAsPending(identity)
 
             // After setting a new psk, the device will send a new message if the psk set was
             // successful
             logger.debug {
                 "Create PSK set command for key for device ${newKey.identity} with revision ${newKey.revision} and status ${newKey.status}"
             }
-            return PskCommandCreator.createPskSetCommand(newKey, oldKey)
+            return PskCommandCreator.createPskSetCommand(newKey)
         }
 
         return RESPONSE_SUCCESS

diff --git a/application/src/main/kotlin/org/gxf/crestdeviceservice/coap/PskCommandCreator.kt b/application/src/main/kotlin/org/gxf/crestdeviceservice/coap/PskCommandCreator.kt
@@ -8,9 +8,9 @@ import org.gxf.crestdeviceservice.psk.entity.PreSharedKey
 
 object PskCommandCreator {
 
-    fun createPskSetCommand(newPreSharedKey: PreSharedKey, oldKey: String): String {
+    fun createPskSetCommand(newPreSharedKey: PreSharedKey): String {
         val newKey = newPreSharedKey.preSharedKey
-        val hash = DigestUtils.sha256Hex("${newPreSharedKey.secret}${oldKey}")
+        val hash = DigestUtils.sha256Hex("${newPreSharedKey.secret}${newKey}")
         return "!PSK:${newKey}:${hash};PSK:${newKey}:${hash}:SET"
     }
 }
diff --git a/application/src/test/kotlin/org/gxf/crestdeviceservice/coap/DownlinkServiceTest.kt b/application/src/test/kotlin/org/gxf/crestdeviceservice/coap/DownlinkServiceTest.kt
@@ -24,12 +24,11 @@ class DownlinkServiceTest {
     fun shouldReturnPskDownlinkWhenThereIsANewPsk() {
         val identity = "identity"
         val expectedKey = "key"
-        val expectedHash = "238104b039438f9dcbbef1dd6e295aa3cf2f248406c01ba7f6034becfe1a53d9"
+        val expectedHash = "ad165b11320bc91501ab08613cc3a48a62a6caca4d5c8b14ca82cc313b3b96cd"
         val psk =
             PreSharedKey(
                 identity, 1, Instant.now(), expectedKey, "secret", PreSharedKeyStatus.PENDING)
 
-        whenever(pskService.getCurrentActiveKey(identity)).thenReturn("oldKey")
         whenever(pskService.needsKeyChange(identity)).thenReturn(true)
         whenever(pskService.setReadyKeyForIdentityAsPending(identity)).thenReturn(psk)
 

diff --git a/application/src/test/kotlin/org/gxf/crestdeviceservice/coap/PskCommandCreatorTest.kt b/application/src/test/kotlin/org/gxf/crestdeviceservice/coap/PskCommandCreatorTest.kt
@@ -14,20 +14,19 @@ class PskCommandCreatorTest {
 
     @ParameterizedTest
     @CsvSource(
-        "1234567890123456,1234,390d4757bf1b75e305984c99cdedfb1e7c201a2d143a53cfbc35075fa5f9a56f,secret",
-        "1234567890123456,2345,c1f50bc9d85835bb6077aa3577b030cf8a17a3db7e8b42b83011cae8538f26cd,different-secret",
-        "6543210987654321,3456,143ecd0dffadbbc248748c8725313c77d0d1eb297c90719804bc0cc361580283,secret",
-        "6543210987654321,4567,c3d193f4726807f6fb8dca6171ddadfb9f8f15f5a599d710e3b507534f1602c2,different-secret")
+        "1234567890123456,ce2eca02d7ce354830eae7dd3b140755334f9c00582a53044655adde22126071,secret",
+        "1234567890123456,78383f73855e7595f8d31ee7cabdf854bc4e70d036f225f8d144d566083c7d01,different-secret",
+        "6543210987654321,5e15cf0f8a55b58a54f51dda17c1d1645ebc145f912888ec2e02a55d7b7baea4,secret",
+        "6543210987654321,64904d94590a354cecd8e65630289bcc22103c07b08c009b0b12a8ef0d58af9d,different-secret")
     fun shouldCreateACorrectPskCommandoWithHash(
         key: String,
-        oldKey: String,
         expectedHash: String,
         usedSecret: String
     ) {
         val preSharedKey =
             PreSharedKey("identity", 0, Instant.now(), key, usedSecret, PreSharedKeyStatus.PENDING)
 
-        val result = PskCommandCreator.createPskSetCommand(preSharedKey, oldKey)
+        val result = PskCommandCreator.createPskSetCommand(preSharedKey)
 
         // Psk command is formatted as: PSK:[Key]:[Hash];PSK:[Key]:[Hash]:SET
         Assertions.assertThat(result)