feat: added support for truncating crypto-hashed values to a max leng…

…th (#207) * feat: added support for truncating crypto-hashed values to a max length * utf8bom -> utf8 & NL
miracum · Oct 15, 2024 · 54dae1e · 54dae1e
1 parent e5c3b47
commit 54dae1e
Show file tree

Hide file tree

Showing 7 changed files with 32,101 additions and 13 deletions.
diff --git a/.vscode/launch.json b/.vscode/launch.json
@@ -6,7 +6,7 @@
       "type": "coreclr",
       "request": "launch",
       "preLaunchTask": "build",
-      "program": "${workspaceFolder}/src/FhirPseudonymizer/bin/Debug/net7.0/FhirPseudonymizer.dll",
+      "program": "${workspaceFolder}/src/FhirPseudonymizer/bin/Debug/net8.0/FhirPseudonymizer.dll",
       "args": [],
       "cwd": "${workspaceFolder}/src/FhirPseudonymizer",
       "stopAtEntry": false,

diff --git a/README.md b/README.md
@@ -170,6 +170,27 @@ fhirPathRules:
 | `entici__Auth__OAuth__Scope`         | The scope                         | `""`    |
 | `entici__Auth__OAuth__Resource`      | The resource                      | `""`    |
 
+### Truncating Crypto-hash Length
+
+When using the `cryptoHash` method on a value, the result is a hex-encoded string of 64 characters length.
+You can truncate this to a specific maximum length using the `truncateToMaxLength` setting. For example:
+
+```yaml
+fhirPathRules:
+  - path: Resource.id
+    method: cryptoHash
+    truncateToMaxLength: 32
+```
+
+Will truncate the usually 64-character-long hash to the following:
+
+```json
+{
+  "resourceType": "Patient",
+  "id": "b43a73c44e6d5b57644b63d89ee90cbf"
+}
+```
+
 ## Dynamic rule settings
 
 Anonymization and pseudonymization rules in the `anonymization.yaml` config file can be overridden and/or extended on a per request basis.

diff --git a/src/FhirPseudonymizer.Tests/CryptoHashProcessorTests.cs b/src/FhirPseudonymizer.Tests/CryptoHashProcessorTests.cs
@@ -13,17 +13,32 @@ public static IEnumerable<object[]> GetProcessData()
         yield return new object[]
         {
             new FhirString("12345"),
-            "098fe201710ca56e73dfb56cb0c610a66900add818c6d625b44b91eaafe79022"
+            "098fe201710ca56e73dfb56cb0c610a66900add818c6d625b44b91eaafe79022",
         };
         yield return new object[]
         {
             new ResourceReference("Patient/12345"),
-            "Patient/098fe201710ca56e73dfb56cb0c610a66900add818c6d625b44b91eaafe79022"
+            "Patient/098fe201710ca56e73dfb56cb0c610a66900add818c6d625b44b91eaafe79022",
         };
         yield return new object[]
         {
             new FhirUri("Patient/12345"),
-            "Patient/098fe201710ca56e73dfb56cb0c610a66900add818c6d625b44b91eaafe79022"
+            "Patient/098fe201710ca56e73dfb56cb0c610a66900add818c6d625b44b91eaafe79022",
+        };
+    }
+
+    public static IEnumerable<object[]> GetTruncatedProcessData()
+    {
+        yield return new object[] { new FhirString("12345"), "098fe201710ca56e73dfb56cb0c610a6" };
+        yield return new object[]
+        {
+            new ResourceReference("Patient/12345"),
+            "Patient/098fe201710ca56e73dfb56cb0c610a6",
+        };
+        yield return new object[]
+        {
+            new FhirUri("Patient/12345"),
+            "Patient/098fe201710ca56e73dfb56cb0c610a6",
         };
     }
 
@@ -43,4 +58,27 @@ public void Process_HashesIdPart(DataType element, string expected)
 
         node.Value.ToString().Should().Be(expected);
     }
+
+    [Theory]
+    [MemberData(nameof(GetTruncatedProcessData))]
+    public void Process_WithTruncatedHashLengthSet_HashHasMaxLength(
+        DataType element,
+        string expected
+    )
+    {
+        var processor = new CryptoHashProcessor("test");
+
+        var node = ElementNode.FromElement(element.ToTypedElement());
+        while (!node.HasValue())
+        {
+            node = node.Children().CastElementNodes().First();
+        }
+
+        processor.Process(
+            node,
+            settings: new Dictionary<string, object>() { { "truncateToMaxLength", 32 } }
+        );
+
+        node.Value.ToString().Should().Be(expected);
+    }
 }
diff --git a/src/FhirPseudonymizer.Tests/Fixtures/Data/Configs/truncate-crypto-hashed-values.yaml b/src/FhirPseudonymizer.Tests/Fixtures/Data/Configs/truncate-crypto-hashed-values.yaml
@@ -0,0 +1,16 @@
+fhirVersion: R4
+fhirPathRules:
+  - path: Resource.id
+    method: cryptoHash
+    truncateToMaxLength: 16
+  - path: nodesByType('Reference').reference
+    method: cryptoHash
+    truncateToMaxLength: 16
+  - path: Bundle.entry.fullUrl
+    method: cryptoHash
+    truncateToMaxLength: 16
+  - path: Bundle.entry.request.where(method = 'PUT').url
+    method: cryptoHash
+    truncateToMaxLength: 16
+parameters:
+  cryptoHashKey: fhir-pseudonymizer