diff --git a/avro-schema/ingestion-data-share-packet.avsc b/avro-schema/ingestion-data-share-packet.avsc index f095989bb..2c18fe247 100644 --- a/avro-schema/ingestion-data-share-packet.avsc +++ b/avro-schema/ingestion-data-share-packet.avsc @@ -16,7 +16,10 @@ }, { "name": "encryption_key_id", - "type": "string", + "type": [ + "null", + "string" + ], "doc": "Encryption key identifier (e.g., to support key rotations)" }, { diff --git a/facilitator/src/batch.rs b/facilitator/src/batch.rs index be75d04a1..9b369c0ef 100644 --- a/facilitator/src/batch.rs +++ b/facilitator/src/batch.rs @@ -303,7 +303,7 @@ mod tests { IngestionDataSharePacket { uuid: Uuid::new_v4(), encrypted_payload: vec![0u8, 1u8, 2u8, 3u8], - encryption_key_id: "fake-key-1".to_owned(), + encryption_key_id: Some("fake-key-1".to_owned()), r_pit: 1, version_configuration: Some("config-1".to_owned()), device_nonce: None, @@ -311,7 +311,7 @@ mod tests { IngestionDataSharePacket { uuid: Uuid::new_v4(), encrypted_payload: vec![4u8, 5u8, 6u8, 7u8], - encryption_key_id: "fake-key-2".to_owned(), + encryption_key_id: None, r_pit: 2, version_configuration: None, device_nonce: Some(vec![8u8, 9u8, 10u8, 11u8]), @@ -319,7 +319,7 @@ mod tests { IngestionDataSharePacket { uuid: Uuid::new_v4(), encrypted_payload: vec![8u8, 9u8, 10u8, 11u8], - encryption_key_id: "fake-key-3".to_owned(), + encryption_key_id: Some("fake-key-3".to_owned()), r_pit: 3, version_configuration: None, device_nonce: None, diff --git a/facilitator/src/idl.rs b/facilitator/src/idl.rs index 6cc19de7b..eb52eb6d4 100644 --- a/facilitator/src/idl.rs +++ b/facilitator/src/idl.rs @@ -368,7 +368,7 @@ impl Header for IngestionHeader { pub struct IngestionDataSharePacket { pub uuid: Uuid, pub encrypted_payload: Vec, - pub encryption_key_id: String, + pub encryption_key_id: Option, pub r_pit: i64, pub version_configuration: Option, pub device_nonce: Option>, @@ -409,7 +409,16 @@ impl Packet for IngestionDataSharePacket { match (tuple.0.as_str(), tuple.1) { ("uuid", Value::Uuid(v)) => uuid = Some(v), ("encrypted_payload", Value::Bytes(v)) => encrypted_payload = Some(v), - ("encryption_key_id", Value::String(v)) => encryption_key_id = Some(v), + ("encryption_key_id", Value::Union(boxed)) => match *boxed { + Value::String(v) => encryption_key_id = Some(v), + Value::Null => encryption_key_id = None, + v => { + return Err(Error::MalformedDataPacketError(format!( + "unexpected boxed value {:?} in encryption_key_id", + v + ))) + } + }, ("r_pit", Value::Long(v)) => r_pit = Some(v), ("version_configuration", Value::Union(boxed)) => match *boxed { Value::String(v) => version_configuration = Some(v), @@ -440,11 +449,7 @@ impl Packet for IngestionDataSharePacket { } } - if uuid.is_none() - || encrypted_payload.is_none() - || encryption_key_id.is_none() - || r_pit.is_none() - { + if uuid.is_none() || encrypted_payload.is_none() || r_pit.is_none() { return Err(Error::MalformedDataPacketError( "missing fields in record".to_owned(), )); @@ -453,7 +458,7 @@ impl Packet for IngestionDataSharePacket { Ok(IngestionDataSharePacket { uuid: uuid.unwrap(), encrypted_payload: encrypted_payload.unwrap(), - encryption_key_id: encryption_key_id.unwrap(), + encryption_key_id, r_pit: r_pit.unwrap(), version_configuration, device_nonce, @@ -476,10 +481,13 @@ impl Packet for IngestionDataSharePacket { "encrypted_payload", Value::Bytes(self.encrypted_payload.clone()), ); - record.put( - "encryption_key_id", - Value::String(self.encryption_key_id.clone()), - ); + match &self.encryption_key_id { + Some(v) => record.put( + "encryption_key_id", + Value::Union(Box::new(Value::String(v.to_owned()))), + ), + None => record.put("encryption_key_id", Value::Union(Box::new(Value::Null))), + } record.put("r_pit", Value::Long(self.r_pit)); match &self.version_configuration { Some(v) => record.put( @@ -1102,7 +1110,7 @@ mod tests { IngestionDataSharePacket { uuid: Uuid::new_v4(), encrypted_payload: vec![0u8, 1u8, 2u8, 3u8], - encryption_key_id: "fake-key-1".to_owned(), + encryption_key_id: Some("fake-key-1".to_owned()), r_pit: 1, version_configuration: Some("config-1".to_owned()), device_nonce: None, @@ -1110,7 +1118,7 @@ mod tests { IngestionDataSharePacket { uuid: Uuid::new_v4(), encrypted_payload: vec![4u8, 5u8, 6u8, 7u8], - encryption_key_id: "fake-key-2".to_owned(), + encryption_key_id: None, r_pit: 2, version_configuration: None, device_nonce: Some(vec![8u8, 9u8, 10u8, 11u8]), @@ -1118,7 +1126,7 @@ mod tests { IngestionDataSharePacket { uuid: Uuid::new_v4(), encrypted_payload: vec![8u8, 9u8, 10u8, 11u8], - encryption_key_id: "fake-key-3".to_owned(), + encryption_key_id: Some("fake-key-3".to_owned()), r_pit: 3, version_configuration: None, device_nonce: None, diff --git a/facilitator/src/sample.rs b/facilitator/src/sample.rs index f1e4880a5..05db6479d 100644 --- a/facilitator/src/sample.rs +++ b/facilitator/src/sample.rs @@ -91,7 +91,7 @@ pub fn generate_ingestion_sample( let pha_packet = IngestionDataSharePacket { uuid: packet_uuid, encrypted_payload: pha_share, - encryption_key_id: "pha-fake-key-1".to_owned(), + encryption_key_id: Some("pha-fake-key-1".to_owned()), r_pit: u32::from(r_pit) as i64, version_configuration: Some("config-1".to_owned()), device_nonce: None, @@ -102,7 +102,7 @@ pub fn generate_ingestion_sample( let facilitator_packet = IngestionDataSharePacket { uuid: packet_uuid, encrypted_payload: facilitator_share, - encryption_key_id: "facilitator-fake-key-1".to_owned(), + encryption_key_id: None, r_pit: u32::from(r_pit) as i64, version_configuration: Some("config-1".to_owned()), device_nonce: None,