From 369c3d7557f54339c6fe8fba924e4c87f851fa03 Mon Sep 17 00:00:00 2001
From: Marvin W <git@larma.de>
Date: Fri, 11 Dec 2020 11:51:53 +0100
Subject: [PATCH] EN: Allow exporting key of current day

This requires rotating the daily TEK when exporting
---
 ...xposure_notifications_confirm_activity.xml |  2 +-
 .../gms/nearby/exposurenotification/Crypto.kt | 23 ++++----
 .../exposurenotification/ExposureDatabase.kt  | 53 ++++++++++++-------
 .../ExposureNotificationServiceImpl.kt        |  2 +-
 4 files changed, 47 insertions(+), 33 deletions(-)

diff --git a/play-services-nearby-core-ui/src/main/res/layout/exposure_notifications_confirm_activity.xml b/play-services-nearby-core-ui/src/main/res/layout/exposure_notifications_confirm_activity.xml
index cdad35f2..0056fb70 100644
--- a/play-services-nearby-core-ui/src/main/res/layout/exposure_notifications_confirm_activity.xml
+++ b/play-services-nearby-core-ui/src/main/res/layout/exposure_notifications_confirm_activity.xml
@@ -39,7 +39,7 @@
                 android:layout_width="match_parent"
                 android:layout_height="wrap_content"
                 android:padding="16dp"
-                tools:text="Your phonre needs to use Bluetooth to securely collect and share IDs with other phones that are nearby.\n\nCorona Warn can notify you if you were exposed to someone who reported to be diagnosed positive.\n\nThe date, duration, and signal strength associated with an exposure will be shared with the app." />
+                tools:text="Your phone needs to use Bluetooth to securely collect and share IDs with other phones that are nearby.\n\nCorona Warn can notify you if you were exposed to someone who reported to be diagnosed positive.\n\nThe date, duration, and signal strength associated with an exposure will be shared with the app." />
 
             <LinearLayout
                 android:id="@+id/grant_permission_view"
diff --git a/play-services-nearby-core/src/main/kotlin/org/microg/gms/nearby/exposurenotification/Crypto.kt b/play-services-nearby-core/src/main/kotlin/org/microg/gms/nearby/exposurenotification/Crypto.kt
index 4f7a4edc..470d828a 100644
--- a/play-services-nearby-core/src/main/kotlin/org/microg/gms/nearby/exposurenotification/Crypto.kt
+++ b/play-services-nearby-core/src/main/kotlin/org/microg/gms/nearby/exposurenotification/Crypto.kt
@@ -34,11 +34,14 @@ private const val AES_BLOCK_SIZE = 16
 
 private const val AEM_ALGORITHM = "AES/CTR/NoPadding"
 
-val currentIntervalNumber: Long
-    get() = floor(System.currentTimeMillis() / 1000.0 / ROLLING_WINDOW_LENGTH).toLong()
+val currentIntervalNumber: Int
+    get() = floor(System.currentTimeMillis() / 1000.0 / ROLLING_WINDOW_LENGTH).toInt()
 
-val currentRollingStartNumber: Long
-    get() = floor(currentIntervalNumber.toDouble() / ROLLING_PERIOD).toLong() * ROLLING_PERIOD
+val currentDayRollingStartNumber: Int
+    get() = getDayRollingStartNumber(currentIntervalNumber)
+
+fun getDayRollingStartNumber(intervalNumber: Int) = (floor(currentIntervalNumber.toDouble() / ROLLING_PERIOD).toLong() * ROLLING_PERIOD).toInt()
+fun getPeriodInDay(intervalNumber: Int) = intervalNumber - getDayRollingStartNumber(intervalNumber)
 
 val nextKeyMillis: Long
     get() {
@@ -47,18 +50,16 @@ val nextKeyMillis: Long
         return (currentWindowEnd - System.currentTimeMillis()).coerceAtLeast(0)
     }
 
-fun TemporaryExposureKey.TemporaryExposureKeyBuilder.setCurrentRollingStartNumber(): TemporaryExposureKey.TemporaryExposureKeyBuilder =
-        setRollingStartIntervalNumber(currentRollingStartNumber.toInt())
-
-fun TemporaryExposureKey.TemporaryExposureKeyBuilder.generate(): TemporaryExposureKey.TemporaryExposureKeyBuilder {
+fun generateTemporaryExposureKey(intervalNumber: Int): TemporaryExposureKey.TemporaryExposureKeyBuilder = TemporaryExposureKey.TemporaryExposureKeyBuilder().apply {
     var keyData = ByteArray(16)
     SecureRandom().nextBytes(keyData)
     setKeyData(keyData)
-    setRollingPeriod(ROLLING_PERIOD)
-    return this
+    setRollingStartIntervalNumber(intervalNumber)
+    setRollingPeriod((ROLLING_PERIOD - getPeriodInDay(intervalNumber)))
 }
 
-fun generateCurrentTemporaryExposureKey(): TemporaryExposureKey = TemporaryExposureKey.TemporaryExposureKeyBuilder().generate().setCurrentRollingStartNumber().build()
+fun generateCurrentDayTemporaryExposureKey(): TemporaryExposureKey = generateTemporaryExposureKey(currentDayRollingStartNumber).build()
+fun generateIntraDayTemporaryExposureKey(intervalNumber: Int = currentIntervalNumber): TemporaryExposureKey = generateTemporaryExposureKey(intervalNumber).build()
 
 @TargetApi(21)
 fun TemporaryExposureKey.generateRpiKey(): SecretKeySpec {
diff --git a/play-services-nearby-core/src/main/kotlin/org/microg/gms/nearby/exposurenotification/ExposureDatabase.kt b/play-services-nearby-core/src/main/kotlin/org/microg/gms/nearby/exposurenotification/ExposureDatabase.kt
index 3a27339f..15bbc529 100644
--- a/play-services-nearby-core/src/main/kotlin/org/microg/gms/nearby/exposurenotification/ExposureDatabase.kt
+++ b/play-services-nearby-core/src/main/kotlin/org/microg/gms/nearby/exposurenotification/ExposureDatabase.kt
@@ -15,14 +15,11 @@ import android.database.sqlite.SQLiteOpenHelper
 import android.os.Parcel
 import android.os.Parcelable
 import android.util.Log
-import com.google.android.gms.nearby.exposurenotification.CalibrationConfidence
 import com.google.android.gms.nearby.exposurenotification.DiagnosisKeysDataMapping
 import com.google.android.gms.nearby.exposurenotification.ExposureConfiguration
 import com.google.android.gms.nearby.exposurenotification.TemporaryExposureKey
 import kotlinx.coroutines.*
 import okio.ByteString
-import org.json.JSONObject
-import org.microg.gms.nearby.exposurenotification.Constants.TOKEN_A
 import java.io.File
 import java.lang.Runnable
 import java.nio.ByteBuffer
@@ -111,7 +108,7 @@ class ExposureDatabase private constructor(private val context: Context) : SQLit
 
     fun dailyCleanup(): Boolean = writableDatabase.run {
         val start = System.currentTimeMillis()
-        val rollingStartTime = currentRollingStartNumber * ROLLING_WINDOW_LENGTH * 1000 - TimeUnit.DAYS.toMillis(KEEP_DAYS.toLong())
+        val rollingStartTime = currentDayRollingStartNumber * ROLLING_WINDOW_LENGTH * 1000 - TimeUnit.DAYS.toMillis(KEEP_DAYS.toLong())
         val advertisements = delete(TABLE_ADVERTISEMENTS, "timestamp < ?", longArrayOf(rollingStartTime))
         Log.d(TAG, "Deleted on daily cleanup: $advertisements adv")
         if (start + MAX_DELETE_TIME < System.currentTimeMillis()) return@run false
@@ -533,8 +530,9 @@ class ExposureDatabase private constructor(private val context: Context) : SQLit
         }
     }
 
-    private fun findOwnKeyAt(rollingStartNumber: Int, database: SQLiteDatabase = readableDatabase): TemporaryExposureKey? = database.run {
-        query(TABLE_TEK, arrayOf("keyData", "rollingStartNumber", "rollingPeriod"), "rollingStartNumber = ?", arrayOf(rollingStartNumber.toString()), null, null, null).use { cursor ->
+    private fun findOwnKeyAt(intervalNumber: Int, database: SQLiteDatabase = readableDatabase): TemporaryExposureKey? = database.run {
+        val dayRollingStartNumber = getDayRollingStartNumber(intervalNumber)
+        query(TABLE_TEK, arrayOf("keyData", "rollingStartNumber", "rollingPeriod"), "rollingStartNumber >= ? AND (rollingStartNumber + rollingPeriod) < ?", arrayOf(dayRollingStartNumber.toString(), intervalNumber.toString()), null, null, "rollingStartNumber DESC").use { cursor ->
             if (cursor.moveToNext()) {
                 TemporaryExposureKey.TemporaryExposureKeyBuilder()
                         .setKeyData(cursor.getBlob(0))
@@ -602,18 +600,33 @@ class ExposureDatabase private constructor(private val context: Context) : SQLit
         }
     }
 
-    val allKeys: List<TemporaryExposureKey> = readableDatabase.run {
-        val startRollingNumber = (currentRollingStartNumber - 14 * ROLLING_PERIOD)
-        query(TABLE_TEK, arrayOf("keyData", "rollingStartNumber", "rollingPeriod"), "rollingStartNumber >= ? AND rollingStartNumber < ?", arrayOf(startRollingNumber.toString(), currentIntervalNumber.toString()), null, null, null).use { cursor ->
-            val list = arrayListOf<TemporaryExposureKey>()
-            while (cursor.moveToNext()) {
-                list.add(TemporaryExposureKey.TemporaryExposureKeyBuilder()
-                        .setKeyData(cursor.getBlob(0))
-                        .setRollingStartIntervalNumber(cursor.getLong(1).toInt())
-                        .setRollingPeriod(cursor.getLong(2).toInt())
-                        .build())
+    fun exportKeys(database: SQLiteDatabase = writableDatabase): List<TemporaryExposureKey> = database.run {
+        database.beginTransactionNonExclusive()
+        try {
+            val intervalNumber = currentIntervalNumber
+            val key = findOwnKeyAt(intervalNumber, database)
+            if (key != null && intervalNumber != key.rollingStartIntervalNumber) {
+                // Rotate key
+                update(TABLE_TEK, ContentValues().apply {
+                    put("rollingPeriod", intervalNumber - key.rollingStartIntervalNumber)
+                }, "rollingStartNumber = ?", arrayOf(key.rollingStartIntervalNumber.toString()))
+                storeOwnKey(generateIntraDayTemporaryExposureKey(intervalNumber), database)
             }
-            list
+            database.setTransactionSuccessful()
+            val startRollingNumber = (getDayRollingStartNumber(intervalNumber) - 14 * ROLLING_PERIOD)
+            query(TABLE_TEK, arrayOf("keyData", "rollingStartNumber", "rollingPeriod"), "rollingStartNumber >= ? AND (rollingStartNumber + rollingPeriod) <= ?", arrayOf(startRollingNumber.toString(), intervalNumber.toString()), null, null, null).use { cursor ->
+                val list = arrayListOf<TemporaryExposureKey>()
+                while (cursor.moveToNext()) {
+                    list.add(TemporaryExposureKey.TemporaryExposureKeyBuilder()
+                            .setKeyData(cursor.getBlob(0))
+                            .setRollingStartIntervalNumber(cursor.getLong(1).toInt())
+                            .setRollingPeriod(cursor.getLong(2).toInt())
+                            .build())
+                }
+                list
+            }
+        } finally {
+            database.endTransaction()
         }
     }
 
@@ -733,9 +746,9 @@ class ExposureDatabase private constructor(private val context: Context) : SQLit
     private fun ensureTemporaryExposureKey(): TemporaryExposureKey = writableDatabase.let { database ->
         database.beginTransactionNonExclusive()
         try {
-            var key = findOwnKeyAt(currentRollingStartNumber.toInt(), database)
+            var key = findOwnKeyAt(currentIntervalNumber.toInt(), database)
             if (key == null) {
-                key = generateCurrentTemporaryExposureKey()
+                key = generateCurrentDayTemporaryExposureKey()
                 storeOwnKey(key, database)
             }
             database.setTransactionSuccessful()
@@ -747,7 +760,7 @@ class ExposureDatabase private constructor(private val context: Context) : SQLit
 
     val currentRpiId: UUID?
         get() {
-            val key = findOwnKeyAt(currentRollingStartNumber.toInt()) ?: return null
+            val key = findOwnKeyAt(currentIntervalNumber.toInt()) ?: return null
             val buffer = ByteBuffer.wrap(key.generateRpiId(currentIntervalNumber.toInt()))
             return UUID(buffer.long, buffer.long)
         }
diff --git a/play-services-nearby-core/src/main/kotlin/org/microg/gms/nearby/exposurenotification/ExposureNotificationServiceImpl.kt b/play-services-nearby-core/src/main/kotlin/org/microg/gms/nearby/exposurenotification/ExposureNotificationServiceImpl.kt
index e91e6ea2..40a58b67 100644
--- a/play-services-nearby-core/src/main/kotlin/org/microg/gms/nearby/exposurenotification/ExposureNotificationServiceImpl.kt
+++ b/play-services-nearby-core/src/main/kotlin/org/microg/gms/nearby/exposurenotification/ExposureNotificationServiceImpl.kt
@@ -146,7 +146,7 @@ class ExposureNotificationServiceImpl(private val context: Context, private val
             val status = confirmPermission(CONFIRM_ACTION_KEYS)
             val response = when {
                 status.isSuccess -> ExposureDatabase.with(context) { database ->
-                    database.allKeys
+                    database.exportKeys()
                 }
                 else -> emptyList()
             }