Anomaly between /signercertificateStatus and /signercertificateUpdate breaks dgca-verifier-app-android in production

[kristank]

Hello,

• Method /signercertificateStatus returns only "not deleted" (it calls signerInformationRepository.findAllByDeletedOrderByIdAsc(false)) certs from local database.
• Method /signercertificateUpdate returns all certificates (initially it calls findFirstByIdIsNotNullOrderByIdAsc() and then findFirstByIdGreaterThanOrderByIdAsc(Long id), cannot find filter for deleted) from local database.

This breaks dgca-verifier-app-android if one or more certs are marked as deleted in local database, because dgca-verifier-app-android's fetch method checks if the returned certificate is in the list returned from /signercertificateStatus, pseudocode from VerifierRepositoryImpl.kt method fetchCertificate

//validCertList is list returned from /signercertificateStatus
if (validCertList.contains(responseKid) && isKidValid(responseKid, responseStr)) {   
    // process the cert
    // Get next cert
    newResumeToken?.let {
        val newToken = it.toLong()
        fetchCertificate(url, newToken)
    }
}
// Cert fetching stops - dgca-verifier-app-android does not have all certs, verification of missing certs will fail.

Could you please check this issue ?

I found that restarting verifier ws will temporary resolve this issue (until next cert gets deleted), because it clears local database.

[oleksandrsarapulovgl]

@kristank could you please clarify: you mean in the app we receive responseKid that is not in the validCertList anymore? Because if yes - not clear how clearing local app database fixes the issue, as with next reload we would come to the same point again

[kristank]

@oleksandrsarapulovgl

Yes, /signercertificateUpdate returns a certificate, whose kid is not returned by /signercertificateStatus

Why restart helps – I did not examine the whole code for verifier WS, but I think by default h2 db is used with no persistent storage, so after restart the deleted certificates are purged from db – only active certs are transferred from GW.

[SchulzeStTSI]

@kristank can please check out this: eu-digital-green-certificates/dgca-verifier-app-android#323

[kristank]

@SchulzeStTSI @oleksandrsarapulovgl

Yes, this would fix the android app – all certs would be fetched and the deleted certs would be ignored.

I presume the same fix should be implemented in IOS app.

One question – is it ok that verifier WS returns deleted certs ? Is there a situation where deleted certs should be used in DGC verification ?

Thank you for all the answers.

[dslmeinte]

@SchulzeStTSI @oleksandrsarapulovgl @kristank

I was contacted during an eHN TechIOP Meeting by a Slovenian representative about this, and I'm a bit surprised that the corresponding PR (eu-digital-green-certificates/dgca-verifier-app-android#323) wasn't reviewed yet. Could that still happen?