CDCgov · pluckyswan · Nov 19, 2024 · Nov 19, 2024 · Nov 19, 2024 · Nov 19, 2024
diff --git a/etor/src/main/java/gov/hhs/cdc/trustedintermediary/etor/orders/SendOrderUseCase.java b/etor/src/main/java/gov/hhs/cdc/trustedintermediary/etor/orders/SendOrderUseCase.java
@@ -6,13 +6,15 @@
 import gov.hhs.cdc.trustedintermediary.etor.metadata.partner.PartnerMetadata;
 import gov.hhs.cdc.trustedintermediary.etor.metadata.partner.PartnerMetadataMessageType;
 import gov.hhs.cdc.trustedintermediary.etor.ruleengine.transformation.TransformationRuleEngine;
+import gov.hhs.cdc.trustedintermediary.etor.utils.security.HashHelper;
 import gov.hhs.cdc.trustedintermediary.wrappers.Logger;
 import gov.hhs.cdc.trustedintermediary.wrappers.MetricMetadata;
 import javax.inject.Inject;
 
 /** The overall logic to receive, convert to OML, and subsequently send a lab order. */
 public class SendOrderUseCase implements SendMessageUseCase<Order<?>> {
     private static final SendOrderUseCase INSTANCE = new SendOrderUseCase();
+    private final HashHelper hashHelper = new HashHelper();
     @Inject TransformationRuleEngine transformationEngine;
     @Inject OrderSender sender;
     @Inject MetricMetadata metadata;
@@ -29,10 +31,12 @@ public static SendOrderUseCase getInstance() {
     public void convertAndSend(final Order<?> order, String receivedSubmissionId)
             throws UnableToSendMessageException {
 
+        String hashedOrder = hashHelper.generateHash(order);
+
         PartnerMetadata partnerMetadata =
                 new PartnerMetadata(
                         receivedSubmissionId,
-                        String.valueOf(order.hashCode()),
+                        hashedOrder,
                         PartnerMetadataMessageType.ORDER,
                         order.getSendingApplicationDetails(),
                         order.getSendingFacilityDetails(),

diff --git a/etor/src/main/java/gov/hhs/cdc/trustedintermediary/etor/results/SendResultUseCase.java b/etor/src/main/java/gov/hhs/cdc/trustedintermediary/etor/results/SendResultUseCase.java
@@ -6,12 +6,14 @@
 import gov.hhs.cdc.trustedintermediary.etor.metadata.partner.PartnerMetadata;
 import gov.hhs.cdc.trustedintermediary.etor.metadata.partner.PartnerMetadataMessageType;
 import gov.hhs.cdc.trustedintermediary.etor.ruleengine.transformation.TransformationRuleEngine;
+import gov.hhs.cdc.trustedintermediary.etor.utils.security.HashHelper;
 import gov.hhs.cdc.trustedintermediary.wrappers.Logger;
 import javax.inject.Inject;
 
 /** Use case for converting and sending a lab result message. */
 public class SendResultUseCase implements SendMessageUseCase<Result<?>> {
     private static final SendResultUseCase INSTANCE = new SendResultUseCase();
+    private final HashHelper hashHelper = new HashHelper();
 
     @Inject TransformationRuleEngine transformationEngine;
     @Inject ResultSender sender;
@@ -30,10 +32,12 @@ public static SendResultUseCase getInstance() {
     public void convertAndSend(Result<?> result, String receivedSubmissionId)
             throws UnableToSendMessageException {
 
+        String hashedResult = hashHelper.generateHash(result);
+
         PartnerMetadata partnerMetadata =
                 new PartnerMetadata(
                         receivedSubmissionId,
-                        String.valueOf(result.hashCode()),
+                        hashedResult,
                         PartnerMetadataMessageType.RESULT,
                         result.getSendingApplicationDetails(),
                         result.getSendingFacilityDetails(),

diff --git a/etor/src/main/java/gov/hhs/cdc/trustedintermediary/etor/utils/security/HashHelper.java b/etor/src/main/java/gov/hhs/cdc/trustedintermediary/etor/utils/security/HashHelper.java
@@ -0,0 +1,29 @@
+package gov.hhs.cdc.trustedintermediary.etor.utils.security;
+
+import gov.hhs.cdc.trustedintermediary.wrappers.Logger;
+import java.nio.charset.StandardCharsets;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.util.HexFormat;
+import javax.inject.Inject;
+
+public class HashHelper implements SecureHash {
+    @Inject Logger logger;
+
+    @Override
+    public <T> String generateHash(T input) {
+        try {
+            MessageDigest digest = MessageDigest.getInstance("SHA3-512", "BC");
+            byte[] objBytes = input.toString().getBytes(StandardCharsets.UTF_8);
+            byte[] hashBytes = digest.digest(objBytes);
+            return HexFormat.of().formatHex(hashBytes);
+        } catch (NoSuchAlgorithmException e) {
+            logger.logError("Algorithm does not exist!", e);
+            throw new RuntimeException(e);
+        } catch (NoSuchProviderException e) {
+            logger.logError("Provider does not exist!", e);
+            throw new RuntimeException(e);
+        }
+    }
+}
diff --git a/etor/src/main/java/gov/hhs/cdc/trustedintermediary/etor/utils/security/SecureHash.java b/etor/src/main/java/gov/hhs/cdc/trustedintermediary/etor/utils/security/SecureHash.java
@@ -0,0 +1,7 @@
+package gov.hhs.cdc.trustedintermediary.etor.utils.security;
+
+import java.security.NoSuchAlgorithmException;
+
+public interface SecureHash {
+    <T> String generateHash(T hash) throws NoSuchAlgorithmException;
+}
diff --git a/...src/test/groovy/gov/hhs/cdc/trustedintermediary/etor/utils/security/HashHelperTest.groovy b/...src/test/groovy/gov/hhs/cdc/trustedintermediary/etor/utils/security/HashHelperTest.groovy
@@ -0,0 +1,45 @@
+package gov.hhs.cdc.trustedintermediary.etor.utils.security
+import gov.hhs.cdc.trustedintermediary.context.TestApplicationContext
+import gov.hhs.cdc.trustedintermediary.etor.orders.Order
+import gov.hhs.cdc.trustedintermediary.etor.results.Result
+import gov.hhs.cdc.trustedintermediary.wrappers.Logger
+import spock.lang.Specification
+
+class HashHelperTest extends Specification {
+    def mockLogger = Mock(Logger)
+    def hashHelper = new HashHelper()
+
+    def setup() {
+        TestApplicationContext.reset()
+        TestApplicationContext.init()
+        TestApplicationContext.register(Logger, mockLogger)
+        TestApplicationContext.injectRegisteredImplementations()
+    }
+
+    def "generateHash generates hash for an order"() {
+        given:
+        def mockOrder = Mock(Order)
+
+        when:
+        String mockHash = hashHelper.generateHash(mockOrder)
+
+        then:
+        mockHash !== ""
+        0 * mockLogger.logError(_, _)
+    }
+
+    def "generateHash generates the same hash for the same object"() {
+        given:
+        def mockResult = Mock(Result)
+        def mockResult2 = mockResult
+
+        when:
+        String mockHash = hashHelper.generateHash(mockResult)
+        String mockHash2 = hashHelper.generateHash(mockResult2)
+
+        then:
+        mockHash !== ""
+        mockHash == mockHash2
+        0 * mockLogger.logError(_, _)
+    }
+}