UploadingTemporaryExposureKeys.md

Temporary Exposure Keys Upload

Once the user is diagnosed with COVID-19 they can share their Temporary Exposure Keys (TEK) to inform others, with whom they had contact with, about potential exposition to virus.

Steps:

• User diagnosed with COVID-19 is given a unique 6-character code (PIN) from the authority employee
• User enters the code and agrees for TEK upload (PWA module)
• PWA module notifies native code through JS bridge that provided PIN should be used for TEKs upload
• Exposure Notification Framework asks the user for a permission to share TEK with STOP COVID - ProteGO Safe App
• The app checks if 6-character code is valid by requesting ProteGo Safe server for a Token (Firebase Cloud Function is called with PIN as a payload):
  • Moya Target endpoint: case auth(TemporaryExposureKeysAuthData)
  • Service function: DiagnosisKeysUploadService.getToken(usingAuthCode authCode: String) -> Promise<String>
• The app generates Device Verification Payload using DeviceCheck Framework. It is used to confirm a genuine iOS device.
  • Service function: DeviceCheckServiceProtocol.generatePayload(bundleID: String, exposureKeys: [Data], regions: [String]) -> Promise<String>
  • Device Verification Payload has following structure:
    • deviceToken - base 64–encoded representation of encrypted device information returned by generateToken(completionHandler completion: @escaping (Data?, Error?) -> Void)
    • transactionId - SHA256 hash of the concatenation of:
      • appPackageName - app's Bundle Identifier
      • appPackageName - Concatenation of the TrackingKey.Key values in their base64 encoding, sorted lexicographically
      • appPackageName - Concatenation of regions, uppercased, sorted lexicographically
    • timestamp - UTC timestamp in milliseconds since the Unix epoch
• The app generates Upload Request Payload(URP) with the following data:
  • temporaryExposureKeys - array of Temporary Exposure Keys acquired using ExposureServiceProtocol.getDiagnosisKeys() -> Promise<[ENTemporaryExposureKey]>
  • regions - array of regions: ["PL"]
  • platform - platform name: "ios"
  • appPackageName - app's Bundle Identifier
  • verificationPayload - Token acquired from STOP COVID - ProteGO Safe server
  • deviceVerificationPayload - Device Verification Payload generated by DeviceCheckService
• The app uploads URP to STOP COVID - ProteGO Safe server with a proper Firebase Cloud Function
  • Moya Target endpoint: case post(TemporaryExposureKeysData)
  • Service function: DiagnosisKeysUploadServiceProtocol.upload(usingAuthCode authCode: String) -> Promise<Void>