Hey

i was wondering if there is any reverse process .

i have the json built in and I would like to convert it to QR

would be awesome if you could provide me any tutorial or other github links . Couldnt find any

Hey!

I have a question to this beautiful peace of software ... I don't know if its an issue with Jaris Fork or in the main branch but as i am lacking python knowledge i humble ask anyways:

/vacdec/vacdec --image-file /tmp/gettinger_v3.png

Traceback (most recent call last): File "/vacdec/vacdec", line 241, in main() File "/vacdec/vacdec", line 228, in main covid_cert_data = data[0].data.decode() IndexError: list index out of range

Can anyone give me a hint why this certificate shows that error please?

Kind regards Martin

{-260: {1: {'dob': 'xxxx-xx-xx', 'nam': {'fn': Traceback (most recent call last): File "vacdec.py", line 19, in pprint.pprint(cbor2.loads(decoded.value[2])) File "C:\Users\user\AppData\Local\Programs\Python\Python37-32\lib\pprint.py", line 53, in pprint printer.pprint(object) File "C:\Users\user\AppData\Local\Programs\Python\Python37-32\lib\pprint.py", line 139, in pprint self._format(object, self._stream, 0, 0, {}, 0) File "C:\Users\user\AppData\Local\Programs\Python\Python37-32\lib\pprint.py", line 167, in _format p(self, object, stream, indent, allowance, context, level + 1) File "C:\Users\user\AppData\Local\Programs\Python\Python37-32\lib\pprint.py", line 189, in _pprint_dict context, level) File "C:\Users\user\AppData\Local\Programs\Python\Python37-32\lib\pprint.py", line 346, in _format_dict_items context, level) File "C:\Users\user\AppData\Local\Programs\Python\Python37-32\lib\pprint.py", line 167, in _format p(self, object, stream, indent, allowance, context, level + 1) File "C:\Users\user\AppData\Local\Programs\Python\Python37-32\lib\pprint.py", line 189, in _pprint_dict context, level) File "C:\Users\user\AppData\Local\Programs\Python\Python37-32\lib\pprint.py", line 346, in _format_dict_items context, level) File "C:\Users\user\AppData\Local\Programs\Python\Python37-32\lib\pprint.py", line 167, in _format p(self, object, stream, indent, allowance, context, level + 1) File "C:\Users\user\AppData\Local\Programs\Python\Python37-32\lib\pprint.py", line 189, in _pprint_dict context, level) File "C:\Users\user\AppData\Local\Programs\Python\Python37-32\lib\pprint.py", line 346, in _format_dict_items context, level) File "C:\Users\user\AppData\Local\Programs\Python\Python37-32\lib\pprint.py", line 167, in _format p(self, object, stream, indent, allowance, context, level + 1) File "C:\Users\user\AppData\Local\Programs\Python\Python37-32\lib\pprint.py", line 189, in _pprint_dict context, level) File "C:\Users\user\AppData\Local\Programs\Python\Python37-32\lib\pprint.py", line 346, in _format_dict_items context, level) File "C:\Users\user\AppData\Local\Programs\Python\Python37-32\lib\pprint.py", line 176, in _format stream.write(rep) File "C:\Users\user\AppData\Local\Programs\Python\Python37-32\lib\encodings\cp1252.py", line 19, in encode return codecs.charmap_encode(input,self.errors,encoding_table)[0] UnicodeEncodeError: 'charmap' codec can't encode characters in position 1-9: character maps to

Hello, I get this when I try to decode a covid certificate:

Traceback (most recent call last):
  File "vacdec", line 13, in <module>
    cert = data[0].data.decode()
IndexError: list index out of range

It works with the test certificate image here.

I created a dependencies file requirements.txt which includes the current versions of the required files. I also updated the README file, to use this.

So sir can you please make a video tutorial for me, because i don't understand it perfectly. I live in the Netherlands so it would be very nice if you can show how to make that vaccination qr code.

I like the script, but the QR decoding process is most of the time done already at earlier stage (e.g. an integrate app library). Could there be an option to pass the HC1 string as parameter?

`import:` unable to open X server `' @ error/import.c/ImportImageCommand/348. import: unable to open X server `' @ error/import.c/ImportImageCommand/348. import: unable to open X server `' @ error/import.c/ImportImageCommand/348. import: unable to open X server `' @ error/import.c/ImportImageCommand/348. import: unable to open X server `' @ error/import.c/ImportImageCommand/348. import: unable to open X server `' @ error/import.c/ImportImageCommand/348. import: unable to open X server `' @ error/import.c/ImportImageCommand/348. vacdec: line 12: syntax error near unexpected token `(' vacdec: line 12: `data = pyzbar.pyzbar.decode(PIL.Image.open(sys.argv[1]))'

Re-did the whole thing. Added COSE signature verification from known public ECDSA certificate.

Proper Python logging. Proper argument handling with possibility of parsing raw data instead of a QR-code.

Hi there!

When running the script I am getting the following errors: Traceback (most recent call last): File "vacdec.py", line 8, in <module> import pyzbar.pyzbar File "/usr/local/lib/python3.7/dist-packages/pyzbar/pyzbar.py", line 7, in <module> from .wrapper import ( File "/usr/local/lib/python3.7/dist-packages/pyzbar/wrapper.py", line 143, in <module> c_uint_p, # minor File "/usr/local/lib/python3.7/dist-packages/pyzbar/wrapper.py", line 136, in zbar_function return prototype((fname, load_libzbar())) File "/usr/local/lib/python3.7/dist-packages/pyzbar/wrapper.py", line 115, in load_libzbar libzbar, dependencies = zbar_library.load() File "/usr/local/lib/python3.7/dist-packages/pyzbar/zbar_library.py", line 65, in load raise ImportError('Unable to find zbar shared library') ImportError: Unable to find zbar shared library

Any ideas what could be happenning?

Thanks!

Since there have been many questions on that, I think some education on the subject is in order.

@hannob If you think this is not the right place, please feel free to close the issue.

TLDR Faking a QR code without the private key doesn't work and will not work. If it would, all security regarding computers would be destroyed.

Why? The QR code is cryptographically signed, using a private/public keypair. Cryptographic signatures can be generated if you have the private key (which, as the name says, is kept private). They can be validated using the public key, which is public. Since it is only signed and not encrypted, it is possible to read the message without any key at all. This is what this project does.

Encryption vs Signature In a public/private key system, every user has a private key (which they have to keep private, so not share with anyone) and a public key. The public key is public, meaning, it is shared with everyone.

Using these keys, there are two main things you can do: encrypt a message or sign a message (or both at once).

To encrypt something, you use the public key of the user that should be able to read the message. This returns a message, that looks like random garbage. Only using that user's private key, you can restore the message to it's original form.

To sign something, you use your own private key. This creates a signature, that can be attached to the message. The message itself is not modified and thus still legible (as if you would put a signature under a letter). Using the sender's public key (which everyone else has), other users can verify, that the message came from the sender and that it wasn't modified.

What does this project do? It reads the QR code's data, without even checking the signature. So, basically, it doesn't touch the security of the QR code at all.

What would it mean if you could just create valid QR codes without the private key? That would, literally, mean, that all security that exists in regards to digital communications would be gone. That would mean, no online banking, no online shopping, not even safe use of messaging apps or social networks. It would be close to a digital apocalypse.

So how do I get a valid QR code? The only way to get a valid QR code is to get it from someone who has the private key. Which, to my knowledge, are only the authorities responsible for vaccinations. So go, get your shot.

By the way: in many countries documentation regarding vaccinations count as official documents. Forging those can lead to (depending on the country) pretty substantial fines and even jail sentences of over a year. Is that really worth it?

Some QR codes should contain recovery information per this document

https://ec.europa.eu/health/system/files/2021-06/covid-certificate_json_specification_en_0.pdf

Changes

Added a verbose mode -v that translates the issue and expiration dates of the certificate from Unix timestamp to UTC in the format YYYY-MM-DD HH:MM:SS.

The verbose mode also decodes the json values for:

• Disease agent targeted
• Vaccine prophylaxis
• Vaccine medicinal product
• Vaccine manufacturer
• Test type
• Test manufacturer
• Test result

Although it shows the original encoded value too.

In general, it gives more information to the reader in a more structured way.

Code Structure

I didn't want to modify the original structure of the code, so I just added the new functionality at the end of the file while preserving the original organization and functionality.

Per specs https://ec.europa.eu/health/sites/default/files/ehealth/docs/digital-green-certificates_v3_en.pdf

1. strips spaces around the string (typical issue when pasting base45 data through emails, ...)
2. strip prefix, validated by regex, if it conforms with spec section "2.3 2D Code Versioning" (support for NL1, CZ1, HC2, ...)

This might result in trying to parse unsupported data (newer version of certificate) but the basics (b45+zlib) won't ever imho change, cbor will only contain different document

This should fix at least #15

Hello, i've try with the exemple string and it working well but with my personnal string i get ValueError("Invalid base45 string"), any idea ?