An open source API to validate the EU Covid Certificates / Green Certificates

Overview

Open Covid Certificate Validator

Build badge Language badge License badge Star count badge

This an open source API to validate EU Digital COVID Certificates. It receives a COVID certificate and validates it using a list of signing certificates provided by an EU member state.

The server provides a simple JSON-API that returns validation result and the data stored inside a certificate. There is also a simple web frontend to test the service.

There is a basic demo available at

https://covid.merlinschumacher.de/

The demo neither logs IP addresses nor stores any COVID certificate data.

NOTICE: THIS IS NOT AN OFFICIAL VALIDATOR! IT COMES WITHOUT ANY WARRANTIES!

Getting started

The easiest way to run OCCV is to use a container. An up to date docker image is provided via GitHubs Container Image Registry under ghcr.io/merlinschumacher/open-covid-certificate-validator:main.

To start the container you need a recent version of Docker and docker-compose. Just execute docker-compose up and the server will answer on port 8000 of your server. Modify the compose file to fit your needs. Currently only validation against the german list of certificates provided by Ubirch is supported. But this should be able to validate all certificates issued in the EU. The certificates are updated every 24 hours.

To access the API send a POST request containing the following JSON to /:

    {"dcc": "HC1:XXXX..."}

Replace the payload with the data of the COVID certificate. The server will then return the following answer, if the certificate is valid:

{
  "valid": true,
  "dccdata": {
    "1": "AT",
    "4": 1635876000,
    "6": 1620324000,
    "-260": {
      "1": {
        "v": [
          {
            "dn": 1,
            "ma": "ORG-100030215",
            "vp": "1119349007",
            "dt": "2021-02-18",
            "co": "AT",
            "ci": "URN:UVCI:01:AT:10807843F94AEE0EE5093FBC254BD813#B",
            "mp": "EU/1/20/1528",
            "is": "Ministry of Health, Austria",
            "sd": 2,
            "tg": "840539006"
          }
        ],
        "nam": {
          "fnt": "MUSTERFRAU<GOESSINGER",
          "fn": "Musterfrau-Gößinger",
          "gnt": "GABRIELE",
          "gn": "Gabriele"
        },
        "ver": "1.0.0",
        "dob": "1998-02-26"
      }
    }
  }
}

If it's invalid, the server will simply return

{
    "valid":false, 
    "ddcdata":{}
}

The ddcdata field contains all the data encoded in the certificate according to the specification by the EU

Contributing

Everyone is invited to contribute to the service and provide pull-requests, ideas and feedback.

Foremost the service needs testing with certificates from all issuing countries and also the implementation of all available validation lists from the EU members. You can contribute with testing your certificate and reporting your success or possible errors.

Privacy

While the data encoded in the certificate are sent to the server, they are never stored. They will be processed to generate a response and are deleted afterwards. There is no logging of indidivual data of any kind.

The web service

This container provides a simple web service to test and validate certificates. It uses your webcam or phone camera to scan a QR code for a certificate and sends it to the API.

An example of a scanned and validated COVID Certificate

Technology

The API service is written in Python and uses FastAPI to provide the JSON API. The validation is handled by python-cwt, a CBOR Web Token library.

The web interface is still very rudimentary and build in Typescript using jsQR to decode the QR codes.

Issues
  • not working

    not working

    Each cert is invalid

    opened by krstan4o 2
  • fix a typo

    fix a typo

    null

    opened by jamct 0
  • Permission denied on startup

    Permission denied on startup

    Hi,

    I get this when trying to start the container:

    # docker-compose up
    Creating network "validator_default" with the default driver
    Creating occv ... done
    Attaching to occv
    occv    | Traceback (most recent call last):
    occv    |   File "/code/./main.py", line 5, in <module>
    occv    | Open Covid Certificate Validator
    occv    | Certificate country: DE
    occv    | Development mode: False
    occv    |     uvicorn.run("occv:app", host="0.0.0.0", port=8000, log_level="info")
    occv    |   File "/usr/local/lib/python3.10/site-packages/uvicorn/main.py", line 447, in run
    occv    |     server.run()
    occv    |   File "/usr/local/lib/python3.10/site-packages/uvicorn/server.py", line 68, in run
    occv    |     return asyncio.run(self.serve(sockets=sockets))
    occv    |   File "/usr/local/lib/python3.10/asyncio/runners.py", line 44, in run
    occv    |     return loop.run_until_complete(main)
    occv    |   File "/usr/local/lib/python3.10/asyncio/base_events.py", line 641, in run_until_complete
    occv    |     return future.result()
    occv    |   File "/usr/local/lib/python3.10/site-packages/uvicorn/server.py", line 76, in serve
    occv    |     config.load()
    occv    |   File "/usr/local/lib/python3.10/site-packages/uvicorn/config.py", line 448, in load
    occv    |     self.loaded_app = import_from_string(self.app)
    occv    |   File "/usr/local/lib/python3.10/site-packages/uvicorn/importer.py", line 21, in import_from_string
    occv    |     module = importlib.import_module(module_str)
    occv    |   File "/usr/local/lib/python3.10/importlib/__init__.py", line 126, in import_module
    occv    |     return _bootstrap._gcd_import(name[level:], package, level)
    occv    |   File "<frozen importlib._bootstrap>", line 1050, in _gcd_import
    occv    |   File "<frozen importlib._bootstrap>", line 1027, in _find_and_load
    occv    |   File "<frozen importlib._bootstrap>", line 1006, in _find_and_load_unlocked
    occv    |   File "<frozen importlib._bootstrap>", line 688, in _load_unlocked
    occv    |   File "<frozen importlib._bootstrap_external>", line 883, in exec_module
    occv    |   File "<frozen importlib._bootstrap>", line 241, in _call_with_frames_removed
    occv    |   File "/code/occv.py", line 47, in <module>
    occv    |     validator = DCCValidator(CERT_COUNTRY)
    occv    |   File "/code/validator.py", line 33, in __init__
    occv    |     self._cert_loader = self._get_cert_loader(country)()
    occv    |   File "/code/cert_loaders/de.py", line 23, in __init__
    occv    |     self._build_certlist()
    occv    |   File "/code/cert_loaders/de.py", line 140, in _build_certlist
    occv    |     certs_str = self._load_certs()
    occv    |   File "/code/cert_loaders/de.py", line 86, in _load_certs
    occv    |     certs_str = self._download_certs()
    occv    |   File "/code/cert_loaders/de.py", line 130, in _download_certs
    occv    |     self._save_certs(certs_str, signature)
    occv    |   File "/code/cert_loaders/de.py", line 55, in _save_certs
    occv    |     with open("./data/" + self._cert_filename, 'wb') as f:
    occv    | PermissionError: [Errno 13] Permission denied: './data/de.json'
    occv exited with code 1
    

    Maybe this has something to do with a version error on docker-compose.yml:

    # docker-compose up -d
    ERROR: Version in "./docker-compose.yml" is unsupported. You might be seeing this error because you're using the wrong Compose file version. Either specify a supported version (e.g "2.2" or "3.3") and place your service definitions under the `services` key, or omit the `version` key and place your service definitions at the root of the file to use version 1.
    For more on the Compose file format versions, see https://docs.docker.com/compose/compose-file/
    

    I changed the version entry to "3.3" which yields the above error.

    System info:

    # docker-compose -v
    docker-compose version 1.25.0, build unknown
    
    # docker -v
    Docker version 20.10.7, build 20.10.7-0ubuntu5~20.04.2
    
    opened by hokascha 2
  • check if a certificate is valid by date or is a final injection

    check if a certificate is valid by date or is a final injection

    Currently, the service only evaluates, if a certificate has a correct cryptographic signature, but not if the last vaccination was given more than 14 days ago or if it's a completed vaccination cycle of 1 or 2 injections.

    enhancement 
    opened by merlinschumacher 0
Releases(v0.0.6)
  • v0.0.6(Jan 2, 2022)

    This release fixes the broken update mechanism. The certificates will now be updated every 24hs.

    Full Changelog: https://github.com/merlinschumacher/Open-Covid-Certificate-Validator/compare/v0.0.5...v0.0.6

    Source code(tar.gz)
    Source code(zip)
  • v0.0.5(Dec 15, 2021)

  • v0.0.4(Dec 13, 2021)

    This version will always return DCC data. Even if the validation fails. Also the tests have been extended.

    Full Changelog: https://github.com/merlinschumacher/Open-Covid-Certificate-Validator/compare/v0.0.3...v0.0.4

    Source code(tar.gz)
    Source code(zip)
  • v0.0.3(Nov 25, 2021)

    This version supports the Austrian certificate infrastructure. Just set AT as the CERT_COUNTRY variable. It also exports business rules needed to check the validity of a certificate according to national rules.

    Source code(tar.gz)
    Source code(zip)
  • v0.0.2(Nov 8, 2021)

  • v0.0.1(Aug 16, 2021)

    The first release contains a working validator for EU COVID certificates / EU Green Certificates / Digitaler Impfnachweis. It currently only supports the certificate list provided by Germany, which should be able to validate all conforming European vaccination certificates. The German certificates are signature checked when (down)loaded.

    Notice: This software is still very rudimentary. It comes withour any warrant.

    Source code(tar.gz)
    Source code(zip)
Owner
Merlin Schumacher
Pop, Computers and so on.
Merlin Schumacher
Minimal API for the COVID Booking System of the Offices at the UniPD Math Dep

Simple and easy to use python BOT for the COVID registration booking system of the math department @ unipd (torre archimede). This API creates an interface with the official website, with more useful functionalities.

Guglielmo Camporese 4 Dec 24, 2021
A python api to get info on covid-19

A python api to get info on covid-19

roof 2 Jan 17, 2022
Free and Open Source Machine Translation API. 100% self-hosted, no limits, no ties to proprietary services. Built on top of Argos Translate.

LibreTranslate Try it online! | API Docs Free and Open Source Machine Translation API, entirely self-hosted. Unlike other APIs, it doesn't rely on pro

UAV4GEO 1.9k Jan 20, 2022
Bifrost C2. Open-source post-exploitation using Discord API

Bifrost Command and Control What's Bifrost? Bifrost is an open-source Discord BOT that works as Command and Control (C2). This C2 uses Discord API for

null 35 Dec 21, 2021
McTrade is a bot exploiting Binance API, open source! built in python !

Open Source Crypto Trading Bot using Binance API Report Bug · Request Feature Table of Contents About The Project Built With Getting Started Prerequis

Raphael Cohen 5 Jan 11, 2022
Tracker to check the covid shot slot availability in India and send mobile alerts via Twilio Messaging Service.

Cowin-Slot-Tracker Tracker to check the covid vaccine slot availability in India and send mobile notifications through Twilio Messaging Service. Requi

invalid username 30 Nov 8, 2021
This very basic script can be used to automate COVID-19 vaccination slot booking on India's Co-WIN Platform.

COVID-19 Vaccination Slot Booking Script This very basic CLI based script can be used to automate covid vaccination slot booking on Co-WIN Platform. I

null 614 Dec 13, 2021
Telegram Bot to check covid vaccine slot availability on CoWin site

Cowin Assist Telegram Bot Check the bot here @cowinassistbot. This is a simple Telegram bot to Check slots availability Get an alert when slots become

null 31 Oct 2, 2021
Bot per controllare la disponibilità di appuntamenti per la vaccinazione Covid-19 in Veneto

VaxBot9000 Prerequisites Python 3.9 Poetry latest version of geckodriver Firefox Setup poetry install Copy config.sample.toml to config.toml and edit

Augusto Zanellato 5 Jun 13, 2021
Light weight Scripts and Apps for checking availability of Covid Vaccines in India. Notifies when vaccine becomes avialable in your area.

vaccine-checker Light weight Scripts and Apps for checking availability of Covid Vaccines in India. Notifies when vaccine becomes avialable in your ar

Abishek V Ashok 8 Jun 16, 2021
Python script to decode the EU Covid-19 vaccine certificate

vacdec Python script to decode the EU Covid-19 vaccine certificate This script takes an image with a QR code of a vaccine certificate as the parameter

Hanno Böck 241 Jan 13, 2022
A simple script & container to pull COVID data from covidlive.com.au and post a summary to a slack channel

CovidLive AU Summary Slackbot This bot is a very simple slackbot that pulls data, summarises and posts up to date AU COVID stats to a provided slack c

James 3 Dec 18, 2021
Telegram bot for downloading covid-19 vaccine certificate

cowin-certificate-bot This is the source code of @cowincertbot, A telegram bot inspired by the whatsapp bot implementation of indian government for co

ArUn Pt 32 Jan 10, 2022
Want to get your driver's license? Can't get a appointment because of COVID? Well I got a solution for you.

NJDMV-appoitment-alert Want to get your driver's license? Can't get a appointment because of COVID? Well I got a solution for you. We'll get you one i

Harris Spahic 1 Oct 25, 2021
Automate UCheck COVID-19 self-assessment form submission

ucheck Automate UCheck COVID-19 self-assessment form submission. Disclaimer ucheck automatically completes the University of Tornto's UCheck COVID-19

Ira Horecka 14 Dec 2, 2021
An analysis of the efficiency of the COVID-19 vaccine

VaccineEfficiency ?? An analysis of the efficiency of the COVID-19 vaccine 3 Methods 1️⃣ Compare country's vaccination data to number of day- to-day c

Stephanie Younes 1 Dec 10, 2021
Chatbot construido com o framework Rasa para responder dúvidas referentes ao COVID-19.

Racom Chatbot Chatbot construido com o framework Rasa. Como executar Necessário instalar Docker e Docker Compose. Para inicializar a aplicação, basta

Vinícius Souza 4 Jan 7, 2022
Coronavirus whatsapp chatbot to give real time info on covid

Covy Developed a coronavirus whatsapp chatbot which gives case counts in a particular district, city, state or country. It also predicts future cases

Devinco (Rachit) 0 Oct 3, 2021
Tesseract Open Source OCR Engine (main repository)

Tesseract OCR About This package contains an OCR engine - libtesseract and a command line program - tesseract. Tesseract 4 adds a new neural net (LSTM

null 43.6k Jan 15, 2022