certificate identifier is limited to maxLength 80 but no limit specified

[dbaldes]

The JSON Schema limits the "ci" - certificate identifier field to 80 characters:

https://github.com/corona-warn-app/cwa-app-android/blob/1c73bc563d523f667b2bce8cc91a668d668ff150/Corona-Warn-App/src/main/assets/jsonschema-dcc-ebb6720.json#L139

My certificate (issued by Thailand) has an 81 character CI. Hence, validation fails with a JSON-schema error.

Looking at the spec (referenced in above JSON schema), I don't see a hard limitation to 80 characters. Could you please clarify?

Note: the Swiss CovidCert app recognizes my certificate as valid.

Thanks in advance!

Internal Tracking ID: EXPOSUREAPP-12608

[dsarkar]

Hi @dbaldes,

Thanks for the question. We will try to get you an answer ASAP. Best wishes, DS

---

Corona-Warn-App Open Source Team

[dbaldes]

Thanks. just to clarify: my certificate is supposed to be valid in the EU (and other countries).

[MikeMcC399]

@dbaldes

I'm sure that @dsarkar will be consulting with the experts. I just happened to notice in the json you quoted https://github.com/corona-warn-app/cwa-app-android/blob/1c73bc563d523f667b2bce8cc91a668d668ff150/Corona-Warn-App/src/main/assets/jsonschema-dcc-ebb6720.json#L136-L139

the document https://ec.europa.eu/health/sites/health/files/ehealth/docs/vaccination-proof_interoperability-guidelines_en.pdf seems to state a maximum of 72 characters (footnote 6 on page 12).

[thomasaugsten]

You can find the original schema defintion from the EU here https://github.com/ehn-dcc-development/ehn-dcc-schema/blob/178c59b82726449311ecf4b007d0db80e8f72fdc/DCC.Core.Types.schema.json#L67

I will address the issue in the EU and the Thailand representative

@dbaldes maybe you can provide an example uvci from thailand with fake data

[dbaldes]

@thomasaugsten my decoded certificate identifier looks like this (this is fake data):

"ci" : "URN:UVCI:01:TH:0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDE#O"

[dbaldes]

I just found that the greenpassapp.eu app also recognizes my certificate as valid. And my wife's certificate (also Thai-issued) has the same problem. If needed, I can provide my real certificate via a private channel.

[MikeMcC399]

@dbaldes

Did you get the same failure on the German CovPass App?

I checked my German vaccination certificate decoded on https://github.pathcheck.org/debug.html and the ci uses 48 characters.

[dbaldes]

@MikeMcC399 it does work in the CovPass app.

A side note, the CovPass, CovPassCheck and Corona Warn Apps are not available to download via the play store here in Thailand. ("this item is not available in your country"). I had to install them by downloading an APK.

[MikeMcC399]

@dbaldes

it does work in the CovPass app.

That should give you a workaround in that case.

A side note, the CovPass, CovPassCheck and Corona Warn Apps are not available to download via the play store here in Thailand. ("this item is not available in your country"). I had to install them by downloading an APK.

Unfortunately the app store country availability is driven by legal considerations which do not take much account of individual circumstances. It's good that you know your way around obtaining and installing APKs. 🙂

[dbaldes]

Unfortunately the app store country availability is driven by legal considerations which do not take much account of individual circumstances. It's good that you know your way around obtaining and installing APKs. slightly_smiling_face

It would be useful to offer the APK for download on the official website.

[MikeMcC399]

@dbaldes

It would be useful to offer the APK for download on the official website.

• The FAQ article [Google/Android]: The app isn’t available as an APK, neither on GitHub nor on F-Droid etc. Will you also deliver the app as an APK? provides the official statement about this. I may be wrong, but I don't expect this to change.

• The FAQ article also references https://github.com/corona-warn-app/cwa-wishlist/issues/57.

[Ein-Tim]

@mtwalli This seems like a bug and not like a feature request. Please check wirth @thomasaugsten and move it back to the Android repo if appropriate.

[mtwalli]

@Ein-Tim the ticket says it is a story not a bug, Which should be handled in iOS and Android. Also we are using the schema provided by EU and the certificate is issued by Thailand.

[mtwalli]

@Ein-Tim see https://github.com/corona-warn-app/cwa-app-ios/blob/db4828940655c40bd5394b2c9f9ef16a9f986bec/src/xcode/ENA/HealthCertificateToolkit/Sources/HealthCertificateToolkit/CertificateAccess/Ressources/CertificateSchema.json

[MikeMcC399]

@Ein-Tim

This seems like a bug and not like a feature request.

Can you provide a link to specification which says that 81 characters are valid?

In the comment https://github.com/corona-warn-app/cwa-wishlist/issues/858#issuecomment-1252007028 I referred to https://ec.europa.eu/health/sites/health/files/ehealth/docs/vaccination-proof_interoperability-guidelines_en.pdf which seems to state a maximum of 72 characters (footnote 6 on page 12).

[Ein-Tim]

@mtwalli Could you re-asses this, because @dbaldes stated above, that it works with CovPass, so it is strange that this does not work with CWA.

@thomasaugsten Did Thailand change their implementation meanwhile?

[Ein-Tim]

@MikeMcC399 I don't know if this is according to the schema or not, I only know that it seems to work in CovPass but not in CWA. These two apps should behave the same way (if it is possible to scan a certificate with CovPass, it should also be possible to scan it with CWA).

If you are interested why CovPass allows this certificate to be imported, you should open a new issue in a CovPass repo.

[mtwalli]

@Ein-Tim What I know that CovPass should be using the same schema see https://github.com/Digitaler-Impfnachweis/covpass-android/blob/7f333711845394018e71c432d346c352427e3960/covpass-sdk/src/main/assets/covpass-sdk/json-schema-v1.json I can't say for sure why it is accepted there

[Ein-Tim]

Maybe @dbaldes could recheck and let us know if CovPass meanwhile also rejects the certificate?

Independent form that it would be interesting to know if Thailand fixed their implementation.

[MikeMcC399]

@mtwalli

I suggest to change the title to suit a wishlist item better, for example:

"Accept certificates with certificate_id length > 80"

This would probably need a schema change at the EU level according to the definitions in https://github.com/ehn-dcc-development/eu-dcc-schema. Currently https://github.com/ehn-dcc-development/eu-dcc-schema/blob/release/1.3.2/DCC.Core.Types.schema.json specifies "maxLength": 80:

    "certificate_id": {
      "description": "Certificate Identifier, format as per UVCI: Annex 2 in  https://ec.europa.eu/health/sites/health/files/ehealth/docs/vaccination-proof_interoperability-guidelines_en.pdf",
      "type": "string",
      "maxLength": 80
    }

[MikeMcC399]

I researched this a little further and I found:

COMMISSION IMPLEMENTING DECISION (EU) 2021/2299 of 21 December 2021 establishing the equivalence, for the purpose of facilitating the right of free movement within the Union, of COVID-19 certificates issued by Thailand to the certificates issued in accordance with Regulation (EU) 2021/953 of the European Parliament and of the Council

https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32021D2299&from=EN

refers to

REGULATION (EU) 2021/953 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 14 June 2021 on a framework for the issuance, verification and acceptance of interoperable COVID-19 vaccination, test and recovery certificates (EU Digital COVID Certificate) to facilitate free movement during the COVID-19 pandemic

https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32021R0953&qid=1663673861350&from=EN

I did not try to dig into this any further, however it seems that certificates from Thailand should correspond to the EU definition, so this issue should not be a wishlist to make a change to CWA.

Instead, if @dbaldes still has an issue with his individual certificate then he might be able to go back to the authorities in Thailand and request that the certificate be reissued so that it conforms to the EU schema.

I suggest in this case to close this wishlist item.

[larswmh]

Closing this issue as suggested by @MikeMcC399. Thanks to all participants for your help on this.