search

ehn-dcc-development / hcert-testdata

Electronic Health Certificates prototype
BSD 2-Clause "Simplified" License
6 stars 1 forks source link

Unable to decode the output data #9

Closed jkiddo closed 3 years ago

jkiddo commented 3 years ago

The following snippet is a chunk from the output when running the tests

Signing hcert_example_typical.json
INFO:hcert.cli:Input JSON data: 507 bytes
INFO:hcert.cli:Compact JSON: 359 bytes
INFO:hcert.cli:Raw signed CWT: 383 bytes
INFO:hcert.optical:Encoding 383 bytes for QR
INFO:hcert.optical:QR data: b'HC1NCFOXNEG2NBJ5*H:QOY0P70QAW5H4DK/341NHMIDZDTSJ H8F3S-%27WGCNK 438E41YL423123LF60H9I%5LKB3DJ1OTM7BZGL%0KSVBGZIUSQM65-S4834L/5CL6U+QQHPX*OJ+PV72-XIWN1 F13ZM1:6RW60/E9/9-3AKI63ZM-.Q$76QW60H9GN9Z.DE2KQMIQXBC%TS8T:NKIAD 9I9.SXALOP2K6QHN9Q3Q4+PMYE7CQ T5TM95ILW*9LZ5.-1UXP:G9:IAVSPIAV0C9N3QJ%5AX5HS9NJPLDCG+9ZT5PF68468Q08ULN9C%ZJ1OILH2FC3RP9WMUAJTHJ3DJ3ZLSF.U*HDA8RM1D3LE+$IIK6O4Q8PB:T5XK90V6/MJ.1FE4OM54$CG$-GOWB/1RO5D 3V*XQX.UHR7KP786T37K9WOVRHNS7:4CT:I/S1ZS1*ZH'
INFO:hcert.optical:Wrote 459 bytes as QR to hcert_example_typical.png

-the interesting part for me, the QR data, being: b'HC1NCFOXNEG2NBJ5*H:QOY0P70QAW5H4DK/341NHMIDZDTSJ H8F3S-%27WGCNK 438E41YL423123LF60H9I%5LKB3DJ1OTM7BZGL%0KSVBGZIUSQM65-S4834L/5CL6U+QQHPX*OJ+PV72-XIWN1 F13ZM1:6RW60/E9/9-3AKI63ZM-.Q$76QW60H9GN9Z.DE2KQMIQXBC%TS8T:NKIAD 9I9.SXALOP2K6QHN9Q3Q4+PMYE7CQ T5TM95ILW*9LZ5.-1UXP:G9:IAVSPIAV0C9N3QJ%5AX5HS9NJPLDCG+9ZT5PF68468Q08ULN9C%ZJ1OILH2FC3RP9WMUAJTHJ3DJ3ZLSF.U*HDA8RM1D3LE+$IIK6O4Q8PB:T5XK90V6/MJ.1FE4OM54$CG$-GOWB/1RO5D 3V*XQX.UHR7KP786T37K9WOVRHNS7:4CT:I/S1ZS1*ZH'

-is not able to be decoded using the Java example impl. on https://github.com/ehn-digital-green-development/hcert-java . It can't even be Base45 decoded. Is there are a tool somewhere that can verify the encoding of the test data?

jschlyter commented 3 years ago

Did you strip the leading "HC1" before decoding? (the b'…' notation is just a side effect of the print, the content is the data within the quotes)

jkiddo commented 3 years ago

Ok - stripping that makes it work. Why is HC1 added as prefix? Have I missed that part in the spec?

jschlyter commented 3 years ago

It's in https://github.com/ehn-digital-green-development/hcert-spec/blob/main/hcert_spec.md#qr-2d-barcode:

In order for readers to be able to detect optical payload content type, the base45 encoded data (as per this specification) SHALL be prefixed by the string "HC1".

jkiddo commented 3 years ago

@jschlyter the decoded content from the example was:

{
    "1": "XX",
    "4": 1626084772,
    "6": 1618308772,
    "-65537": {
        "1": {
            "sub": {
                "n": "Gary West",
                "id": [
                    {
                        "i": "U1234567A",
                        "t": "pin"
                    },
                    {
                        "i": "P9876543E",
                        "t": "pas"
                    }
                ],
                "dob": "1985-03-02"
            },
            "vac": [
                {
                    "adm": "RIVM",
                    "aut": "Pfizer BioNTech",
                    "seq": 1,
                    "nam": "Comirnaty",
                    "dat": "2021-02-01",
                    "des": "COVID-19 mRNA vaccine",
                    "tot": 2
                },
                {
                    "adm": "RIVM",
                    "aut": "Pfizer BioNTech",
                    "seq": 2,
                    "nam": "Comirnaty",
                    "dat": "2021-03-01",
                    "des": "COVID-19 mRNA vaccine",
                    "tot": 2
                }
            ]
        }
    }
}

The label '-65537' - being the 'hcert' seems to have another label (-260) on https://github.com/ehn-digital-green-development/hcert-spec/blob/main/hcert_spec.md#cwt-claims

Is that a bug in the test data?

jschlyter commented 3 years ago

I'm waiting on confirmation from IANA (the registry) before changing to -260.