ES: Incorrect type and values for attributes Issued At and Expiration Time

[rafalgra]

Affected Country: ES

Issue Description

ES is not using integer NumericDate format for attributes Issued At and Expiration Time in CWT Structure (payload section). Official documentation (https://github.com/ehn-digital-green-development/hcert-spec/blob/main/hcert_spec.md) specifies: 3.3.5 Expiration Time The Expiration Time (exp) claim SHALL hold a timestamp in the integer NumericDate format (as specified in RFC 8392 section 2) indicating for how long this particular signature over the Payload SHALL be considered valid, after which a Verifier MUST reject the Payload as expired. The purpose of the expiry parameter is to force a limit of the validity period of the health certificate. The Claim Key 4 is used to identify this claim.

3.3.6 Issued At The Issued At (iat) claim SHALL hold a timestamp in the integer NumericDate format (as specified in RFC 8392 section 2) indicating the time when the health certificate was created.

Screenshots:

Proposed Solution

Correct the values and type for attributes Issued At and Expiration Time to the format which is required in official documentation (integer NumericDate format (as specified in RFC 8392 section 2).

[JChrist]

Also, the iat field is past the VALIDATIONCLOCK. eg. for 1101.json VALIDATIONCLOCK: 2021-05-17 09:11:47.777Z iat: 2021-05-24 11:18:18.000

[Santivicen]

Hi @rafalgra I have submitted that files with changes on IssuedAt and Expiration fields, could yo check it to close this issue, please?

[rafalgra]

It's okay now :)

[vanlooverenkoen]

{
  1: ES,
  4: 1777072237,
  6: 1621844298.68,
  -260: {
    1: {
      v: [
        {
          ci: 01ES11VBB823DB3EB6D47BA11F09#5,
          co: ES,
          dn: 2,
          dt: 2021-02-06,
          is: ServicioExtremeñodeSalud,
          ma: 729999,
          mp: 729999,
          sd: 2,
          tg: 729999,
          vp: 729999
        }
      ],
      dob: 1989-04-27,
      nam: {
        fn: MARQUEZSANCHEZ,
        gn: JULIA,
        fnt: MARQUEZ<SANCHEZ,
        gnt: JULIA
      },
      ver: 1.0.0
    }
  }
}

The issued at is still a double. testfile: 1101.json

[vanlooverenkoen]

Apparently, 1101.json is not the only one I will create a list with all the files that are still using doubles for ES

• 1101.json (issued at only)
• 401.json (both expiration & issued at)
• 1002.json (issued at only)
• 1501.json (both expiration & issued at)
• 502.json (issued at only)
• 703.json (both expiration & issued at)
• 702.json (both expiration & issued at)
• 201.json (both expiration & issued at)
• 503.json (issued at only)
• 1003.json (issued at only)
• 1503.json (both expiration & issued at)
• 701.json (both expiration & issued at)
• 202.json (issued at only)
• 501.json (issued at only)
• 203.json (both expiration & issued at)
• 1001.json (issued at only)
• 1502.json (both expiration & issued at)
• 402.json (both expiration & issued at)
• 1102.json (issued at only)
• 1103.json (issued at only)
• 403.json (both expiration & issued at)