Comments (7)
no, technically this certificate is not expired (2021-11-02), the validation lib here only verifies the structure, technical correctness and authenticity. it does not validate any business rules (e.g. tests valid for 48 hours). this must be done as a next step with the libs published in the EHN/EU repositories. does this perspective help to solve the problem?
from hcert-kotlin.
@dominikstrasser since your GITHUB profile indicates "Austria" I am referring you to the info page by the ministry of health, that links all the reps, the architecture and the availability of the Austrian lists (trust list, business rules EU, business rules AT, value sets). hope that provides further context and the required information
https://github.com/Federal-Ministry-of-Health-AT/green-pass-overview
from hcert-kotlin.
@asitplus-pteufl Thanks for the fast response.
So the description just does not match the QR-Code data?
Or should i assume the certificate is valid two days in relation to the certificateValidFrom": "2021-05-05
value?
from hcert-kotlin.
ah sorry, now I got the confusion... text might be wrong/misleading here, since the technical validity is much longer than the text states.
didn't check the code myself, but using your output the following can be derived:
technical validity of the document and issued at (VALID right now):
"expirationTime": "2021-11-02",
"issuedAt": "2021-05-06",
hard technical validity defined by the signature certificate which was used to sign the code:
"certificateValidFrom": "2021-05-05",
"certificateValidUntil": "2023-05-05",
Now, what is missing in the validation lib here is the "business rules" validation. you need to check out the links which are given in my link above. the business rules validations are not trivial, you have different rules over europe and there are many things to consider (which vaccines are allowed, when is the vaccine valid after the 1st/2nd shot, different national rules/profiles, e.g. in Austria entry tests vs. night clubs etc.) All the rules are available in the sources which are explained in the link that I posted before
from hcert-kotlin.
Ok thanks. i think there was confusion on both sides ;)
As far as i see there is no validation engine for javascript/typescript yet - right?
Is there one planned - or probably a port from the kotlin version?
from hcert-kotlin.
hmm, there should be: https://github.com/ehn-dcc-development/dgc-business-rules
from hcert-kotlin.
I will check that one. Thanks for the help :)
I guess i will have more questions over time but this issue can then be closed for now ;)
from hcert-kotlin.
Related Issues (20)
- Empty "dr" field
- Publish hcert-kotlin on npm HOT 2
- Integration questions HOT 2
- Data Classes for Business Rules HOT 1
- Debugging Issue with v.1.3.0 HOT 4
- Cose.kt?5e47:24 Uncaught TypeError: sign$Companion.createSync is not a function HOT 2
- HCERT DOB is weakly verified HOT 1
- Where can I find SignedDataDownloader? HOT 2
- javascript: Possible to inject clock? HOT 3
- metaInformation missing time/timezone information
- JVM library missing public constructors HOT 3
- Missing hcert-kotlin.js HOT 5
- cbor+BigInt and Safari <14 HOT 1
- Java Maven Integration HOT 7
- Offline Validation for more than 48h 7 VerificationException: Expiration<clock.now() HOT 5
- CWT_Expired Error on Check with a new 3/3 valid cert HOT 2
- Add Anonymisation feature to JS Target
- KEY_NOT_IN_TRUST_LIST error after certificate update HOT 4
- Update JS to IR Backend
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from hcert-kotlin.