VC_HC_CWT_NO_ISS at DCC Result #27
Comments
|
Same issue here |
|
i think, the problem is the encryption and a very bad documentation. anyhow, I never got that working since days even with online encryption and so on... that's really horrible... |
|
@juergenroesch I'm not sure about that. I tried to encrypt a random string instead of the CBOR object inside the AES function. Then I got a new ERR Code VC_HC_CBOR_DECODING_FAILED which tells me that the encryption should be fine. I'm guessing its some kind of encoding issue... not sure but UTF-8 and ASCII-8BIT seems to be an issue with the hex dumps of CBOR
|
|
Which version of the iOS app are you using btw? Version 2.6.0.3? |
|
2.4.0 (12) - i dont get a newer one from the TestFlight |
2.4.0 latest on testflight |
|
Mh, that's strange. We are on 2.5.1 released and version 2.6 is in development. But no idea what exactly TestFlight is used for here, I don't have access, but IHMO it's strange that you're not even on a pre-release version of 2.5... Anyways I don't think version 2.5 would fix your issue, didn't see a PR for this. |
|
It has to be something on the server side. The lab simulator python script here works. So... Is there any way we can get in touch with the server team on that? To be at least sure if the problem is caused by encryption or not? |
|
@daniel-eder already assigned @MartinKonrad to this issue, so I'm sure you'll get feedback soon. @dsarkar Do you want to mirror this to JIRA? Maybe EXPOSUREBACK? |
|
@hmontazeri we need to have a closer look on this topic. Please describe your problem in detail and send it via email to [email protected] . Thank you. |
|
I was able to fix my implementation with some help from @mdf-dths. # my ruby code
cipher.iv = ["00000000000000000000000000000000"].pack("H*")
cipher.key = [SecureRandom.bytes(64)].pack("H*")These two lines got it working for me. It is the IV and KEY for the AES encryption. It's mandatory that they are hex values. |
|
Yeah I am having the same problems getting it running in PHP tbh. (if anyone has a working implementation already I'd be grateful ;) ) But yeah what would be REALLY nice is if the server didn't accept certificates it can not decode from the start cause I and I assume many other people would assume that when the request is accepted it's good to go.... |
|
@KDederichs there is a PHP implementation I got from @mdf-dths. PHP DCC |
|
Thanks! |
|
OK guys, i have been at this for three days. My problem was that the docs -DO- mention that the AES IV is {0...0} |
my hex is:
846A5369676E61747572653143A1012640590115A401624445041A60F1F9A5061A60EF56A5390103A101A4617481A9626369782955524E3A555643493A56313A44453A49495938423657513938344A4A3849554C304838564B5255444E62636F62444562697374526F62657274204B6F63682D496E737469747574626D61643133333362736374323032312D30372D31345431383A31383A30345A627463744A75657267656E7320546573747A656E7472756D62746769383430353339303036627472693236303431353030306274746A4C503231373139382D3363646F626A313938302D30312D3031636E616DA462666E6A4D75737465726D616E6E62676E654572696B6163666E746A4D55535445524D414E4E63676E74654552494B416376657265312E332E30what is the CBOR:
{1: "DE", 4: 1626470821, 6: 1626298021, -260: {1: {"t": [{"ci": "URN:UVCI:V1:DE:IIY8B6WQ984JJ8IUL0H8VKRUDN", "co": "DE", "is": "Robert Koch-Institut", "ma": "1333", "sc": "2021-07-14T18:18:04Z", "tc": "Juergens Testzentrum", "tg": "840539006", "tr": "260415000", "tt": "LP217198-3"}], "dob": "1980-01-01", "nam": {"fn": "Mustermann", "gn": "Erika", "fnt": "MUSTERMANN", "gnt": "ERIKA"}, "ver": "1.3.0"}}}If I send that to the WRU-Server i get valid response but if I check that on the IOS Testflight App I get the error "Dieser QR-Code ist kein gültiges Impfzertifikat (VC_HC_CWT_NO_ISS)".
For my understanding, Encryption and everything is fine but there might be a error in the DCC because the app tries to use that as a Vaccine-certifiate instead of a DCC?
Any hints?
The text was updated successfully, but these errors were encountered: