Merge pull request #3 from spritz-group/develop

Release version v1.0.1
spritz-group · Mar 16, 2023 · 6e86c6a · 6e86c6a
2 parents cd269de + ae102dd
commit 6e86c6a
Show file tree

Hide file tree

Showing 6 changed files with 71 additions and 14 deletions.
diff --git a/CHANGELOGS.md b/CHANGELOGS.md
@@ -1,5 +1,9 @@
 # QRFuzz Changelogs
 
+**v1.0.1** (2023-03-16)
+
+- Re-added VerificaC19 inspector and builder from previous tests
+
 **v1.0.0** (2023-03-12)
 
 - Initial public release
diff --git a/README.md b/README.md
@@ -4,7 +4,7 @@ A fuzzing toolkit to test malicious QR Codes in mobile applications.
 
 ![QRFuzz banner](docs/images/qrfuzz-banner.png)
 
-**Current release**: v1.0.0 (2023-03-12)
+**Current release**: v1.0.1 (2023-03-16)
 
 You can find toolkit updates in the [CHANGELOGS](CHANGELOGS.md) page.
 

diff --git a/tools/QRCodeFuzzer/inspectors/verificac19.js b/tools/QRCodeFuzzer/inspectors/verificac19.js
@@ -3,25 +3,19 @@ class Inspector {
     app_package = "it.ministerodellasalute.verificaC19";
     app_activity = "it.ministerodellasalute.verificaC19.ui.SplashScreenActivity";
 
-    // Note: only the first QR gives a different error (that is QR not recognized because does not start with the URL required).
-
     async goToScan(driver) {
-    	// let scan = await driver.findElement("xpath", '/hierarchy/android.widget.FrameLayout/android.widget.LinearLayout/android.widget.FrameLayout/android.widget.FrameLayout/android.widget.FrameLayout/android.view.ViewGroup/android.widget.FrameLayout/android.widget.ScrollView/android.view.ViewGroup/androidx.recyclerview.widget.RecyclerView[1]/android.view.ViewGroup[1]');
-
-        let scan = await driver.findElement("id", 'posteitaliane.posteapp.appbpol:id/access_qr');
+        let scan = await driver.findElement("id", 'it.ministerodellasalute.verificaC19:id/qrButton');
         await driver.elementClick(scan.ELEMENT);       
     }
 
     async getResultView(driver) {
-        return await driver.findElement("id", "posteitaliane.posteapp.appbpol:id/md_titleFrame");
+        return await driver.findElement("id", "it.ministerodellasalute.verificaC19:id/certificate_valid");
     }
 
     async goBackToScan(driver) {
-    	let ok = await driver.findElement("id", 'posteitaliane.posteapp.appbpol:id/md_buttonDefaultPositive');
-        await driver.elementClick(ok.ELEMENT);
-
-        // let scan = await driver.findElement("id", 'posteitaliane.posteapp.appbpol:id/access_qr');
-        // await driver.elementClick(scan.ELEMENT);       
+        driver.back();
+    	// let ok = await driver.findElement("id", 'it.ministerodellasalute.verificaC19:id/close_button');
+        // await driver.elementClick(ok.ELEMENT);
     }
 
 }

diff --git a/tools/QRCodeGenerator/app_specific/verificac19.py b/tools/QRCodeGenerator/app_specific/verificac19.py
@@ -0,0 +1,55 @@
+from zlib import compress
+from binascii import unhexlify
+from base45 import b45encode
+from flynn import encoder as flynn_encoder
+from flynn import decoder as flynn_decoder
+from cose.messages import Sign1Message
+from cose.headers import Algorithm, KID
+from cose.algorithms import EdDSA
+from cose.keys.curves import Ed25519
+from cose.keys import OKPKey
+from base64 import b64decode
+from datetime import *
+
+# --------------------
+# Green Pass Builder for VerificaC19
+# Script edited from ps1dr3x (github.com/ps1dr3x/greenpass-generator)
+# --------------------
+
+PRIVKEY = b"9d370d925476752486ab0e4a8e088228e493da12d1586fafae9f35880dbcfe03"
+HEADER = b""
+
+yesterday = datetime.timestamp(datetime.now()) - 86400
+tomorrow = datetime.timestamp(datetime.now()) + (7 * 86400)
+
+def get_pass(payload: str):
+    return {payload}
+
+def get_cose(data):
+    return Sign1Message(
+        phdr={Algorithm: EdDSA, KID: b64decode("NJpCsMLQco4=")}, 
+        payload=flynn_encoder.dumps(data)
+    )
+
+def add_cose_key(msg, privkey):
+    privkey = unhexlify(privkey)
+    key = OKPKey(crv=Ed25519, d=privkey, optional_params={"ALG": "EDDSA"})
+    msg.key = key
+    return msg
+
+def flynn(signed_encoded, header=b""):
+    (_, (header_1, header_2, cbor_payload, sign)) = flynn_decoder.loads(signed_encoded)
+    if header:
+        header_1 = header
+    return flynn_encoder.dumps((header_1, header_2, cbor_payload, sign))
+
+def b45(msg):
+    return b45encode(compress(msg))
+
+def get_qr(p):
+    msg = get_cose(get_pass(p))
+    msg = add_cose_key(msg, PRIVKEY)
+    msg = flynn(msg.encode(), HEADER)
+    msg = b45(msg)
+    msg = b"HC1:" + msg
+    return msg
diff --git a/tools/QRCodeGenerator/qr_builder.py b/tools/QRCodeGenerator/qr_builder.py
@@ -1,3 +1,4 @@
+from app_specific.verificac19 import get_qr
 
 class qrbuilder:
     """ QR Builder Class 
@@ -86,7 +87,7 @@ def messages(payload: str):
         return "https://support.google.com/messages/?p=web_computer#?c=" + payload
 
     def verificac19(payload: str):
-        return payload
+        return get_qr(payload)
 
     def line(payload: str):
         return  payload # "https://line.me/R/ti/g/"+payload
diff --git a/tools/QRCodeGenerator/requirements.txt b/tools/QRCodeGenerator/requirements.txt
@@ -1,2 +1,5 @@
 qrcode~=7.4.2
-Pillow~=9.4.0
+Pillow~=9.4.0
+base45~=0.4.4
+flynn~=1.0.0b2
+cose~=0.9.dev8