Great work, the NFC communication appears to work.
However, the actual validation of the certificate fails both via QR and NFC - although it is able to read my name. Somehow validation works in other apps (e.g. CovPass (the German one) or VerificiaC19 (the Italian one). I assume thats because the gdca app is only a reference code without any production access? The README states:
The apps are reference implementations that cannot be used in production environments as-is, but rather need to be configured by EU member states to access their national backends. The released APK files are configured to work with the test environments and will not report correct results on “live” DCCs.
Will the NFC support eventually propagate into the local variants of the verifier apps?
Yeah it doesn’t have the correct keys. I don’t care about whether it’s able to verify the certificate. I just wanted a test build to debug the NFC bit. It’s not functional - but it does decode your certificate and show your name
To be fair, the NFC code has always been there. It’s just that everybody sort of decided on doing QR codes instead and disabled the NFC functionality. So it was never tested or developed or anything. All I did was pull the repo, see that the entire NFC functionality was there, corrected what needed correcting and Bob’s your uncle.
More importantly, I’m hoping I contacted the right people to get this officially enabled in the Finnish app. The hope being, if one country enables NFC, other EU countries follow suit. And if they don’t, then it’ll be up to local implantees to pester their local health departments. But that’s for later, when the NFC functionality is officially fixed in the reference implementation.
The certificate I was given matches the descriptions I have heard from others.
It’s a CDC certificate that doesn’t fit into a standard credit card space and is made of light card. I have never been asked for proof, and there is no QR code, bar code, chip,… It’s about as low tech as you can get.
Silly question, but you did set it to NFC scan right?
If it doesn’t react, probably you copy-pasted the content of the QR code wrong onto the tag. What can happen is that you copied the content from a window or popup with broken lines, and whatever you pasted it into reassembled the line zapping spaces or adding spaces where the line breaks were. Base45 is really annoying that way because the space character actually encodes something, unlike base64.
I would suggest you convert your certificate’s QR code image using a desktop application, lile qtqr on Linux, to extract the string verbatim, and then even better, use a text-based certificate decoder like vacdec to confirm that the string you have has the correct number of spaces and the correct length.
It took me a few tries to extract mine without extra spaces.
Hmm, maybe it would be simpler if I pasted a sample string in here. Hang on a minute…
Got it now working. Yeah you were right about the formating. Got it extracted with pyzbar manually because qtqr didn’t want to use it correctly at first. Now I got to the point that I can scan it as right as I can with the reference software.
Speaking of that - and more seriously - unfortunately the reference implementation only supports NDEFs with a single message containing a single plain text record. Anything other than that and it won’t decode the certificate.
So at the moment, you do need a dedicated implant for your COVID certificate.
However, it doesn’t have to be that way. I could in fact have contributed a larger patch with support for multi-record NDEFs. But here’s what I thought: the most important is to make as little change as possible to the existing code, and get that approved and rolled out on the basis that the changes are not dangerous or scary to the policymakers, and don’t require massive amounts of testing (therefore resources) to be validated.
So that’s what I did. Phase one is to submit a very small bugfix (what I did today) and convince the right people to bring the feature to the reference app, then to the national apps. Once that’s done, there will be time enough to suggest a cleverer NFC decoder that can extract COVID certificate data from tags that contain other things.
Hopefully my careful plan will pan out.
The ideal situation of course would be a COVID applet in the Apex, and the Apex handling the person’s identification (which is the other part of the COVID certificate checking that isn’t handled by any implant at the moment). But the Apex is… not here yet, and its integration into the Finnish ID system nowhere in sight. But that would be ideal
Yeah. I figured that was the case so there’s a hope but I won’t hold my breath. If that doesn’t happen before I get my hands on flexNT2 and installed that would be my dedicated device for the certificate.
The implants aren’t the expensive part. Just wait until you get to buying locks and readers and useful devices to go with em. I must have close to 4,000 euros in locks and readers on various doors and computers that don’t even belong to me. It’s really, really a fucking expensive hobby if you go all the way.
Oh someone else will have to dig into that one. I don’t have an iPhone, I know nobody who has an iPhone, and quite frankly I gave up on the iPhone long ago. It’s kind of a hopeless platform for interesting implant use cases. And I admire those who do try to bring stuff to the platform who are willing to go through Apple’s vetting process.