This is the implementation of the Electronic Health Certificates (EHN) specification used to verify the validity of COVID Certificates in Switzerland.
It is partly based on the reference implementation of EHN's ValidationCore
[2].
This project is truly open-source and we welcome any feedback on the code regarding both the implementation and security aspects.
Bugs or potential problems should be reported using Github issues. We welcome all pull requests that improve the quality of the source code.
CovidCertificateSDK is available through Swift Package Manager
Package.swift
file:
dependencies: [
.package(url: "https://github.com/admin-ch/CovidCertificate-SDK-iOS.git", .branch("main"))
]
This version points to the HEAD of the main
branch and will always fetch the latest development status. Releases will be made available using semantic versioning to ensure stability for depending projects.
CovidCertificateSDK is available through Cocoapods
Podfile
:
pod 'CovidCertificateSDK', '~> 1.0'
This version points to the HEAD of the main
branch and will always fetch the latest development status. Releases will be made available using semantic versioning to ensure stability for depending projects.
The SDK provides the functionality of decoding a QR code into an electronic health certificate and verifying the validity of the decoded certificate. It also takes care of loading and storing the latest trust list information that is required for verification. The trust list is a data model that contains a list of trusted public signing keys, a list of revoked certificate identifiers and the currently active national rules.
Decoding a QR code into a COVID certificate uses the following steps. For more information, refer to the EHN specification.
HC1:
(EU Dcc Certificate) and LT1:
(CH Certificate Light) are valid prefixesCertificateHolder
containing either a DCCCert
or a LightCert
The verification process consists of three parts that need to be successful in order for a certificate to be considered valid.
The SDK needs to be initialized with an environment and a API token. This allows for different verification rules per environment or other environment-specific settings.
If you intend to integrate the CovidCertificate-SDK-iOS into your app, please get in touch with the BAG to get a token assigned.
After initialization the following pipeline should be used:
Decode the base45 and prefixed string to retrieve a Digital Covid Certificate
Verify the Certificate by calling the .check
method. Internally this verifies the signature, revocation status and national rules
All these checks check against verification properties that are loaded from a server.
These returned properties use a property to specify how long they are valid (like max-age
in general networking).
With the parameter forceUpdate
, these properties can be forced to update.
CovidCertificateSDK offers a Verifier
and Wallet
namespace. Methods in the Wallet namespace must only be used by the official COVID Certificate App.
let result: Result<VerifierCertificateHolder, CovidCertError> = CovidCertificateSDK.Verifier.decode(encodedData: qrCodeString)
CovidCertificateSDK.Verifier.check(holder: certificateHolder, mode: checkMode) { result: CheckResults in
result.signatureResult
result.revocationStatus
result.nationalRules
result.modeResults
}
A verification mode collects together a set of verification rules. Examples of verification modes are "2G", "3G".
Unlike you might expect, the SDK does NOT hardcode the different verification modes into an enum. Instead, they are provided dynamically by the backend. This in order to integrate with the CertLogic rules that drive the verification process (which are also provided dynamically).
DO NOT hardcode the verification modes! If the backend changes the available modes, your app may crash!
To obtain a list of currently available verification modes:
var activeModes: [CheckMode] = CovidCertificateSDK.Verifier.activeModes
This project is licensed under the terms of the MPL 2 license. See the LICENSE file for details.
[1] Health Certificate Specification
[2] Validation Core
link |
Stars: 19 |
Last commit: 2 weeks ago |
Full Changelog: https://github.com/admin-ch/CovidCertificate-SDK-iOS/compare/v3.3.0...v3.4.0
Swiftpack is being maintained by Petr Pavlik | @ptrpavlik | @swiftpackco | API | Analytics