-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathholder_european.go
59 lines (48 loc) · 1.46 KB
/
holder_european.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
package mobilecore
import (
"encoding/json"
"time"
)
func ReadEuropeanCredential(proofQREncoded []byte) *Result {
// Read the proof
hcert, err := europeanHolder.ReadQREncoded(proofQREncoded)
if err != nil {
return WrappedErrorResult(err, "Could not read European credential")
}
// If the credential is a specimen, set the expirationTime to a year in the future
if hcert.ExpirationTime == HCERT_SPECIMEN_EXPIRATION_TIME {
hcert.ExpirationTime = time.Now().Add(28 * 24 * time.Hour).Unix()
}
// Marshal to JSON
hcertJson, err := json.Marshal(hcert)
if err != nil {
return WrappedErrorResult(err, "Could not JSON marshal hcert")
}
return &Result{hcertJson, ""}
}
func IsDCC(proofQREncoded []byte) bool {
_, err := europeanHolder.ReadQREncoded(proofQREncoded)
return err == nil
}
func IsForeignDCC(proofQREncoded []byte) bool {
hcert, err := europeanHolder.ReadQREncoded(proofQREncoded)
if err != nil {
return false
}
// If the CWT issuer field specifies a foreign country code, it's a foreign DCC
if hcert.Issuer != DCC_DOMESTIC_ISSUER_COUNTRY_CODE {
return true
}
// A domestic CWT issuer field can still represent a CAS-island DCC,
// when it has a configured key with a present SAN which is not the domestic country code SAN
pks, ok := europeanPksLookup[hcert.KIDB64]
if !ok {
return false
}
for _, pk := range pks {
if len(pk.SubjectAltName) == 3 && pk.SubjectAltName != DCC_DOMESTIC_ISSUER_KEY_SAN {
return true
}
}
return false
}