Describe the bug

The handling of Key Identifiers (kid) during verification violates the following requirement of Sec. 3.3.3 of the
specification:

Due to the shortening of the identifier (for space-preserving reasons) there is a slim but nonfinite chance that
the overall list of DSCs accepted by a validator may contain DSCs with duplicate kids. For this reason a verifier
MUST check all DSCs with that kid.

However, given two or more DSCs with the same kid, the code in VerificationViewModel.kt (cf. decode function) does not check all DSCs with that kid (but only one, possibly the wrong one) during certificate verification:

val kid = coseData.kid
...
val certificate = verifierRepository.getCertificate(kid.toBase64())
if (certificate == null) {
  Timber.d("Verification failed: failed to load certificate")
  return@withContext
}
cryptoService.validate(cose, certificate, verificationResult)

Expected behaviour

Correct handling of DSCs with duplicate kids in accordance with the specification.

Steps to reproduce the issue

Technical details

Possible Fix

Additional context

Describe the bug

Scanning a real QR code from a valid DGC certificate issued by the United Kingdom results in "verification failed".
The name of the holder is not shown on the screen.

Expected behaviour

A green checkmark and details of the certificate should be displayed. Verification is expected to succeed when scanning a QR from an authentic, production DGC certificate.

Steps to reproduce the issue

• Download a valid DGC certificate from the NHS App. (Notice there are several NHS apps, the correct one is com.nhs.online.nhsonline)
• A QR code containing an "HC1:" DGC is included in the certificate and can be read successfully using the Swiss wallet app.
• Open the app and ensure the latest certificates have been downloaded.
• Scan the QR code and obtain a "verification failed" message.

Technical details

Host Machine OS: Android 10; Dgca-verifier-app-android release v1.0.3

Possible Fix

Add public keys of the United Kingdom's "NHS Digital" as a trusted authority.

I can share production QR codes for testing through a private channel.

Create initial version of project for android app

Describe the bug

In the VerifierApp it is shown the Label "Country of Vaccination"

Expected behaviour

In the Test-QR-code should be written"Country of Test".

Steps to reproduce the issue

1. Open VerifierApp
2. Scan a test-certificate
3. see test certificate
   
4. you see "Contry of Vaccination" instead of "Country of Test"

Technical details

• Host Machine OS (Windows/Linux/Mac):

Possible Fix

Change Label to "Country of Test"

Additional context

Describe the bug

The Value of the field "Disease or Agent Targeted" should be humanly readable and not a number. In the attached example the value should read "Covid-19" instead of 840539006.

Expected behaviour

Steps to reproduce the issue

Technical details

Possible Fix

Additional context

Added information of used open source libraries

Describe the bug

I am unable to build this app on manjaro linux

Expected behaviour

App should build properly

Steps to reproduce the issue

1. Clone the repo
2. Run ./gradlew build
3. This error appears:

Could not determine the dependencies of task ':app:lintRelease'.
> Could not resolve all artifacts for configuration ':app:debugCompileClasspath'.
   > Could not resolve project :decoder.
     Required by:
         project :app
      > No matching configuration of project :decoder was found. The consumer was configured to find an API of a component, as well as attribute 'com.android.build.api.attributes.BuildTypeAttr' with value 'debug', attribute 'org.jetbrains.kotlin.platform.type' with value 'androidJvm' but:
          - None of the consumable configurations have attributes.

Technical details

• Host Machine OS (Windows/Linux/Mac): Manjaro Linux

Possible Fix

Additional context

The android app contains verifier code which can be used in the backend for testing as well. To support this, the code must be outsourced into a seperate library.

Describe the bug

There is no way for Android Verifier App to trigger the manual synchronisation of public key as it is in the iOS Verifier App.

Expected behaviour

The same behaviour should be implemented for both Verifier App versions -- iOS and Android.

Steps to reproduce the issue

Technical details

Galaxy XCover 4, Modellnummer: SM-G390F,
Android-Version: 9, Verifier App 1.0.0

Possible Fix

Additional context

If the date in the valid until field is expired, certificate should not longer be vaild.

The behaviour should be the same like in iOS App so that both apps show the same certificate status and message.

Feature description

Verification process should display more information than just success / fail
According to this specification document: https://ec.europa.eu/health/sites/default/files/ehealth/docs/digital-green-certificates_v4_en.pdf , the validation app just shows a boolean result informing whether the QR code is valid.

This relates to eu-digital-green-certificates/dgc-testdata#30 opened by @martin-lindstrom

Verification App (Android, potentially iOS also) - Seems the "dr" and "sc" fields are not displayed by the Android Verification App (did not test with iOS).

Issuance Service - The labeling used in the CBOR is not fully compliant with RFC8949 3.4.1 (https://www.rfc-editor.org/rfc/rfc8949.html#name-standard-date-time-string)

To reproduce

• Scan a test-type certificate with the template verifier app (tested with Android currently),
  e.g. https://github.com/eu-digital-green-certificates/dgc-testdata/blob/main/BE/png/3.png

Currently

• The "Date of Collection" and "Date of Test Result" are displayed empty, although the data is present in the QR.

Note that currently in the QRs generated, the CBOR includes the "dr" and "sc" fields non-tagged, while RFC8949 (3.4.1) specifies tag 0 to be used.
See https://www.rfc-editor.org/rfc/rfc8949.html#name-standard-date-time-string

Tested also with tag 0. If tag 0 IS used in the CBOR/QR (according to RFC8949), then Verification App behavior is still not correct.

Input QR:

Verification app:

Expected

Verification app

• The "Date of Collection" and "Date of Test Result" are displayed correctly with the template dgca-verifier-app-android app, when a QR is scanned that
  -- conforms to the schema (and references) at https://github.com/eu-digital-green-certificates/ehn-dgc-schema
  -- was created with dgca-issuance-service

Issuance Service

• QRs are generated with datetime string fields tagged with "0", as specified in RFC8949 3.4.1 (https://www.rfc-editor.org/rfc/rfc8949.html#name-standard-date-time-string)

Points of contact at the Estonian development teams

• Issuance (Guardtime Estonia) - @sokkphoto - Jaan Sokk; @martti007 - Martti Marran
• Verification (Nortal) - @tanelkaar - Tanel Käär

Dear Team,

I would like to request a feature where the camera can be switched between via a button/menu on the Verifier.

Android Devices such as the Honeywell and Zebra support QR Code scanning via the Top facing camera, and would like to have the option to utilize the fast and highly reliable camera.

Please include an option to choose/switch which camera is used.

based on:
https://github.com/ehn-digital-green-development/dgc-business-rules/blob/main/certlogic/kotlin/src/main/kotlin/eu/ehn/certlogic/certlogic.kt

Describe the bug

Scanning a QR code from a real, valid DGC certificate issued by Spain results in "verification failed".
The name of the holder is nevertheless shown on the screen.

Expected behaviour

A green checkmark and details of the certificate should be displayed. Verification is expected to succeed when scanning a QR from an authentic, production DGC certificate.

Steps to reproduce the issue

• Download a valid DGC certificate from Spain's official web portal.
• A QR code containing an "HC1:" DGC is included in the certificate and can be read successfully using the Swiss wallet app.
• Open the app and ensure the latest certificates have been downloaded.
• Scan the QR code and obtain a "verification failed" message.

Technical details

• Host Machine OS: Android 10; Dgca-verifier-app-android release v1.0.3

Possible Fix

Add public keys of Spain's "Ministerio de Sanidad" as a trusted authority.
I can share privately production QR codes, for testing.

Describe the bug

Scanning real QR code from valid certificates issued by Czech Republic just beeps and does not display anything useful

Expected behaviour

Green checkmark and/or some details that the certificate is OK or is not OK should be displayed.

Steps to reproduce the issue

Get any valid certificate either from antigen, PCR test or vaccination from ocko.uzis.cz in PDF format and scan the QR code.

Technical details

• Host Machine OS (Windows/Linux/Mac): Android 10 / MIUI

Additional context

Xiaomi RedMi Note 8T, Android 10, dark mode activated, version 1.0.3-acc

Describe the bug

I try to scan the QR codes Germany updated by using the v1.0.1 build (.apk)

• https://github.com/eu-digital-green-certificates/dgc-testdata/tree/main/DE

Expected behaviour

Steps to reproduce the issue

1. Download and Install the .apk
2. Scan the QR codes uploaded by Germany https://github.com/eu-digital-green-certificates/dgc-testdata/tree/main/DE
3. The application collapses and goes away without any message.

Technical details

• Host Machine OS (Windows/Linux/Mac): Android Pixel 2

Possible Fix

Additional context

While testing, I keep getting cryptographic signature invalid error.

The test url is https://user-images.githubusercontent.com/76050122/119028040-4b5d1300-b9a7-11eb-8bf4-3d5b9c4272f5.png
I have tried updating the public keys but that did not change anything. Upon inspection I can see that the signer certificate update results in a 204 response.
204 No Content https://dgca-verifier-service.cfapps.eu10.hana.ondemand.com/signercertificateUpdate (126ms)

I have tested signer certificate url in POSTMAN and the response is 200.

ps. The ios version works normally

What am I missing?

Describe the bug

I am generating the QR Code using the WEB frontend template application.
Upon scanning the QR Code with the Verifier App, I am consistently getting an error "Verification failed: failed to load certificate"

Expected behaviour

Verification should be successfull.

Steps to reproduce the issue

1. Installed DGC Issuer Service, DGC Verifier Service.
2. Uploaded all required certificates, including the signed DSC and configured them accordingly in the services layer.
3. Modified the BASE_URL in the Android application : File: NetworkModule.kt as to point to my verifier service
4. Compiled and run on Android
5. Scan the QR Code as generated by the Web Frontend Template application
6. Displays invalid on screen, and Android Studio Logs shows
   D/VerificationViewModel$decode: Verification failed: failed to load certificate

Upon some debugging, I have found a discrepancy which might/might not be the cause of the invalid result.

In the file: VerificationViewModel.kt

Notice the 2 bold Debug Lines I've added.

                schemaValidator.validate(coseData.cbor, verificationResult)
                greenCertificate = cborService.decode(coseData.cbor, verificationResult)
                **Timber.d("DEBUG Verification Result: %s", verificationResult)**
                val certificate = verifierRepository.getCertificate(kid.toBase64())
                **Timber.d("DEBUG KID: %s" ,kid.toBase64())**
                if (certificate == null) {
                    Timber.d("Verification failed: failed to load certificate")
                    return@withContext
                }

and their output:

D/VerificationViewModel$decode: DEBUG Verification Result: VerificationResult: 
    base45Decoded: true 
    valSuitePrefix: HC1: 
    zlibDecoded: true 
    coseVerified: false 
    cborDecoded: true 
    isSchemaValid: true

D/VerificationViewModel$decode: DEBUG KID: 2Ga7nn3--CU=

Firstly, notice that coseVerified = false , Looking into the android core library, file: DefaultCoseSerivce.kt, I noticed that the verificationResult.Verified is hard coded to false, without any opporunity to set it to true within the decode function

    override fun decode(input: ByteArray, verificationResult: VerificationResult): CoseData? {
        **verificationResult.coseVerified = false**
        return try {
            val messageObject = CBORObject.DecodeFromBytes(input)
            val content = messageObject[2].GetByteString()
            val rgbProtected = messageObject[0].GetByteString()
            val key = HeaderKeys.KID.AsCBOR()
            var kid = CBORObject.DecodeFromBytes(rgbProtected).get(key)
            // Kid in unprotected header
            if (kid == null) {
                kid = messageObject[1].get(key)
            }
            val kidByteString = kid.GetByteString()
            CoseData(content, kidByteString)

        } catch (e: Throwable) {
            null
        }
    }

Secondly ,the KID

I have noticed that the KID is presented in the debug log as follows:
2Ga7nn3--CU=

however, in the verifier service, it's presented like this:
2Ga7nn3++CU=

notice the "--" vs "++" difference.

and for completeness sake, the DSC follows:

	{
		"kid": "2Ga7nn3++CU=",
		"timestamp": "2021-05-12T12:28:38+02:00",
		"country": "CY",
		"certificateType": "DSC",
		"thumbprint": "d866bb9e7dfef8255345678cb5722057084424331c7efd8c0eced9b52739c09f",
		"signature": "MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwEAAKCAMIICbDCCAhKgAwIBAgIURWuo6N0RLfrkJ/DaZO0KYr6fRu0wCgYIKoZIzj0EAwIwgZMxCzAJBgNVBAYTAkNZMRAwDgYDVQQIDAdOaWNvc2lhMRAwDgYDVQQHDAdOaWNvc2lhMS0wKwYDVQQKDCROYXRpb25hbCBlSGVhbHRoIEF1dGhvcml0eSBvZiBDeXBydXMxFjAUBgNVBAsMDUlUIERlcGFydG1lbnQxGTAXBgNVBAMMEFVQTE9BRF9ER0NfQ1lfMDEwHhcNMjEwNTEwMDcwMzI3WhcNMjMwNTEwMDcwMzI3WjCBkzELMAkGA1UEBhMCQ1kxEDAOBgNVBAgMB05pY29zaWExEDAOBgNVBAcMB05pY29zaWExLTArBgNVBAoMJE5hdGlvbmFsIGVIZWFsdGggQXV0aG9yaXR5IG9mIEN5cHJ1czEWMBQGA1UECwwNSVQgRGVwYXJ0bWVudDEZMBcGA1UEAwwQVVBMT0FEX0RHQ19DWV8wMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCFf0s8yXh7oSXaZKrGFEp8M6Jf8r/EjgLtNmZ07wJuCYDtnlDSJme43ERrsC5gzGQ491N5kPT65vDl1qylqO7GjQjBAMA8GA1UdEwEB/wQFMAMCAQAwDgYDVR0PAQH/BAQDAgeAMB0GA1UdDgQWBBQ/y+7LCYF6CqZGkM/ecYc10XB14zAKBggqhkjOPQQDAgNIADBFAiB+N59qtZwkqmWc/3Dl5gZMpbVrr8+u0+FY9MEQgBUsDAIhAL+NzoJpvG+waRjAN2eZ7d+TB6OlhuRrPp2Ed1LN94iWAAAxggH+MIIB+gIBATCBrDCBkzELMAkGA1UEBhMCQ1kxEDAOBgNVBAgMB05pY29zaWExEDAOBgNVBAcMB05pY29zaWExLTArBgNVBAoMJE5hdGlvbmFsIGVIZWFsdGggQXV0aG9yaXR5IG9mIEN5cHJ1czEWMBQGA1UECwwNSVQgRGVwYXJ0bWVudDEZMBcGA1UEAwwQVVBMT0FEX0RHQ19DWV8wMQIURWuo6N0RLfrkJ/DaZO0KYr6fRu0wCwYJYIZIAWUDBAIBoIHkMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTIxMDUxMjEwMjQ1N1owLwYJKoZIhvcNAQkEMSIEINhmu559/vglU0VnjLVyIFcIRCQzHH79jA7O2bUnOcCfMHkGCSqGSIb3DQEJDzFsMGowCwYJYIZIAWUDBAEqMAsGCWCGSAFlAwQBFjALBglghkgBZQMEAQIwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMAoGCCqGSM49BAMCBEYwRAIgCb+nI9Prsvylmsmdfn8n2ySopLnCVLbKd38900PZO/MCIHF2lA4OEyFBiCoHqzW8pY5a7FaSi8ZMzcOKh3bGgdjEAAAAAAAA",
		"rawData": "MIICHjCCAcQCFDtxKq28G7KiGukkC62ELU4BBvBbMAoGCCqGSM49BAMCMIGRMQswCQYDVQQGEwJDWTEQMA4GA1UECAwHTmljb3NpYTEQMA4GA1UEBwwHTmljb3NpYTEtMCsGA1UECgwkTmF0aW9uYWwgZUhlYWx0aCBBdXRob3JpdHkgb2YgQ3lwcnVzMRYwFAYDVQQLDA1JVCBEZXBhcnRtZW50MRcwFQYDVQQDDA5DU0NBX0RHQ19DWV8wMTAeFw0yMTA1MTIxMDIzMDZaFw0yMzA1MDIxMDIzMDZaMIGQMQswCQYDVQQGEwJDWTEQMA4GA1UECAwHTmljb3NpYTEQMA4GA1UEBwwHTmljb3NpYTEtMCsGA1UECgwkTmF0aW9uYWwgZUhlYWx0aCBBdXRob3JpdHkgb2YgQ3lwcnVzMRYwFAYDVQQLDA1JVCBEZXBhcnRtZW50MRYwFAYDVQQDDA1EU0NfREdDX0NZXzAxMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEPybvhD4bGNlyPCpz9aiIpnB09ceGEc4z1l5Q8CoQ3sMvXHM3n7+3zX4K7V16VNI09bH1rmCttVRtO8cN/JpG/TAKBggqhkjOPQQDAgNIADBFAiAufANVRuChmYz8oMJgjlFuNMlT3C5zys/gESMgrbdS8AIhAPLA6P1SJL7TdkbjtyRIqpvz1M+m9NJP919tcZ7xoJjP"
	},

Technical details

Hosted on Kubernetes, using Nginx Ingress Reverse Proxy, Centos 7

Describe the bug

When you scan a random QR code that isn't related to the DGCA system at all (for example, a QR code that just contains text or a random URL) the error message is confusing / wrong.

Expected behaviour

Scanning a random QR code displays the error message "Invalid - Certificate is expired" - which is obviously wrong. There never was a valid certificate. "Certificate is expired" should only be shown for a syntactically correct, well-signed, expired cert. Not for random data.

Steps to reproduce the issue

1. Go on Google and search for "QR code"
2. Pick a random result and try to scan that with the verifier app
3. Notice that it says "Certificate is expired", not something like "this is not a valid QR code"

Technical details

• Host Machine OS (Windows/Linux/Mac): Running the Android App 1.0.2 on Android 10

Describe the bug

I scanned two certificates issued by the Austrian health portal https://gesundheit.gv.at

• One for a rapid-test I took 2 hours ago and
• one for a vaccination done two weeks ago.

Yes I know, the cert for the vaccination is still invalid, because it was only two weeks ago. But the validation does not fail because of the date, but because the signature can't be verfied.

The validation of the test-certificate also failed with the errormessage "Verification Failed"

I did a bit of debugging. I can see, that the QR code is correctly decoded, ie information like my Name and information about the test/vaccine are correct. But the following lines of code return an error (VerifcationViewModel.kt, line 109)

val certificates = verifierRepository.getCertificatesBy(kid.toBase64())
if (certificates.isEmpty()) {
    Timber.d("Verification failed: failed to load certificate")
    return@withContext
}

Ie, getCertificatesBy(kid) does return an empty collection.

Expected behaviour

• The rapid-test should be accepted (it shows up ok on the official austrian verification webapps https://qr.gv.at and https://greencheck.gv.at)

• The vaccination should be marked as invalid, but not because of a signature failure, but because of the date.

Steps to reproduce the issue

Scan an austrian certificate

Technical details

HTC U11 life running, Android 10, compiled with lastest Android Studio on Windows 10

Additional Information

That should be the certificated used for verification in https://qr.gv.at

-----BEGIN CERTIFICATE-----
MIIB7zCCAZagAwIBAgIKAXnM+L47fmBcezAKBggqhkjOPQQDAjBEMQswCQYDVQQG
EwJBVDEPMA0GA1UECgwGQk1TR1BLMQwwCgYDVQQFEwMwMDExFjAUBgNVBAMMDUFU
IERHQyBDU0NBIDEwHhcNMjEwNjAyMTM0NTI0WhcNMjMwNjAyMTM0NTI0WjBGMQsw
CQYDVQQGEwJBVDEPMA0GA1UECgwGQk1TR1BLMQ8wDQYDVQQFEwYwMDEwMDExFTAT
BgNVBAMMDEFUIERHQyBEU0MgMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGBN
uKiCpnXH0VlIdk6pJZH2ep8jQaV+FR3izMXxZfK5EPGZLtG3Jx+TmV3JJErfrSrP
hRmfbSidVbTQ5nnZS+ujbjBsMA4GA1UdDwEB/wQEAwIHgDAdBgNVHQ4EFgQUNs2s
mrjBhuR5Bqxl6teE1x1o2ycwHwYDVR0jBBgwFoAUHyKsHGUWKbTBmLNjb7/dCZ27
e3swGgYDVR0QBBMwEYEPMjAyMTEyMTYxNDQ1MjRaMAoGCCqGSM49BAMCA0cAMEQC
IDjXHnyzq3sTisMX1uY8xQ2ZqCRL2xmxtYOPhSZ9ZacYAiAqHUMOC7WNgq4h28n3
1WLc1mMPAYauWslSEwnXC79AGw==
-----END CERTIFICATE-----

I also tested the QR Codes from the testdata repository with the official austrian webapps. They can't be verfied ...

The verifier app in android didn't check for a test result yet, if the value is set to "detected". This should be fixed by adding a content check that the output is like in ios:

Example:

https://github.com/eu-digital-green-certificates/dgca-app-core-ios/blob/main/Sources/Models/TestEntry.swift#L68

Please implement the validity failure routines for each entry in android like in IOS. e.g. in this class:

https://github.com/eu-digital-green-certificates/dgca-app-core-android/blob/main/decoder/src/main/java/dgca/verifier/app/decoder/model/Test.kt

Describe the bug

Acceptance Verifier backend, is not responding anymore.

Expected behaviour

This endpoint is supposed to respond with a list of kid
Acceptance (not responding) : https://dgca-verifier-service-eu-acc.cfapps.eu10.hana.ondemand.com/signercertificateStatus
Test (responding normally) : https://dgca-verifier-service.cfapps.eu10.hana.ondemand.com/signercertificateStatus

Steps to reproduce the issue

Call the acceptance endpoint from any API client

Possible Fix

Restart the service

Environment
Issuance Web Portal https://issuance-dgca-test.cfapps.eu10.hana.ondemand.com/
Android Phone
Verifier App 1.0.3.-tst https://github.com/eu-digital-green-certificates/dgca-wallet-app-android/releases/tag/1.0.3

## Steps to reproduce the issue

1. Click on Record Vaccination Certification

2. Fill out all mandatory fields

3. Dont fill out family and given name
   

4. Klick on NEXT

5. Scan certificate by Verifier App (app-tst-release-signed-1.0.3.apk)

Actual result:
App display NULL NULL in the top left corner

Expected result:
App should display nothing or standardised names

Implement mechanism for periodic public keys fetching, to be done each 24 hours, and retried if it's failed somewhere

Wrong function call, please fix

 private fun validateCertData(certificate: GreenCertificate?, verificationResult: VerificationResult) {
        certificate?.tests?.let {
            if (it.isNotEmpty()) {
                verificationResult.testVerification = TestVerificationResult(it.first().isResultNegative())
            }
        }
    }

to

 private fun validateCertData(certificate: GreenCertificate?, verificationResult: VerificationResult) {
        certificate?.tests?.let {
            if (it.isNotEmpty()) {
                verificationResult.testVerification = TestVerificationResult(it.first().isResultNegative(), it.first().isDateInThePast())
            }
        }
    }

Feature description

Display decoded certificate on screen

Describe the bug

QR-Code of type TEST with TEST Result = Detected are evaluated as cryptographically invalid.

Expected behaviour

QR-Code of type TEST with TEST Result = Detected should evaluate to invalid with reason "Test result positive" and the affected part of the dataset incl. "test result = DETECTED" should be shown.

Steps to reproduce the issue

Scan a QR-Code of Type Test with TEST RESULT = DETECTED

Technical details

Galaxy XCover 4, Modellnummer: SM-G390F,
Android-Version: 9,

Possible Fix

Additional context

Describe the bug

Despite a failed verification, the verifier app shows the certificate data set and no reason for failure is shown.

Expected behaviour

In case of a failed verification (RED), the app should only display the reason for the fail.

Steps to reproduce the issue

1. Open verifier app;
2. Scan a QR-Code for an invalid certificate.

Technical details

Galaxy XCover 4, Modellnummer: SM-G390F,
Android-Version: 9, Verifier App 1.0.0

Possible Fix

Additional context

Environment:
Android Phone
Android Verifier App 1.0.3-acc

Steps:

1. Deinstall old verifier apps
2. Install app-acc-release-signed-1.0.3.apk (https://github.com/eu-digital-green-certificates/dgca-wallet-app-android/releases/tag/1.0.3)
3. Scan certificate
   in this case
   
   -> in this case all three are valid (green)
4. click on the 3 points (settings) in the app
5. tap on RELOAD button
6. Scan the same certificates
   -> all 3 certificates are in status "Verification failed"

Describe the bug

In the WalletApp it is not clear which timezone is shown

Expected behaviour

In the Test-QR-code should be clearly shown that it is the UTC-timezone as it is in the ios-version.

Steps to reproduce the issue

1. create Testcertificate with location time-zone (for example 8:00 AM german time) as seen on screenshot:
   

2. Open VerifierApp

3. Scan the created test-certificate with location time-zone (for example 8:00 AM german time)

4. see test certificate
   

5. you find a different timezone without a hint

Technical details

• Host Machine OS (Windows/Linux/Mac):

Possible Fix

add the hint (UTC) the Date of collection and Date of Test Result

Additional context

The field Date of test result is not used anymore since schema 1.3.0 and should be removed from all app screens because it is always empty.

Same issue in wallet app eu-digital-green-certificates/dgca-wallet-app-android#61

The Verification App does not consider valid ValueSets, and will accept any data as Valid.
For Example: create a QR Code with any random data in the "Test Type" for the TEST QR Code.

You will notice that a Valid QR Code is returned, even though the data is not valid.

download keys

• on request
• on startup

Currently the android verifier supports only RSAPSS, please add ECDSA.

Feature description

App should inform the user about background public keys download status so user could know that he has all public keys

Problem and motivation

We had a situation when a user has downloaded the app and tried to scan QR codes. For some countries, he was able to verify QR codes but for some countries not. We suspected that app doesn't have the required public key (keys were uploaded two weeks ago). After manual synchronization user was able to validate QR codes they were failing before synchronization.

I think it could be a common scenario for users who have a poor internet connection so we should give some feedback about background synchronization status.

Describe the bug

If an optional field is omitted (it is NULL value) the issuer app generates a QR-Code which is always shown as invalid by the verifier app.

For example, a test certificate with negative result and a valid signature, but the name has been left blank.

A sample QR Code and the data to generate it is attached,

Expected behaviour

A valid certificate should be shown as valid also when optional fields are left empty.

Steps to reproduce the issue

Technical details

Possible Fix

Additional context

Use Config file fetched from BE to extract urls to communicate with BE

Describe the bug

Currently the field "Country of Vaccination" is seen in the Data Set of all Certificate Types -- VAC, TEST and REC. It makes sense only for Vac, but not for TEST and REC.

Expected behaviour

The field "Country of Vaccination" should be renamed to "Issuer Country".

Steps to reproduce the issue

Technical details

Possible Fix

Additional context

Environment
Android Samsung S20+
Issuance Web App 1.0.8
app-tst-release-signed-1.0.4.apk

Steps

1. Set vaccination data in issuance web
2. only set year (or year/month) in birthday
3. scan QR Code by verifier app

Expected result:
year (or year/month) should be displayed in birthday field in app

Actual result
empty field is displayed for birtday