forked from Path-Check/paper-cred-demo
-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.v1.html
180 lines (164 loc) · 9.31 KB
/
index.v1.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
<!doctype html>
<head>
<meta charset="UTF-8">
<link rel="stylesheet" href="css/style.v2.css">
<link rel="stylesheet" href="css/topnav.css">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="shortcut icon" href="https://www.pathcheck.org/hubfs/Favicon.png">
<title>Signed Vaccine Certificate Generator</title>
<!-- Global site tag (gtag.js) - Google Analytics -->
<script async src="https://www.googletagmanager.com/gtag/js?id=G-DTDMHW3NV6"></script>
<script>
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
gtag('config', 'G-DTDMHW3NV6');
</script>
</head>
<body>
<div class="topnav">
<div class="topnavContainer">
<a href="index.html">Signers</a>
<a href="verify.html"><span class="xs-hidden">Universal </span>Verifier</a>
<a class="xs-hidden" href="debug.html">QR Debugger</a>
<a class="xs-hidden" href="https://github.com/Path-Check/paper-cred-demo">Source Code</a>
<a href="https://github.com/Path-Check/paper-cred"><span class="xs-hidden"> QR </span>Specs</a>
<a href="http://vaccine-docs.pathcheck.org"><span class="xs-hidden">Vaccine </span>Docs</a>
<a class="xs-hidden" href="http://pathcheck.org">About PathCheck</a>
</div>
</div>
<div class="center">
<h1>Verifiable Vax Certificate (RSA)</h1>
<div class="half">
<table>
<tr><td class="input-label">Immunization Date</td><td><input id="qr-date" type="text" placeholder=""/></td></tr>
<tr><td class="input-label">Manufacturer</td><td><input id="qr-manuf" type="text" placeholder="Pfizer, Moderna, etc"/></td></tr>
<tr><td class="input-label">Product Name</td><td><input id="qr-product" type="text" placeholder="COVID-19"/></td></tr>
<tr><td class="input-label">Lot#</td><td><input id="qr-lot" type="text" placeholder="012L20A, ..."/></td></tr>
<tr><td class="input-label">Route</td><td><input id="qr-route" type="text" placeholder="Intramuscular, Intranasal, Subcut, Oral, ..."/></td></tr>
<tr><td class="input-label">Site</td><td><input id="qr-site" type="text" placeholder="Right Arm, Left Arm, ..."/></td></tr>
<tr><td class="input-label">Dose</td><td><input id="qr-dose" type="text" placeholder="1.0ml, 0.5ml, ..."/></td></tr>
<tr><td class="input-label">Required Doses</td><td><input id="qr-required_doses" type="text" placeholder="1, 2, 3, ..."/></td></tr>
<tr><td class="input-label">Next Dose (days)</td><td><input id="qr-next_dose_in_days" type="text" placeholder="21, 28, ..."/></td></tr>
<tr><td class="input-label">Vaccinator ID</td><td><input id="qr-vacinatorid" type="text" placeholder="Pharmacy Name, City, ..."/></td></tr>
<tr><td class="input-label">Vaccinee ID</td><td><input id="qr-vaccineeid" type="text" placeholder="Name, Phone Number, ID, Coupon, ..."/></td></tr>
</table>
</div>
<div class="half">
<br/>
<label for="privkey">Private Key</label><br/>
<textarea id="privkey" rows="16" cols="63">
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDlOJu6TyygqxfWT7eLtGDwajtNFOb9I5XRb6khyfD1Yt3YiCgQ
WMNW649887VGJiGr/L5i2osbl8C9+WJTeucF+S76xFxdU6jE0NQ+Z+zEdhUTooNR
aY5nZiu5PgDB0ED/ZKBUSLKL7eibMxZtMlUDHjm4gwQco1KRMDSmXSMkDwIDAQAB
AoGAfY9LpnuWK5Bs50UVep5c93SJdUi82u7yMx4iHFMc/Z2hfenfYEzu+57fI4fv
xTQ//5DbzRR/XKb8ulNv6+CHyPF31xk7YOBfkGI8qjLoq06V+FyBfDSwL8KbLyeH
m7KUZnLNQbk8yGLzB3iYKkRHlmUanQGaNMIJziWOkN+N9dECQQD0ONYRNZeuM8zd
8XJTSdcIX4a3gy3GGCJxOzv16XHxD03GW6UNLmfPwenKu+cdrQeaqEixrCejXdAF
z/7+BSMpAkEA8EaSOeP5Xr3ZrbiKzi6TGMwHMvC7HdJxaBJbVRfApFrE0/mPwmP5
rN7QwjrMY+0+AbXcm8mRQyQ1+IGEembsdwJBAN6az8Rv7QnD/YBvi52POIlRSSIM
V7SwWvSK4WSMnGb1ZBbhgdg57DXaspcwHsFV7hByQ5BvMtIduHcT14ECfcECQATe
aTgjFnqE/lQ22Rk0eGaYO80cc643BXVGafNfd9fcvwBMnk0iGX0XRsOozVt5Azil
psLBYuApa66NcVHJpCECQQDTjI2AQhFc1yRnCU/YgDnSpJVm1nASoRUnU8Jfm3Oz
uku7JUXcVpt08DFSceCEX9unCuMcT72rAQlLpdZir876
-----END RSA PRIVATE KEY-----
</textarea><br><br>
<label for="pubkey">Link to Public Key</label><br/>
<textarea id="qr-link" rows="1" cols="63">github.pathcheck.org/keys/rsa_pub_key</textarea>
<br><br>
</div>
<div class="full-div-align-center">
<br/>
<button class="qr-btn" onclick="generateQRCode()">Create Credentials</button>
</div>
<div class="full-div-align-center">
<canvas id="qr-code"></canvas><br/>
</div>
<div class="full-div-align-left">
<pre id="qr-result" class="qr-data"></pre>
<pre id="qr-format" class="invisible"><span class='protocol'>Protocol</span>:<span class='crypto-algo'>HashAlgo</span>\<span class='signature'>Signature</span>@<span class='pub-key'>PubKey</span>?<span class='message'>Message</span></pre>
<p id="qr-verified"></p>
</div>
</div>
<script src="js/qrious.min.js"></script>
<script src="js/jsencrypt.min.js"></script>
<script src="js/sha256.js"></script>
<script>
function e(elem) {
return document.getElementById(elem);
}
function addIfExists(prefix, elemId) {
let value = encodeURIComponent(e(elemId).value);
return value ? prefix+value : "";
}
function verify(pubkey, message, signature, feedback_elem_id) {
// Download pubkey to verify
var client = new XMLHttpRequest();
client.open('GET', "https://" + pubkey);
client.addEventListener("load",
function() {
// Verify with the public key...
var verify = new JSEncrypt();
verify.setPublicKey(this.responseText);
var verified = verify.verify(message, signature, CryptoJS.SHA256);
e(feedback_elem_id).innerHTML = "Verified: " + verified;
}
);
client.send();
}
function generateQRCode() {
gtag('event', 'generateQR');
var message = "date="+e("qr-date").value;
message += addIfExists("&vaccinee=", "qr-vaccineeid");
message += addIfExists("&vaccinator=", "qr-vacinatorid");
message += addIfExists("&manuf=", "qr-manuf");
message += addIfExists("&name=", "qr-product");
message += addIfExists("&lot=", "qr-lot");
message += addIfExists("&route=", "qr-route");
message += addIfExists("&site=", "qr-site");
message += addIfExists("&dose=", "qr-dose");
message += addIfExists("&required_doses=", "qr-required_doses");
message += addIfExists("&next_dose_in_days=", "qr-next_dose_in_days");
var pubkey = e("qr-link").value.trim().replace("http://","");
var sign = new JSEncrypt();
sign.setPrivateKey(e('privkey').value);
var signature = sign.sign(message, CryptoJS.SHA256, "sha256");
var uri = "healthpass:SHA256\\"+signature+"@"+pubkey+"?"+message;
var qr = new QRious({
element: e('qr-code')
});
qr.set({
foreground: '#3654DD',
size: e("qr-link").scrollWidth,
value: uri
});
e("qr-result").innerHTML= "<span class='protocol'>healthpass</span>:" +
"<span class='crypto-algo'>SHA256</span>\\" +
"<span class='signature'>" + signature + "</span>" + "@" +
"<span class='pub-key'>" + pubkey + "</span>" + "?" +
"<span class='message'>" + message + "</span>";
e("qr-format").className="visible";
e("qr-verified").innerHTML = "Verified: false";
verify(pubkey, message, signature, "qr-verified");
}
</script>
<script>
// Defaults
document.getElementById("qr-date").value = new Date().toJSON();
function loadDemo() {
e("qr-vacinatorid").value = "CVS Minute Clinic";
e("qr-manuf").value = "Moderna";
e("qr-product").value = "COVID-19";
e("qr-lot").value = "012L20A";
e("qr-route").value = "IM";
e("qr-site").value = "RA";
e("qr-dose").value = ".5ml";
e("qr-required_doses").value = "2";
e("qr-next_dose_in_days").value = "28";
e("qr-vaccineeid").value = "John Doe";
}
loadDemo();
</script>
</body>
</html>