DgcReader.TrustListProviders.Abstractions 1.0.0-CI-20211102-130745

This is a prerelease version of DgcReader.TrustListProviders.Abstractions.
There is a newer version of this package available.
See the version list below for details.
dotnet add package DgcReader.TrustListProviders.Abstractions --version 1.0.0-CI-20211102-130745                
NuGet\Install-Package DgcReader.TrustListProviders.Abstractions -Version 1.0.0-CI-20211102-130745                
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="DgcReader.TrustListProviders.Abstractions" Version="1.0.0-CI-20211102-130745" />                
For projects that support PackageReference, copy this XML node into the project file to reference the package.
paket add DgcReader.TrustListProviders.Abstractions --version 1.0.0-CI-20211102-130745                
#r "nuget: DgcReader.TrustListProviders.Abstractions, 1.0.0-CI-20211102-130745"                
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
// Install DgcReader.TrustListProviders.Abstractions as a Cake Addin
#addin nuget:?package=DgcReader.TrustListProviders.Abstractions&version=1.0.0-CI-20211102-130745&prerelease

// Install DgcReader.TrustListProviders.Abstractions as a Cake Tool
#tool nuget:?package=DgcReader.TrustListProviders.Abstractions&version=1.0.0-CI-20211102-130745&prerelease                

DgcReader

An extensible library for decoding and validate the European Digital Green Certificate

Summary

The library allows to decode and validate any EU Digital Green Certificate, providing some abstractions to easily implement specific providers for every country's backend.

It supports any kind of project compatible with .NET Standard 2.0 and also legacy applications from .NET Framework 4.5.2 onwards.

Usage

The main entry point of the library is the DgcReaderService class.
You can instantiate it directly, by calling its factory method DgcReaderService.Create() or by registering it as a service (see the Registering services for DI section):

// Instantiating directly:
// Create an instance of the TrustListProvider (eg. ItalianTrustListProvider)
var trustListProvider = new ItalianTrustListProvider(new HttpClient());
var dgcReader = new DgcReaderService(trustListProvider);
...
// Instantiating with factory method:
// Create an instance of the TrustListProvider (eg. ItalianTrustListProvider)
var trustListProvider = new ItalianTrustListProvider(new HttpClient());
var dgcReader = DgcReaderService.Create(trustListProvider);
...
// Getting an instance by dependency injection (from .NET standard 2.0 onward)
var dgcReader = ServiceCollection.GetService<DgcReaderService>();

Once instantiated and configured with a TrustListProvider, you can simply call one of the following methods:

...
string qrCodeData = "Raw qr code data staring with HC1:";
try
{
    // Decode and validate the signature.
    // If anything fails, an exception is thrown containing the details of the failure
    var result = await dgcReader.Verify(qrCodeData);
}
catch(Exception e)
{
    Console.WriteLine($"Error verifying DGC: {e.Message}");
}
Or
...
string qrCodeData = "Raw qr code data staring with HC1:";

// This method only fails if the data is in a wrong format. 
// It does not fail if the signature can not be verified.
var result = await dgcReader.Decode(qrCodeData);

// Signature check result is performed anyway, and its result is stored in this property:
var signatureIsValid = result.HasValidSignature;
Rules validation

The validation of the rules for each country is not as standardised as the format of the data in the DGC. Moreover, while you can use any working TrustList provider to validate signatures for every country, you may want to develop an application that validates rules for multiple contries at the same time.

For these reasons, at this point of the development I made a very specific, non generic implementation for the Italian rules. This module can be used in addition to the DgcReaderService in order to validate its output against the Italian rules. These rules are changing overtime, so it is not ensured in any way that the implementation it is fully compliant with the current Italian dispositions.

In order to validate the business rules, you can use the ItalianRulesValidator in a similar way as the DgcReaderService:


// Sample using the DI to get the required services:
   
var dgcReader = Services.GetService<DgcReaderService>();
var italianRulesValidator = Services.GetService<DgcItalianRulesValidator>();
string qrCodeData = "Raw qr code data staring with HC1:";
   
// Decode the qrcode data and validate the signature
var dgcResult = await dgcReader.Verify(qrCodeData);
   
var businessResult = await italianRulesValidator.ValidateBusinessRules(dgcResult);

// Verify if the Dgc is considdered active in this moment
var isActive = businessResult.IsActive;

<a name="registering-services"></a> Registering services for DI

If you want to take advantages of the DI provided by ASP.NET Core or you already use IServiceCollection for injecting services in your application, you can simply register and configure the required services with these extension methods:


public void ConfigureServices(IServiceCollection services)
{
   ...
   services.AddDgcReader()                     // Add the DgcReaderService as singleton
       .AddItalianTrustListProvider(o =>       // Register the ItalianTrustListProvider service (or any other provider type)
       {
           // Optionally, configure the ItalianTrustListProvider with custom options
           o.RefreshInterval = TimeSpan.FromHours(24);
           o.MinRefreshInterval = TimeSpan.FromHours(1);
           o.SaveCertificate = true;
           ...
       });


   // Registering of the Business Rules validator:
   services.AddItalianRulesValidator();
}

Supported frameworks differences

The library supports a wide range of .NET and .NET Framework versions, trying to keep the dependencies to third party libraries at minimum. For this reason, the implementation of the cryptographic functionalities for signature validations and certificates parsing are implemented with the apis of the System.Security.Cryptography namespace.
These APIs were not fully implemented in previous versions of the framework, so the version compiled for .NET Framework 4.5.2 uses the BouncyCastle library instead.

Disclaimer

This library is not an official implementation, therefore its use may be subject to restrictions by some countries regulations.
The author assumes no responsibility for any unauthorized use of the library and no warranties about the correctness of the implementation, as better stated in the License.

Some code of the library is based on the DCCValidator App.
Many thanks to their authors for sharing their code!


Copyright © 2021 Davide Trevisan
Licensed under the Apache License, Version 2.0

Product Compatible and additional computed target framework versions.
.NET net5.0 was computed.  net5.0-windows was computed.  net6.0 was computed.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed. 
.NET Core netcoreapp2.0 was computed.  netcoreapp2.1 was computed.  netcoreapp2.2 was computed.  netcoreapp3.0 was computed.  netcoreapp3.1 was computed. 
.NET Standard netstandard2.0 is compatible.  netstandard2.1 was computed. 
.NET Framework net452 is compatible.  net46 was computed.  net461 was computed.  net462 was computed.  net463 was computed.  net47 is compatible.  net471 was computed.  net472 was computed.  net48 was computed.  net481 was computed. 
MonoAndroid monoandroid was computed. 
MonoMac monomac was computed. 
MonoTouch monotouch was computed. 
Tizen tizen40 was computed.  tizen60 was computed. 
Xamarin.iOS xamarinios was computed. 
Xamarin.Mac xamarinmac was computed. 
Xamarin.TVOS xamarintvos was computed. 
Xamarin.WatchOS xamarinwatchos was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages (3)

Showing the top 3 NuGet packages that depend on DgcReader.TrustListProviders.Abstractions:

Package Downloads
DgcReader.TrustListProviders.Italy

Trustlist provider implementation using certificates from the official Italian backend. This provider is included in the list of verified SDKs by Italian authorities

DgcReader.TrustListProviders.Sweden

Unofficial TrustList provider implementation using the Swedish backend endpoints

DgcReader.TrustListProviders.Germany

Unofficial TrustList provider implementation using the German backend endpoints

GitHub repositories

This package is not used by any popular GitHub repositories.

Version Downloads Last updated
2.6.1 872 4/3/2023
2.6.0 879 4/2/2023
2.6.0-CI-20230402-140522 619 4/2/2023
2.5.5 1,701 6/14/2022
2.5.5-rc1 703 6/14/2022
2.5.5-CI-20230402-112357 601 4/2/2023
2.5.5-CI-20230402-101020 589 4/2/2023
2.5.4 1,585 5/4/2022
2.5.4-rc2 641 5/4/2022
2.5.4-rc1 630 5/4/2022
2.5.3 2,271 3/5/2022
2.5.3-rc1 691 3/5/2022
2.5.1 1,631 2/16/2022
2.5.1-rc1 662 2/15/2022
2.5.0 1,634 2/14/2022
2.5.0-rc3 652 2/14/2022
2.5.0-rc2 692 2/11/2022
2.5.0-rc1 644 2/11/2022
2.4.0 1,580 2/6/2022
2.3.0 1,648 1/28/2022
2.2.1 1,657 1/21/2022
2.2.0 1,163 1/16/2022
2.1.0 1,019 1/6/2022
2.0.0 981 12/27/2021
1.3.0 1,083 12/6/2021
1.2.0 996 11/4/2021
1.0.0 970 11/2/2021
1.0.0-CI-20211102-130745 707 11/2/2021
1.0.0-CI-20211102-124304 681 11/2/2021
1.0.0-CI-20211102-120059 718 11/2/2021