Scriptable green pass verifier.
With this application you can automatize accesses based on green pass validity.
It can also be used to analyze your digital certification (e.g. to print
which key was used to sign the certificate, --verbose).
It is compatibile with EU certificates (DGC) and UK certificate (NHS).
You need to have pip and libzbar to install the application.
You can install it using your favorite package manager, for instance in Ubuntu:
sudo apt install python3-pip libzbar0You can just install the application using pip:
pip install greenpassIf you want to install it from sources, install the python3 requirements using the following command:
pip3 install -r requirements.txtYou can also use it through the pre-built Docker image, you can find it here. You can easily use it using:
sudo docker run --rm -ti berdav/greenpass --settingsYou can feed the application with different file formats, for instance:
Green pass official PDFs
greenpass --pdf greenpass.pdfQRCode images in PNG
greenpass --qr greenpass.pngTxt files with the content of the qrcode
greenpass --txt greenpass.txtStandard input and pipes
zbarimg --raw greenpass.png | greenpass --txt -On a side note, you can verify camera-acquired images if your scanner prints the raw content of the QRcode on stdout
zbarcam --raw -q1 | greenpass --txt -The application returns an UNIX compatible code, therefore you can concatenate commands that will be executed only if the green pass is verified.
greenpass --qr greenpass.png && echo "green pass ok"You can also get the expiration configuration using --settings without
other inputs.
greenpass --settings
Debug the cryptographic part of your greenpass
greenpass --qr greenpass.png --dump-signPrint the key which the greenpass was signed with
greenpass --qr greenpass.png --verbose --no-cacheCheck if a greenpass was valid or will be valid on a certain date
greenpass --qr greenpass.png --at-date '2021-10-30 18:34'-h --helpHelp, print the help message
You need to use one of:
--settingsDump the settings used by the Italian application
--qr QRAnalyze the qrcode QR
--pdf PDFAnalyze the pdf file PDF
--txt TXTAnalyze the txt file TXT
Caching options:
--cachedir CACHEDIRUse CACHEDIR as the cache directory, by default the cache is placed in $HOME/.local/greenpass.
Miscellaneous switches:
--rawPrint the raw content (JSON) of the certificate
--no-colorDisable colored output.
--force-colorForce colored output. (useful in CMD on Windows)
--no-cacheDisable cache, download everything without saving it.
--clear-cacheRedownload the entire cache, useful to update settings.
--key KEYUse the content of the file KEY as the public certificate (DGC) or the public key (NHS) to verify the certificate.
--verbosePrint more information (e.g. which key verifies the certificate).
--dump-signPrint details on the headers and signature of the certificate.
--at-date AT_DATE Use AT_DATE instead of the current date
--recovery-expirationThe recovery certification contains an expiration date. By default this date is ignored, this switch re-enables the check and consider this date (in addition to the settings date).
--batchRemove all the outputs.
--language LANGUAGELocalize the output in LANGUAGE. Currently the following languages are available:
- English
- Italian
- German
The docker image shipped with the program can be used in the following way:
zbarimg --raw qrcode.png | sudo docker -i greenpassRead a PNG greenpass qrcode
sudo docker -i greenpass --settingsTo read the settings
And virtually with all the switches you can find in the previous section. At the moment, files are not easily passed in the container, therefore it is better to process the qrcode or the pdf outside of the container and extract the qrcode text to pass in the application.
If you want more information on the green pass certification and how to parse or verify it you can refer to the following resources:
Greenpass Encoding documentation
Official Italian Android application