vaubaehn
vaubaehn
@dsarkar Do you know wether there is a plausibility-check of the entered TAN-code (like a one-digit 'Prüfsumme' inside the TAN-code itself) before CWA trying to retrieve the corresponding token on...
@dsarkar I cross-checked whether there is a checksum calculation for the TAN. And there is. The last digit is the checksum, and simple alteration of the last digit it's possible...
After pressing "submit", it just comes to my mind: Are the DCCs actually encrypted - with the birthdate?
@thomasaugsten Thank you very much - that's amazing. That was completely out of my sight when peeking to the code. Have a nice time!
But still: won't RKI need to sign the unencrypted DCC to be compliant with the ehn-schema? If "RKI" signed an encrypted DCC, the signature would get invalid for veryfing the...
@thomasaugsten Thanks again! > RKI is signing the hash not the complete certificate That was also how I understood it earlier. In this case, the blog post is a bit...
@Bubu In the past, signature verification by Google's ENS could take an incredibly high amount of time for unknown reasons for older/low-end phones. On my LG-G4 it took around 70s...
@Bubu Thanks for the feedback. Happy to hear it's working good. So, If I got it right, ENS is actively downloading the public key everytime for signature verification? Then here's...
I experienced something similar last week end. I checked in with automatic check out, then didn't open CWA for many hours. In the end of the day, there was not...
@d4rken > Was the device low on storage when this happened? In my case yes. > Did the device use an external sdcard as internal storage ( I think the...