|
|
@@ -0,0 +1,57 @@
|
|
|
+QR Generator
|
|
|
+===
|
|
|
+
|
|
|
+This has some code to generate QR codes for use in the camera
|
|
|
+setup for the PIU.
|
|
|
+
|
|
|
+```
|
|
|
+python3 -m http.server
|
|
|
+```
|
|
|
+
|
|
|
+Go to
|
|
|
+
|
|
|
+```
|
|
|
+http://localhost:8000/qr_mag.html
|
|
|
+```
|
|
|
+
|
|
|
+---
|
|
|
+
|
|
|
+For future reference, here is a proposal to generate QR codes for one
|
|
|
+time use:
|
|
|
+
|
|
|
+* Generate a list of secret bit string pairs (`s_pub`,`s_hash`)
|
|
|
+* `s_hash` should be at least as long as the longest credential string
|
|
|
+* Distribute the bit string pairs to the fleet, housing them on the DIU
|
|
|
+* Server side, when a rider wants a QR code, give generate as follows:
|
|
|
+ - hash the credential (call it a virtual magstripe, `vmag`, for ease) with `s_hash`
|
|
|
+ - create the string `qrstr` as `%s_pub@<b64(xor(vmag,s_hash))>` (where `<xor...>` is the xor of `vmag` and `s_hash` and `b64` is the base64 encoding of the xor)
|
|
|
+ - generate a QR code of `qstr` and give the rider a PDF (or whatever else)
|
|
|
+ - mark the pair as 'used' server side
|
|
|
+* When the rider presents the QR code to the PIU/DIU, the DIU will decode as follows
|
|
|
+ - look in the local database of bit string pairs for the `s_pub`
|
|
|
+ - if `s_pub` doesn't exist, reject outright
|
|
|
+ - if `s_pub` exists but is marked as used, reject
|
|
|
+ - if `s_pub` exists and isn't used, retrieve the `s_hash` string
|
|
|
+ - `xor` the `s_hash` string with the encoded string to retrieve the credential
|
|
|
+ - process the credential (`vmag`) as normal
|
|
|
+* DIUs will communicate back to the server about used bit string pairs
|
|
|
+* The server will push out an update message to invalidate certain bit string pairs based on what's been used
|
|
|
+
|
|
|
+There might need to be some fiddling with the base64 encoding to make sure it works out and
|
|
|
+doesn't become too large.
|
|
|
+
|
|
|
+If the messages are through a different channel or through a known channel but masked as debug or update
|
|
|
+messages that are ignored by the legacy system, it should be able to be used in tandem with the legacy
|
|
|
+system without issue.
|
|
|
+
|
|
|
+
|
|
|
+Some notes:
|
|
|
+
|
|
|
+* `s_pub`, while "public", doesn't give enough information, by itself, to get free rides
|
|
|
+* Seeing the QR code will not allow someone snooping to glean what the credential is as
|
|
|
+ it's masked with the `s_hash` bit string
|
|
|
+* If someone manages to get the QR code, this only allows the thief to use the card once
|
|
|
+* "Double spending" of the QR code reduces to double spending of the credential as it
|
|
|
+ maps back to an underlying credential
|
|
|
+
|
|
|
+
|
