Android Question How to read Encrypted Data from QRCODE

J

junaidahmed

Well-Known Member
Licensed User
Longtime User
I have used ZXING QRCODE BARCODE library in my application.It works fine as per my requirement.I have some of the qrbarcode (AADHAR CARD)which returns only encrypted data.So I can not read this data in ZXING QRCODE BARCODE library.I have an below link for Android apps which reads the encrypted data when I scan QRCODE.Please advise how to read this data in B4A applications...

https://uidai.gov.in/ecosystem/authentication-devices-documents/qr-code-reader.html#
 
Sort by date Sort by votes
techknight

techknight

Well-Known Member
Licensed User
Longtime User
Without the algorithm and the encryption keys, you cant do anything. According to the link, you have to use their proprietary software which decrypts the information contained in the QR code, or a file, etc.

So unless they offer some sort of API you can use, whether it be an online-based REST API, etc. your kinda stuck otherwise.
 
Upvote 0
DonManfred

DonManfred

Expert
Licensed User
Longtime User
junaidahmed said:
Can I call that software in B4A apps and get the decrypted output ??
Click to expand...
If the app provide an api for this or an Intent. Without any Api or documented Intents and returnintents i don´t think you can do anything here.
 
Upvote 0
agraham

agraham

Expert
Licensed User
Longtime User
This seemed interesting so I had a look at it and found this description of how to decode it

https://uidai.gov.in/images/resource/User_manulal_QR_Code_15032019.pdf

The data from the bar code is not in fact encrypted as far as I can tell but is binary data signed by a public key to verify that the data is genuinely sourced from the Indian Government. The document at the link above tells you how to decode it, though what the first three steps of validation mean are not clear to me.
 
Upvote 0
techknight

techknight

Well-Known Member
Licensed User
Longtime User
Ah, well at least they published the specs. Although there is a ton of personally identifiable information in that QR code that wouldnt be a good idea if it did get out, so eh... Anyways.
 
Upvote 0
techknight

techknight

Well-Known Member
Licensed User
Longtime User
agraham said:
This seemed interesting so I had a look at it and found this description of how to decode it

https://uidai.gov.in/images/resource/User_manulal_QR_Code_15032019.pdf

The data from the bar code is not in fact encrypted as far as I can tell but is binary data signed by a public key to verify that the data is genuinely sourced from the Indian Government. The document at the link above tells you how to decode it, though what the first three steps of validation mean are not clear to me.
Click to expand...

Sounds like ints to bytes. But then its also compressed (so it says). Doesn't say what compression algo, maybe RLE? only can guess there.

Edit: I got it. Seems as the QR data is one big number. Hence why they show it as Big Integer. So it has to be written/loaded in a Big Integer type, and then converted into a byte array from that. So I "assume" that means take that big a** number, chop it up into 8 bit chunks which becomes your byte array?
 
Last edited:
Upvote 0
agraham

agraham

Expert
Licensed User
Longtime User
junaidahmed said:
Here is another link for scanning QR Code for Aadhar Card
Click to expand...
I'm beginning to think that you don't have sufficient understanding of the Aadhar Card system to do what you want. This link above is to a very simple app to read the original Aadhar card QR Code which seems to contain the data as clear text in an XML format. You seem to want to decode the later, more secure from fraud, digitally signed QR Code which needs more processing which that app cannot do.


techknight said:
Although there is a ton of personally identifiable information in that QR code that wouldnt be a good idea if it did get out
Click to expand...
Actually I think they have thought of that. Basically the only available information in the code is name, date of birth and address. Note that the email address and mobile number are not actually stored in the code, only secure hashes for them are. Part of the identity confirmation is to for the card/letter bearer to give those to the validator which then confirms that they match the stored hash. The photo saved in the code can also be compared to the card/letter bearer by the validator and it is all signed to validate that the data has not been tampered with.
 
Upvote 0
techknight

techknight

Well-Known Member
Licensed User
Longtime User
Yea, Makes sense I guess. Definitely better than the simple social security numbers we use here, that get breached all the time. Antiquated system.
 
Upvote 0
You must log in or register to reply here.

Similar Threads

zed
  • Question
Android Question Insert a new contact with a QRCode VCard
Replies
0
Views
3K
zed
zed
M
  • Article
Android Code Snippet [B4X] CameraExClass- QrCode/Barcode Reader fix new SDK
Replies
5
Views
3K
rogeriosca
rogeriosca
pliroforikos
  • Question
Android Question Reading QRCode from PDF
Replies
1
Views
1K
Erel
Erel
Q
  • Solved
Android Question Read QRCode from photo gallery
Replies
2
Views
2K
qey
Q
vpires
  • Article
B4A Library Wrapper to zxing QRCode, EAN-13 & EAN-8 Generator
Replies
16
Views
21K
Gaver Powers
Gaver Powers
Top