Last active
March 21, 2022 19:35
-
-
Save MadMartian/984afe43fbbfc3b16f9a5992c8363908 to your computer and use it in GitHub Desktop.
Python script to decode SHC-encoded JWTs generated by SmartHealth Cards.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| from sys import stdin, stdout, stderr | |
| import base64 | |
| import re | |
| import zlib | |
| import argparse | |
| ap = argparse.ArgumentParser() | |
| ap.add_argument('--header', action='store_true', help='Output the JWT header instead of the payload') | |
| args = ap.parse_args() | |
| def b64dec(data): | |
| nipad = len(data) % 4 | |
| if nipad > 0: | |
| data += "=" * (4 - nipad) | |
| return base64.urlsafe_b64decode(data) | |
| def readSHC(): | |
| result = "" | |
| while True: | |
| n = stdin.read(2) | |
| if not n: | |
| break | |
| try: | |
| n = int(n) + 45 | |
| result += chr(n) | |
| except ValueError: | |
| pass | |
| return result | |
| scheme = stdin.read(5) | |
| if scheme != "shc:/": | |
| print("Input is not in SHC scheme format", file = stderr) | |
| sys.exit(1) | |
| result = readSHC() | |
| m = re.match("^([\w\d\.\-_]+)\.([\w\d\.\-_]+)\.([\w\d\.\-_]+)$", result) | |
| if m: | |
| parts = m.groups() | |
| else: | |
| print("Encoded SHC is not a valid JWT", file = stderr) | |
| sys.exit(2) | |
| if args.header: | |
| header = b64dec(parts[0]).decode('utf-8') | |
| print (header) | |
| else: | |
| payload = b64dec(parts[1]) | |
| payload = zlib.decompress(payload, wbits = -15) | |
| payload = payload.decode("utf-8") | |
| print (payload) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Basic Usage Instructions
zbarimgto decode the QR codeQR-Code...)shc-jwt.pyyqExample:
zbarimg path-to-qrcode.jpg | sed 's/^QR-Code://' | shc-jwt.py | yq -y .