Open visav-tietoevry opened 2 years ago
I am trying to read the French ID card using CAN/ MRZ, but PACE failed with an invalid parameter error. Please see the log and any help is appreciated.
2022-10-26 13:57:33.1280 - tagReaderSessionDidBecomeActive 2022-10-26 13:57:41.4540 - tagReaderSession:didDetect - iso7816(<NFCISO7816Tag: 0x2815117a0>) 2022-10-26 13:57:41.4550 - tagReaderSession:connected to tag - starting authentication 2022-10-26 13:57:41.457450+0300 IDCardScan[73043:5339650] [CoreNFC] -[NFCTagReaderSession setAlertMessage:]:101 (null) 2022-10-26 13:57:41.4620 - TagReader - sending [0x00, 0xA4, 0x00, 0x0C, 0x02, 0x3F, 0x00] 2022-10-26 13:57:41.4750 - TagReader - Received response 2022-10-26 13:57:41.4760 - TagReader [unprotected] [], sw1:0x6a sw2:0x86 2022-10-26 13:57:41.4790 - Error reading tag: sw1 - 0x6A, sw2 - 0x86 2022-10-26 13:57:41.4810 - reason: Incorrect parameters P1-P2 2022-10-26 13:57:41.4810 - PACE Failed - falling back to BAC
Thanks.
Summary
Card Access Number can be used for PACE
This is heavily inspired by #106, which I tried to rebase onto current main branch, but eventually decided to patch it by hand, because there was conflicts that I couldn't resolve in reasonable time.
As opposed to #106, there's some changes in error handling, which in our tests can detect if CAN was invalid.
We've tested the changes successfully with a couple of Finnish passports, on iOS 16.
Changes
PACEAccessKey
enum, which can either be.mrz
or.can
PassportReader.readPassport()
now usesPACEAccessKey
when establishing PACE.PassportReader.startReading()
doesn't fallback to BAC when PACE fails, if CAN was used.PassportReader.readPassport( mrzKey: ...)
as deprecated overload ofreadPassport( accessKey: ...)
. Not sure if this makes sense, because of the next bullet point...NFCPassportReaderError.InvalidMRZKey
withNFCPassportReaderError.AuthenticationFailed
, to indicate that either CAN or MRZ was incorrect.TagReader.send
, to handle authentication error when using incorrect CANCaveats
NFCPassportReaderError.InvalidMRZKey
is removedRemarks
I checked the SPM example, and it's pinned to older version of the library. Perhaps the example should be changed so that it uses local version of NFCPassportReader package, to make it easier to develop the example along with the changes to library?