jllarraz / AndroidPassportReader

Android application to read passports with MRZ
124 stars 52 forks source link

Chip Authentication Fails #15

Open RomainL972 opened 4 years ago

RomainL972 commented 4 years ago

Hello, I cloned your project and ran it on my phone. Everything seems to work except the Chip Authentication that fails. When I use other passport readers, it tells me my Chip Authentication succeeded. I saw this in your code:

val doEACCA = ps.doEACCA(chipAuthenticationInfo!!.keyId, chipAuthenticationInfo.objectIdentifier, chipAuthenticationInfo.protocolOIDString, authenticationPublicKeyInfo.subjectPublicKey)

But isn't protocolOIDString a human-readable representation of objectIdentifier? If yes then aren't you giving twice the same thing to the function? In my app when I do the following it works

BigInteger keyId = publicKeyInfo.getKeyId();
PublicKey publicKey = publicKeyInfo.getSubjectPublicKey();
String oid = publicKeyInfo.getObjectIdentifier();
service.doEACCA(keyId, ChipAuthenticationPublicKeyInfo.ID_CA_ECDH_AES_CBC_CMAC_256, oid, publicKey);

Thanks for your help.

jllarraz commented 4 years ago

As soon as I have some free time I will take a look, thanks

RomainL972 commented 4 years ago

Hello, I noticed that this problem happens with my french passport issued in 2019 but not with those issued in 2016. It seems that chipAuthenticationInfo isn't available in newer french passports. That's why in my app, I had to guess what algorithm should be used, with ChipAuthenticationPublicKeyInfo.ID_CA_ECDH_AES_CBC_CMAC_256

jllarraz commented 4 years ago

I look to the specification and unless that the french passports are no longer following the standard (Using another one) I dont know why that Chip authentication is not there

Documentation 5.2.2 Security Infos for Chip Authentication To indicate support for Chip Authenticiation SecurityInfos may contain the following entries: • At least one ChipAuthenticationInfo and the corresponding ChipAuthenticationPublicKeyInfo using explicit domain parameters MUST be present.

MrLongg71 commented 1 year ago

hi guys, any solution about this error? some card field "activeAuthentication": false (func verifyAA()) @RomainL972 thank SO much!