PassiveAuthenticationHandler

internal final class PassiveAuthenticationHandler

PassiveAuthenticationHandler is responsible for performing passive authentication on data groups of an eMRTD.

Passive Authentication proves that the contents of the Document Security Object (SOD) and LDS are authentic and not changed.

Note

This verification mechanism does not require processing capabilities of the contactless IC in the Therefore it is called “Passive Authentication” of the contactless IC’s contents.

Important

It does not prevent exact copying of the contactless IC’s content or chip substitution. See ChipAuthenticationHandler for more about that.

See also

SOD and HashAlgorithm

  • Initialize the PassiveAuthenticationHandler with a SOD (Security Object Document) object.

    Declaration

    Swift

    internal init(sod: SOD)

    Parameters

    sod

    The SOD object containing security-related data.

  • Perform passive authentication on specified data groups of the eMRTD document.

    Passive authentication checks the integrity of data groups and ensures that the Security Object Document (SOD) is correctly signed.

    Throws

    An error if the authentication process fails or if there are issues with the provided data.

    Declaration

    Swift

    internal func performPassiveAuthentication(on dataGroups: [DataGroup]) throws

    Parameters

    dataGroups

    An array of data groups to be authenticated.