IC Authentication

CAPublicKeySecurityProtocol represents different security protocols for Chip Authentication Public Keys in electronic Machine Readable Travel Documents (eMRTD).

See more

internal enum CAPublicKeySecurityProtocol : UInt8, SecurityProtocol

ChipAuthenticationHandler is responsible for performing chip authentication to verify the authenticity of the chip.

Chip Authentication prevents copying the SOD and proves that it has been read from the authentic contactless IC and that it has not been substituted.

The protocol provides implicit authentication of both the eMRTD chip itself and the stored data by performing Secure Messaging using the new session keys.

See more

internal final class ChipAuthenticationHandler

ChipAuthenticationInfo represents security information related to Chip Authentication in electronic Machine Readable Travel Documents (eMRTD).

The ASN.1 data structure ChipAuthenticationInfo is defined as follows:

 ChipAuthenticationInfo ::= SEQUENCE {
    protocol OBJECT IDENTIFIER(
        id-CA-DH-3DES-CBC-CBC |
        id-CA-DH-AES-CBC-CMAC-128 |
        id-CA-DH-AES-CBC-CMAC-192 |
        id-CA-DH-AES-CBC-CMAC-256 |
        id-CA-ECDH-3DES-CBC-CBC |
        id-CA-ECDH-AES-CBC-CMAC-128 |
        id-CA-ECDH-AES-CBC-CMAC-192 |
        id-CA-ECDH-AES-CBC-CMAC-256),
    version INTEGER, -- MUST be 1,
    keyId INTEGER OPTIONAL
 }

This data structure provides detailed information on an implementation of Chip Authentication and its components represent:

• protocol: An object identifier that identifies the algorithms to be used, i.e.key agreement, symmetric cipher and MAC).

• version: An integer that identifies the version of the protocol. Currently, only version 1 is supported by this specification.

• keyId: An integer that may indicate the local key identifier (optional).

See more

internal final class ChipAuthenticationInfo : SecurityInfo

A class representing the public key information used in Chip Authentication or PACE with Chip Authentication Mapping.

The ASN.1 data structure ChipAuthenticationPublicKeyInfo is defined as follows:

 ChipAuthenticationPublicKeyInfo ::= SEQUENCE {
    protocol OBJECT IDENTIFIER(id-PK-DH | id-PK-ECDH),
    chipAuthenticationPublicKey SubjectPublicKeyInfo,
    keyId INTEGER OPTIONAL
 }

This data structure provides a public key for Chip Authentication or PACE with Chip Authentication Mapping of the eMRTD chip and its components represent.

• protocol: An object identifier that identifies the type of the public key (i.e. DH or ECDH).

• chipAuthenticationPublicKey: A SubjectPublicKeyInfo data structure that contains the public key in encoded form.

An integer that identifies the version of the protocol. Currently, only version 1 is supported by this specification..

• keyId: An integer that may indicate the local key identifier (optional).

See more

internal final class ChipAuthenticationPublicKeyInfo : SecurityInfo

The ChipAuthenticationASecurityProtocol enum represents various security protocols used in Chip Authentication for electronic Machine Readable Travel Documents (eMRTD).

These protocols are identified by a unique ObjectIdentifier (OID) and specific EncryptionAlgorithm and KeyAgreementAlgorithm.

See more

internal enum ChipAuthenticationSecurityProtocol : UInt8, SecurityProtocol