2 Replies Latest reply: Mar 19, 2012 8:58 AM by 917095 RSS

    JCOP41 ICAO-compliant passport


      I'm trying for a while to create an ICAO-compliant e-passport using a JCOP41. Now, I'm having some trouble creating a DG14 with characteristic-two fields GF(2n) since GF(p) is not supported by the card. According to RFC3279, here is what I need to create (since I'm sure there is no problem with GF(p), I will only consider the critical part):
      FieldID ::= SEQUENCE {
          fieldType OBJECT IDENTIFIER,
          parameters ANY DEFINED BY fieldType }
      Characteristic-two ::= SEQUENCE {
          m INTEGER,          -- Field size 2^m
          basis OBJECT IDENTIFIER,
          parameters ANY DEFINED BY basis }
      Using the document of the BSI "Technical Guideline TR-03110" Appendix D, here is what I propose for keys of length 113:
              020171                              // m = 113
              06092A8648CE3D01020102                    // tpBasis
              020109                              // e = 9
      The problem is that I cannot perform EAC using the Golden Reader Tool (GRT). I always get the following message: "The chip authentication procedure failed. The chip may have been cloned. BER decode error".

      Is there a document where I can find an example similar to the one in the document of the BSI for GF(2n)? Can someone point me where I'm wrong? (the RFC seems a little bit blur to me)