-
-
Notifications
You must be signed in to change notification settings - Fork 7
Martin Paljak edited this page Jan 23, 2019
·
16 revisions
Highlights:
- NO specs whatsoever in TD-ID1-Chip-App v0.8
-
id-PACE-Nist-P256 AES-CBC-CMAC-256
"To exchange APDU in Contactless with PKI application in a secure channel. No applicative privileges are granted" on page 12 in "IFD (Interface Device)" section. - Incorrect claim on page 14 regarding EF.CardAccess:
PACEDomainParameterInfo: BRAINPOOL_P384_R1 (BrainpoolP384r1)
- actual curve used is P256
-
- PACE with
id-PACE-ECDH-GM-AES-CBC-CMAC-256
with CAN (6 digit number printed on card)- TR 03110-3 defines it: https://www.bsi.bund.de/EN/Publications/TechnicalGuidelines/TR03110/BSITR03110.html
- Video of POC https://mrtn.ee/vids/2019-01-22-nfcid.mp4
- validated with real life digi-ID, video with test card for privacy reasons (CAN number)