Difference between revisions of "Belgian ePassport"

From YobiWiki
Jump to navigation Jump to search
Line 46: Line 46:
 
* Others:
 
* Others:
 
** [http://www.bsi.bund.de/english/publications/techguidelines/tr03110/TR-03110_v200.pdf Advanced Security Mechanisms for Machine Readable Travel Documents] by BSI
 
** [http://www.bsi.bund.de/english/publications/techguidelines/tr03110/TR-03110_v200.pdf Advanced Security Mechanisms for Machine Readable Travel Documents] by BSI
===Country certificates===
+
===Certificates===
  +
* CSCA certificate (Country Signing CA certificate)
 
**is typically valid for their period of intended use + period of validity of the issued passports + 3 months (e.g. 5+10+0.25) and renewed after their period of intended use (e.g. 5 years).
  +
**is used to verify the DS certificate
  +
* DS certificate (Document Signer certificate)
 
** is typically valid for the period of validity of the passport itself + 3 months and renewed after their period of intended use (3 months). (e.g. 10+0.25)
  +
** is used to verify the integrity of the EF_DG* files of the passport through their hashes signed in EF_SOD
  +
** is optionally present in the EF_SOD file of the passport (mandated by US-VISIT & by EU I think)
  +
* SOD (Document Security Object)
  +
** RFC3369 CMS Signed Data Structure, signed by the Document Signer (DS).
  +
** Carries the hashed LDS Data Groups.
  +
** Stored in the MRTD’s chip.
  +
** MAY carry the Document Signer Certificate
  +
* AA (Active Authentication) keys
  +
** private key stored in the chip
  +
** public key available in EF_DG15, whom hash key is signed in SOD by DS
  +
 
As per epassport2008 there are several certificates for the full EAC solution:
 
Element File name
 
CSCA certificate - name NN_CSCA.der (.der, .cer)
 
DS certificate NN_DS (.der, .cer) preferably included in the ePassport chip
 
CVCA certificate NN_CVCA.cvcert (minimal validity at least 2 month)
 
CVCA private key under PKCS#8 format NN_CVCA.pkcs8
 
DV certificate NN_DVCA.cvcert (effective date like CVCA certificate)
 
IS certificate NN_IS.cvcert (effective date like CVCA certificate)
 
IS private key under PKCS#8 format NN_IS.pkcs8
  +
===CSCA certificates===
 
* see http://jmrtd.org/csca.shtml
 
* see http://jmrtd.org/csca.shtml
 
* [http://www2.icao.int/en/MRTD/Pages/icaoPKD.aspx ICAO PKD]
 
* [http://www2.icao.int/en/MRTD/Pages/icaoPKD.aspx ICAO PKD]
Line 62: Line 88:
 
done
 
done
 
</source>
 
</source>
  +
===Verifying a passport===
 
 
Example to verify a French passport:
CSCA Country certificates can be used to verify the DS certificate present in the EF_SOD file of the passport.
 
 
# Get France CSCA certificate: hum you should get country certificates from a trusted source ;-)
<br>CSCA certificates are typically valid for their period of intended use + period of validity of the issued passports + 3 months (e.g. 5+10+0.25) and renewed after their period of intended use (e.g. 5 years).
 
<br>DS certificates are typically valid for the period of validity of the passport itself + 3 months and renewed after their period of intended use (3 months). (e.g. 10+0.25)
 
<br><br>Example to verify a French passport:
 
# Get France country certificate: hum you should get country certificates from a trusted source ;-)
 
 
wget -O - http://jmrtd.org/csca/fr.cer |openssl x509 -inform der -outform pem -out fr.PEM
 
wget -O - http://jmrtd.org/csca/fr.cer |openssl x509 -inform der -outform pem -out fr.PEM
 
# EF_SOD certificate should have been extracted by RFIDIOt, if not:
 
# EF_SOD certificate should have been extracted by RFIDIOt, if not:
Line 82: Line 105:
   
 
Moreover to be perfect, we should also check CSCA and DS against CRLs supposedly available at ICAO PKD.
 
Moreover to be perfect, we should also check CSCA and DS against CRLs supposedly available at ICAO PKD.
 
As per epassport2008 there are several certificates for the full EAC solution:
 
Element File name
 
CSCA certificate - name NN_CSCA.der (.der, .cer)
 
DS certificate NN_DS (.der, .cer) preferably included in the ePassport chip
 
CVCA certificate NN_CVCA.cvcert (minimal validity at least 2 month)
 
CVCA private key under PKCS#8 format NN_CVCA.pkcs8
 
DV certificate NN_DVCA.cvcert (effective date like CVCA certificate)
 
IS certificate NN_IS.cvcert (effective date like CVCA certificate)
 
IS private key under PKCS#8 format NN_IS.pkcs8
 
   
 
===Security of the ePassport infrastructure===
 
===Security of the ePassport infrastructure===

Revision as of 00:02, 4 February 2009

Back to Belgian eGov

Belgian ePassports

Characteristics

  • Current versions demo
  • Uses Opentrust PKI (former IDX-PKI from idealx)
  • Price:
    • 30€ droit de chancellerie
    • taxes communales (Ixelles=26€, Leuven=11€?,...)
    • 41€ frais de confection
    • Much more expensive if urgent or 64 pages (~250€)
  • maker? at least not Zetes (contradictory info here)
    Mais nous ne fabriquons pas le passeport belge, c’est vrai. C’est un contrat qui a été attribué avant que nous ne soyons actifs sur ce segment. S’il y a un appel d’offres, j’imagine que nous y répondrons.

chip

  • ATR 3B 8E 80 01 80 91 E1 31 C0 64 77 E3 03 00 83 82 90 00 6C
  • ATR 3B 8E 80 01 80 91 91 31 C0 64 77 E3 03 00 83 82 90 00 1C (as mentioned in pcsc-lite smartcard_list.txt)
  • ATR 3B 88 80 01 00 00 01 07 01 72 90 00 EC (on a recent passport 01/2009 EH431xxx)
  • Belgium is one rare country to also include the owner handwritten signature, in EF_DG7
  • Non-compliances?
    • Requires option 0x0C whenever you select the application or a file (important for non-BAC passports), usually other passports implement 7816-4 a bit better and accept the standard select_file but apparently Belgium just implemented the example of LDS just as it was presented, no more)
    • non-BAC passports have a bug in EF_DG11, in full name of holder (tag 5F0E): null length followed by "A0 06 02 01 01"
    • newer passports have a bug in EF_DG12, using tag 5F85 instead of 5F55 for the document issuance timestamp (5F85 is in LDS1.7, 5F55 is in ISO standard)
    • newest passports (with polycarbonate transparent sheet) don't have the bug anymore in EF_DG12, skipping simply document issuance timestamp
  • Reading the DS certificate in EF_SOD (output truncated):
openssl pkcs7 -text -print_certs -in EF_SOD.PEM
Authority:
       Issuer: C=BE, O=Kingdom of Belgium, OU=Federal Public Service Foreign Affairs Belgium, CN=CSCAPKI_BE
       Subject: C=BE, O=Kingdom of Belgium, OU=Federal Public Service Foreign Affairs Belgium, CN=DSPKI_BE
       X509v3 extensions:
           X509v3 Authority Key Identifier:.
               keyid:00:84:19:14:B2:CE:7E:0A:DE:3A:26:F9:FD:DD:1F:F4:01:42:A8:0E

Security of Belgian ePassports

RFID-enabled Passports

ICAO standards

Certificates

  • CSCA certificate (Country Signing CA certificate)
    • is typically valid for their period of intended use + period of validity of the issued passports + 3 months (e.g. 5+10+0.25) and renewed after their period of intended use (e.g. 5 years).
    • is used to verify the DS certificate
  • DS certificate (Document Signer certificate)
    • is typically valid for the period of validity of the passport itself + 3 months and renewed after their period of intended use (3 months). (e.g. 10+0.25)
    • is used to verify the integrity of the EF_DG* files of the passport through their hashes signed in EF_SOD
    • is optionally present in the EF_SOD file of the passport (mandated by US-VISIT & by EU I think)
  • SOD (Document Security Object)
    • RFC3369 CMS Signed Data Structure, signed by the Document Signer (DS).
    • Carries the hashed LDS Data Groups.
    • Stored in the MRTD’s chip.
    • MAY carry the Document Signer Certificate
  • AA (Active Authentication) keys
    • private key stored in the chip
    • public key available in EF_DG15, whom hash key is signed in SOD by DS

As per epassport2008 there are several certificates for the full EAC solution:

Element                              File name
CSCA certificate - name              NN_CSCA.der (.der, .cer)
DS certificate                       NN_DS (.der, .cer) preferably included in the ePassport chip
CVCA certificate                     NN_CVCA.cvcert (minimal validity at least 2 month)
CVCA private key under PKCS#8 format NN_CVCA.pkcs8
DV certificate                       NN_DVCA.cvcert (effective date like CVCA certificate)
IS certificate                       NN_IS.cvcert (effective date like CVCA certificate)
IS private key under PKCS#8 format   NN_IS.pkcs8

CSCA certificates

Stupid script to see what are the country certificates there (there are also CRLs):

#!/bin/bash 

rm xx*
csplit pkd.000033.ldif '%userCertif%' '/^userCertif/' '{*}'
for i in xx*; do
    cat $i |sed '1s/^.*:://;/:/,/qwerty/d' |openssl base64 -d|openssl x509 -inform der -out $i.pem -outform pem
    cat $i |sed '1s/^.*:://;/:/,/qwerty/d' |openssl base64 -d|openssl x509 -inform der -text -noout > $i.txt
    test $? -eq 0 && rm $i
done

Verifying a passport

Example to verify a French passport:

# Get France CSCA certificate: hum you should get country certificates from a trusted source ;-)
wget -O - http://jmrtd.org/csca/fr.cer |openssl x509 -inform  der -outform pem -out fr.PEM
# EF_SOD certificate should have been extracted by RFIDIOt, if not:
tail -c+5 EF_SOD.BIN | openssl pkcs7 -inform DER -outform PEM -out EF_SOD.PEM
# Verify DS certificate stored in the passport with country CSCA certificate:
openssl pkcs7 -in EF_SOD.PEM -print_certs -outform PEM |openssl verify -CAfile fr.PEM
# you should get back a OK:
stdin: OK
# Verify SOD is well signed by DS, how?

# Verify files hashes are those signed in SOD

# Active authentication, verify the passport owns the private key of cert in DG15, how?

Moreover to be perfect, we should also check CSCA and DS against CRLs supposedly available at ICAO PKD.

Security of the ePassport infrastructure

Tools

OpenMRTD

library

JMRTD

Java host API & Javacard applet to build your own epassport infrastructure

RFIDIOt

See RFID#RFIDIOt

eCL0WN

Applet for Nokia NFC phone

vonJeek emulator

Misc