tananaev / passport-reader Goto Github PK
View Code? Open in Web Editor NEWe-Passport NFC Reader Android app
e-Passport NFC Reader Android app
first of all, thanks for making this :)
sorry if it's a naive question, but what's the recommended way of using this in my app? Ideally I would just add a compile line to dependencies in my build.gradle
The name, gender, country, nationality and the identity photo are correctly loaded. The passive authentication passes, but the chip authentication fails.
Version 3.0 (F-Droid)
Not sure whether the following part of logcat helps:
net.sf.scuba.smartcards.CardServiceException: File not found, CAPDU = 00A4020C02011C, RAPDU = 6A82 (SW = 0x6A82: FILE NOT FOUND)
at org.jmrtd.protocol.ReadBinaryAPDUSender.checkStatusWordAfterFileOperation(ReadBinaryAPDUSender.java:218)
at org.jmrtd.protocol.ReadBinaryAPDUSender.sendSelectFile(ReadBinaryAPDUSender.java:79)
at org.jmrtd.DefaultFileSystem.sendSelectFile(DefaultFileSystem.java:321)
at org.jmrtd.DefaultFileSystem.getFileInfo(DefaultFileSystem.java:272)
at org.jmrtd.DefaultFileSystem.getSelectedPath(DefaultFileSystem.java:129)
at net.sf.scuba.smartcards.CardFileInputStream.<init>(CardFileInputStream.java:60)
at org.jmrtd.PassportService.getInputStream(PassportService.java:595)
at com.tananaev.passportreader.MainActivity$ReadTask.doInBackground(MainActivity.kt:235)
at com.tananaev.passportreader.MainActivity$ReadTask.doInBackground(MainActivity.kt:207)
at android.os.AsyncTask$3.call(AsyncTask.java:394)
at java.util.concurrent.FutureTask.run(FutureTask.java:264)
at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:305)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1137)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:637)
at java.lang.Thread.run(Thread.java:1012)
and
net.sf.scuba.smartcards.CardServiceException: File not found, CAPDU = 00A4020C02010E, RAPDU = 6A82 (SW = 0x6A82: FILE NOT FOUND)
at org.jmrtd.protocol.ReadBinaryAPDUSender.checkStatusWordAfterFileOperation(ReadBinaryAPDUSender.java:218)
at org.jmrtd.protocol.ReadBinaryAPDUSender.sendSelectFile(ReadBinaryAPDUSender.java:79)
at org.jmrtd.DefaultFileSystem.sendSelectFile(DefaultFileSystem.java:321)
at org.jmrtd.DefaultFileSystem.getFileInfo(DefaultFileSystem.java:272)
at org.jmrtd.DefaultFileSystem.getSelectedPath(DefaultFileSystem.java:129)
at net.sf.scuba.smartcards.CardFileInputStream.<init>(CardFileInputStream.java:60)
at org.jmrtd.PassportService.getInputStream(PassportService.java:600)
at com.tananaev.passportreader.MainActivity$ReadTask.doChipAuth(MainActivity.kt:291)
at com.tananaev.passportreader.MainActivity$ReadTask.doInBackground(MainActivity.kt:266)
at com.tananaev.passportreader.MainActivity$ReadTask.doInBackground(MainActivity.kt:207)
at android.os.AsyncTask$3.call(AsyncTask.java:394)
at java.util.concurrent.FutureTask.run(FutureTask.java:264)
at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:305)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1137)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:637)
at java.lang.Thread.run(Thread.java:1012)
and
Transaction too large, intent: Intent { cmp=com.tananaev.passportreader/.ResultActivity (has extras) }, extras size: 307744, icicle size: 0
Hello, we’re testing your sample app and while reading a Lithuanian passport, a problem occurs, that the image cannot be read and an exception is thrown: java.io.FileNotFoundException: /data/user/0/com.tananaev.passportreader/cache/temp.ppm (No such file or directory)
. App was tested on two devices and it is same on both. Do you have any idea how to resolve this issue? Thanks in advance.
if yes, could you point me to the part of the code that does this? If no, any plans to add that functionality?
thanks!
Hi friend
i write from Chile. I have been woriking with your project to try to read the card id but when i call the app , crachit instantily. ( im using app from play store)
This is the error i read on logcat:
05-15 14:26:31.071: E/AndroidRuntime(14483): Process: com.tananaev.passportreader, PID: 14483
05-15 14:26:31.071: E/AndroidRuntime(14483): java.lang.NoClassDefFoundError: org.spongycastle.util.Arrays
05-15 14:26:31.071: E/AndroidRuntime(14483): at org.spongycastle.asn1.ASN1ObjectIdentifier$OidHandle.<init>(ASN1ObjectIdentifier.java:449)
05-15 14:26:31.071: E/AndroidRuntime(14483): at org.spongycastle.asn1.ASN1ObjectIdentifier.intern(ASN1ObjectIdentifier.java:425)
05-15 14:26:31.071: E/AndroidRuntime(14483): at org.spongycastle.asn1.pkcs.PKCSObjectIdentifiers.<clinit>(PKCSObjectIdentifiers.java:117)
05-15 14:26:31.071: E/AndroidRuntime(14483): at org.spongycastle.jcajce.provider.digest.MD2$Mappings.configure(MD2.java:70)
05-15 14:26:31.071: E/AndroidRuntime(14483): at org.spongycastle.jce.provider.BouncyCastleProvider.loadAlgorithms(BouncyCastleProvider.java:220)
05-15 14:26:31.071: E/AndroidRuntime(14483): at org.spongycastle.jce.provider.BouncyCastleProvider.setup(BouncyCastleProvider.java:135)
05-15 14:26:31.071: E/AndroidRuntime(14483): at org.spongycastle.jce.provider.BouncyCastleProvider.access$000(BouncyCastleProvider.java:44)
05-15 14:26:31.071: E/AndroidRuntime(14483): at org.spongycastle.jce.provider.BouncyCastleProvider$1.run(BouncyCastleProvider.java:127)
05-15 14:26:31.071: E/AndroidRuntime(14483): at java.security.AccessController.doPrivileged(AccessController.java:45)
05-15 14:26:31.071: E/AndroidRuntime(14483): at org.spongycastle.jce.provider.BouncyCastleProvider.<init>(BouncyCastleProvider.java:123)
05-15 14:26:31.071: E/AndroidRuntime(14483): at com.tananaev.passportreader.MainActivity.<clinit>(MainActivity.java:73)
05-15 14:26:31.071: E/AndroidRuntime(14483): at java.lang.Class.newInstanceImpl(Native Method)
05-15 14:26:31.071: E/AndroidRuntime(14483): at java.lang.Class.newInstance(Class.java:1208)
Im useing a sony Z8
License of this library is listed as Apache 2.0 but it's using components from JMRTD and SCUBA licensed as LGPL. Under the terms of LGPL, this library is considered a combined work and so must be licensed under a GPL compatible license. https://www.gnu.org/licenses/lgpl-3.0.en.html
Just a warning for anyone looking to integrate this.
I'm a PhD student interested in finding security vulnerabilities in open source projects.
We found a total of 48 warnings (indicating potential vulnerabilities) when running the CogniCrypt static analyzer (*) on e-Passport NFC Reader (or its library dependencies). We documented each one of these issues in private gists for the sake of confidentiality (non-disclosure).
Can you please let us know whether we can share these gists with you? We are eager to evaluate the perception of developers (e.g. severity of these warnings) and improve e-Passport NFC Reader's security, and the quality of the reports of static analysis tools.
Q: is there a way to only use the Spongy/BouncyCastleProvider for the particular operations needed for chip reading/auth? Mutating the global list of providers breaks other crypto I'm doing. Thanks!
edit: i tried addProvider()
instead, but then it doesn't scan the chip
Maybe there should be a check, to see if the person has turned on his NFC on his phone yet before it gets started typing in any details.
hello.
Thanks to you, we are implementing the electronic passport reading function.
I would like to know the source of Masterlist.
According to what I found, it is a .ml file that is updated every 3 months on the ICAO homepage. Are you converting and updating based on this file?
If so, can you explain how to convert it?
It sais "Access to file denied"
Do you know if it is possible to support identity card with nfc ?
https://f-droid.org is alternative market for FOSS Android apps
Starting with TargetSDK 33 / Android 13, devices can use an app's VectorDrawable launcher icon to render a user-themed / monochromatic version of it:
Cannot find the "done" button on the bottom of the details entry page. So cannot proceed to the next step.
Yes, I tried horizontal and vertical modes.
We enter a passport number, date of expiration, and date of birth, but there is no done button to finish. I don't have my screen magnification that high that it might have shoved it off I hope. Android 12.
Can I use this library in commercial product free?
Hi. When I try to build "app", I get the following errors:
> Task :app:compileDebugJavaWithJavac FAILED
FAILURE: Build failed with an exception.
* What went wrong:
Execution failed for task ':app:compileDebugJavaWithJavac'.
> Could not resolve all files for configuration ':app:debugCompileClasspath'.
> Failed to transform bcprov-jdk15on-1.66.jar (org.bouncycastle:bcprov-jdk15on:1.66) to match attributes {artifactType=android-classes-jar, org.gradle.category=library, org.gradle.libraryelements=jar, org.gradle.status=release, org.gradle.usage=java-api}.
> Execution failed for JetifyTransform: C:\Users\Dmitriy\.gradle\caches\modules-2\files-2.1\org.bouncycastle\bcprov-jdk15on\1.66\ed564ade61defca27e26fb1378a70b22831fc5c1\bcprov-jdk15on-1.66.jar.
> Failed to transform 'C:\Users\Dmitriy\.gradle\caches\modules-2\files-2.1\org.bouncycastle\bcprov-jdk15on\1.66\ed564ade61defca27e26fb1378a70b22831fc5c1\bcprov-jdk15on-1.66.jar' using Jetifier. Reason: IllegalArgumentException, message: Unsupported class file major version 59. (Run with --stacktrace for more details.)
Suggestions:
- Check out existing issues at https://issuetracker.google.com/issues?q=componentid:460323&s=modified_time:desc, it's possible that this issue has already been filed there.
- If this issue has not been filed, please report it at https://issuetracker.google.com/issues/new?component=460323 (run with --stacktrace and provide a stack trace if possible).
I tried installing different versions of Java, changing the configuration, but there is no sense. Heeelp!
To provide even better integration, it's handy if this app can accept values in the intent for the passport number, date of birth and expiry date, so as to pre-fill those three fields, in case the calling app already has those values (e.g. as retrieved by scanning the passport MRZ value). This avoids the end user having to manually enter those values which leads to a better user experience.
One further improvement for integration is to include the passport photo as a base64 encoded string in the resulting intent, which enables cordova-based apps to read the image successfully.
Raising this issue to see if these are changes you would accept in this repo. I have already done the code for both the above changes and can raise a PR for you to review, if so :)
Thanks!
All data incl photo was retrieved successful, though passive authentication and the chip authentication failed.
I wonder if there is no biometric data (like fingerprint) stored in the passport because it is not shown in this APP). OK, i saw #23 that this is not possible...
NB: i tested with german passport and NOT with german ID card called "Personalausweis".
Version:
Android 13, LineageOS 20
E-Passport Reader 3.1
Hello, How can I validate certificate with openssl and country cer ? Thank you
Hello, I tested with same Id card and same and correct mrz data but I get error sometimes when using nfc. What could be the problem, any idea? Thank you
CardServiceException: File not found
-OR-
CardServiceException: No valid file selected, path = null
-OR-
CardServiceException: SHA-256 implementation not found
Add support to save photo, please.
ios11 supports reading nfc tags https://developer.apple.com/documentation/corenfc
Hey, it would be cool to have this app on F-Droid. Here's how to: https://f-droid.org/contribute/
Hello, How can I use my country signing certificate file (.cer or .pem) with openssl or active authentication? thank you
Hey, I have a problem with running my app in release mode. With minifyEnabled true
I get an exception:
java.lang.IllegalStateException: Unexpected security exception during initialization
, with cause:
java.security.NoSuchAlgorithmException: no such algorithm: ISO9797Alg3Mac for provider BC
Do you know how to address this issue? Thanks in advance
I tried to install version 2.1 from F-Droid and a dialog appeared saying it was blocked by Play Protect. Play Protect does not recognize the developer. It offers to stop the installation or to install anyway. I stopped it.
I have installed lots of applications from F-Droid without ever seeing this problem.
In https://gitlab.com/fdroid/fdroiddata/-/blob/master/metadata/com.tananaev.passportreader.yml I see:
MaintainerNotes: masterList is a bundle of x509 certificates the scanner otherwise
blocks
Maybe the error is related.
Hi Anton,
I am having the following error when I scan the passport.
This happens in the doPACE call
01-28 09:33:47.132 8665-9619/com.pass.test W/MainActivity: org.jmrtd.PACEException: PCD side error in mapping nonce step: ECDH key agreement requires ECPrivateKey for initialisation
But when I run your app, it is working fine. Am I missing something ? is there something specific like a certificate or so which I need to invlude ?
any help would be highly appreciated
Kind regards
Densil
Hi, I just tried your app and it worked exactly as expected.
Can you also read out the fingerprint it is (presumably) stored on the RFID chip?
Hi,
Since there has been some commits since the latest tag, is it possible to create a new tag and bump the Android version code so F-Droid can build a new version of the app with all the latest changes ?
Best regards,
Romain Lebbadi-Breteau
Hi, After serval fails of read thialand passport using your app, the passport not respond anymore,
did the thialand passport have the lock strategy, could you give some help?
Hi, this project works well as expected.
I am just wondering where am I able to OFFICIALLY download the exact copy of masterList in the directory "app/src/main/assets/masterList" as it seems more to be more updated and contains more CSCA certs as compared to the one that is found on the official ICAO website (ICAO_ML_Jan2021.ml).
https://www.icao.int/Security/FAL/PKD/Pages/ICAO-Master-List.aspx
Hi! Can you tell me, how can I get RNTRC code and place of registration from passport?
I have masterList.pem, it works in iOS with the result that the passive tag is equal to true. But for some reason, when running Android, it doesn't work.
Hope to receive your reply soon
How can we do terminal authentication with the Android device? I have private key and certificate to do terminal authentication but don't know how to set parameter to doEACTA?
Anyone knows the solution please help me, thank a lot.
When I'm trying to read my passport it says "Mutual authentication failed: expected length: 40 + 2, actual length: 2 (SW = 0x6985: CONDITIONS NOT SATI...".
Is it possible to add a camera option to upload a photo of a MRZ or scan without taking a long-term photo instead of inputting the values manually for the next edition of the app?
Can ı Check Active Authentication ?
After Active Authentication, challenge and response values are returned.
Can I control later using this data?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.