Project

General

Profile

Bug #786

Recognition rule for turkish eID card is too broad

Added by Tobias Wich 10 months ago. Updated 10 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Target version:
-
Start date:
12/17/2019
Due date:
% Done:

0%

Estimated time:
Reviewer:
Build Version:

Description

The rule for detecting the Turkish eID card is based on the existence of the DF.CIA file specified in ISO/IEC 7816-15, Sec. 7.5.5.
This file is very likely to exist on other cards as well, making this rule alone not suitable to precisely detect a Turkish eID card.

A more specific rule containing a unique match of data of this card is needed. This could be a successive read binary call with a match string fitting only to Turkish eID cards.

The excerpt from the recognition tree:

        <iso:CardCall>
            <iso:CommandAPDU>00A4040C0CA000000063504B43532D3135</iso:CommandAPDU>
            <iso:ResponseAPDU>
                <iso:Body>
                    <iso:MatchingData>
                        <iso:Offset>00</iso:Offset>
                        <iso:Length>00</iso:Length>
                        <iso:MatchingValue/>
                    </iso:MatchingData>
                </iso:Body>
                <iso:Trailer>9000</iso:Trailer>
                <iso:Conclusion>
                    <iso:RecognizedCardType>http://www.ekds.gov.tr/2.5</iso:RecognizedCardType>
                </iso:Conclusion>
            </iso:ResponseAPDU>
        </iso:CardCall>

History

#1

Updated by Tobias Wich 10 months ago

  • Description updated (diff)

Also available in: Atom PDF