PCD side exception in key agreement step (step: 3)

ICAO ePassport API and application

Brought to you by: martijno, ronnyws

#71 PCD side exception in key agreement step (step: 3)

Milestone: v1.0_(example)

Status: open

Owner: nobody

Labels: None

Priority: 7

Updated: 2022-10-20

Created: 2022-10-20

Creator: Anonymous

Private: No

Hello

I am Working with this library version org.jmrtd:jmrtd:0.7.35 and a german passport from 2021.

In the function checkStatusWordAfterFileOperation of the file ReadBinaryAPDUSender.java in the line
short sw = (short)responseAPDU.getSW();
I get the number 26624.

It seems that this number is not matching to any of the ISO7816 defined values. So, it ends in this error.

E/PassportNFCManager: org.jmrtd.CardServiceProtocolException: PCD side exception in key agreement step (step: 3)
at org.jmrtd.protocol.PACEProtocol.doPACEStep3ExchangePublicKeys(PACEProtocol.java:618)
at org.jmrtd.protocol.PACEProtocol.doPACE(PACEProtocol.java:300)
at org.jmrtd.protocol.PACEProtocol.doPACE(PACEProtocol.java:205)
at org.jmrtd.PassportService.doPACE(PassportService.java:438)
at ch.fidentity.nfc.data.service.PassportNFCManager.doPACE(PassportNFCManager.kt:168)
at ch.fidentity.nfc.data.service.PassportNFCManager.establishConnection(PassportNFCManager.kt:46)
at ch.fidentity.nfc.data.service.PassportNFCService$readMRTDData$2.invokeSuspend(PassportNFCService.kt:29)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106)
at kotlinx.coroutines.internal.LimitedDispatcher.run(LimitedDispatcher.kt:42)
at kotlinx.coroutines.scheduling.TaskImpl.run(Tasks.kt:95)
at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:570)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:749)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:677)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:664)
Caused by: java.lang.RuntimeException: error:0f00007b:elliptic curve routines:OPENSSL_internal:UNKNOWN_GROUP
at com.android.org.conscrypt.NativeCrypto.EVP_marshal_public_key(Native Method)
at com.android.org.conscrypt.OpenSSLECPublicKey.getEncoded(OpenSSLECPublicKey.java:93)
at org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey.equals(Unknown Source:51)
at org.jmrtd.protocol.PACEProtocol.doPACEStep3ExchangePublicKeys(PACEProtocol.java:610)
at org.jmrtd.protocol.PACEProtocol.doPACE(PACEProtocol.java:300)
at org.jmrtd.protocol.PACEProtocol.doPACE(PACEProtocol.java:205)
at org.jmrtd.PassportService.doPACE(PassportService.java:438)
at ch.fidentity.nfc.data.service.PassportNFCManager.doPACE(PassportNFCManager.kt:168)
at ch.fidentity.nfc.data.service.PassportNFCManager.establishConnection(PassportNFCManager.kt:46)
at ch.fidentity.nfc.data.service.PassportNFCService$readMRTDData$2.invokeSuspend(PassportNFCService.kt:29)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106)
at kotlinx.coroutines.internal.LimitedDispatcher.run(LimitedDispatcher.kt:42)
at kotlinx.coroutines.scheduling.TaskImpl.run(Tasks.kt:95)
at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:570)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:749)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:677)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:664)
E/BaseViewModel$special$$inlined$CoroutineExceptionHandler: net.sf.scuba.smartcards.CardServiceException: Error occured, CAPDU = 00A4040C07A0000002471001, RAPDU = 6800 (SW = 0x6800: Unknown)
at org.jmrtd.protocol.ReadBinaryAPDUSender.checkStatusWordAfterFileOperation(ReadBinaryAPDUSender.java:254)
at org.jmrtd.protocol.ReadBinaryAPDUSender.sendSelectApplet(ReadBinaryAPDUSender.java:58)
at org.jmrtd.PassportService.sendSelectApplet(PassportService.java:350)
at ch.fidentity.nfc.data.service.PassportNFCManager.doPACE(PassportNFCManager.kt:177)
at ch.fidentity.nfc.data.service.PassportNFCManager.establishConnection(PassportNFCManager.kt:46)
at ch.fidentity.nfc.data.service.PassportNFCService$readMRTDData$2.invokeSuspend(PassportNFCService.kt:29)
at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:33)
at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:106)
at kotlinx.coroutines.internal.LimitedDispatcher.run(LimitedDispatcher.kt:42)
at kotlinx.coroutines.scheduling.TaskImpl.run(Tasks.kt:95)
at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:570)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.executeTask(CoroutineScheduler.kt:749)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.runWorker(CoroutineScheduler.kt:677)
at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:664)

Do you see directly that there is something wrong or could it be that this is not handled yet in the library?

Discussion

Anonymous

PCD side exception in key agreement step (step: 3)

ICAO ePassport API and application

Group

Searches

Help

#71 PCD side exception in key agreement step (step: 3)

Discussion