Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add AIDs for german identity card with eMRTD application #301

Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

Add AIDs for german identity card with eMRTD application #301

wants to merge 1 commit into from

Conversation

halemmerich
Copy link

Hello,

I am trying to integrate the ACardEmulator with PersoSim(persosim.github.io) to provide an easily accessible way for using PersoSim with real terminal systems for test purposes.

This adds the AIDs used in the german electronic identity card as defined in TR-03110 v2.21 part 4 (eID,eMRTD and eSIGN) to facilitate use of the app for non technical users.

Best regards

@halemmerich
Add AIDs for german identity card with eMRTD application
44a8956 
This adds the AIDs used in the german electronic identity card as defined in
TR-03110 v2.21 part 4.
@frankmorgner
Copy link
Owner

Android still does not seem to support registering AIDs at runtime (https://developer.android.com/develop/connectivity/nfc/hce#manifest-declaration), so I guess having this hardcoded cannot be avoided, right?

Anyway, I'd like to see some setup documented, where those 3 AIDs are actually in use. Preferably, you document this setup in ACardEmulator/doc/README.txt. In particular, the AIDs in eMRTD or eID are typically only used once the application has fetched non-AID-bound data (e.g. EF.CardAccess). Thus, you would also need some special client application which SELECTs an AID from the list before sending any other APDU...

@halemmerich halemmerich marked this pull request as draft March 11, 2025 09:49
@halemmerich
Copy link
Author

Yes, that seems to be correct, I could not find a way to register AIDs dynamically as well.

There is a setup that currently can be used outside of vsmartcard. The AusweisApp does send a select and can be used with the now relatively old but still mostly working Android version of PersoSim. This combination can do a full online authentication in the test infrastructure. The aim would be to use ACardEmulator with PersoSim to have an up-to-date version of the simulation for testing. The code for letting ACardEmulator connect to PersoSim is currently in a proof-of-concept state but should be included in one of the next releases of PersoSim.

I suspect that using vicc in combination with AusweisApp and ACardEmulator could then work as well?

This use case does not currently use all three AIDs, but PersoSim has at least in some profiles data groups for the eMRTD application. I have added eSign primarily because it is defined in TR-03110 and it is included in real identity cards. PersoSim currently does not implement eSign, but it is definitely possible to do.

Creating some documentation for a working setup using AusweisApp and PersoSim should not be a problem.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@halemmerich @frankmorgner