Skip to content

Misleading chipAuthenticationStatus? #251

Description

@matthiasgeihs

chipAuthenticationStatus is set to success after doChipAuthentication() completes.

try await caHandler.doChipAuthentication()
self.passport.chipAuthenticationStatus = .success

However, doChipAuthentication(), does not seem to verify that the chip was able to derive the shared key. In fact, doChipAuthentication() does not seem to involve any communication with the chip.

I understand that doChipAuthentication() will reset the secure messaging layer so any upcoming communication will implicitly verify that the chip did derive the shared secret correctly. However, technically, this has not happened at the point when doChipAuthentication() returns.

Newer versions of Chip Authentication indeed account for that fact and include an additional step that asks the chip to authenticate a predefined message using the derived shared secret. (See, e.g., BSI_TR-03110_Part-2-V2_2.pdf, page 28-29.)

The main point I'm creating this issue is to make the authors of this repository (and the community) aware of this (potential) issue and I'd be happy to receive any statements / comments.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions