forked from AndyQ/NFCPassportReader
-
Notifications
You must be signed in to change notification settings - Fork 0
/
CHANGELOG
186 lines (155 loc) · 10.3 KB
/
CHANGELOG
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
v1.0.11
TagReaader starts off trying to read arbitary data amounts, however this can fail on some passports which
seem to need an explicit length so in this case, when we get a failure, fall back to reading smaller specific
amounts - Thanks for @douglasg for reporting and testing and @SaliienkoAleksandr for testing this.
V1.0.10
Added ability to customise the mesasges displayed in NFCReaderSession View - Thanks to @danydev for PR 41
V1.0.9
Add better error handling on different session invalidation error conditions - Thanks to @danydev - PR 39
v1.0.8
Changed readingBinary data use 256 (0x100) instead of an expected read amount - this tells the reader that an arbitrary long chunk of data is expected in response. Thanks to @maxxx777 for this
Made DataGroup fields publicly readable (after review of PR 38 by @danydev)
Adds SHA384 support for calculating DataGroup Hashes - Thanks to @maxxx777 for PR 37
V1.0.7
Change to allow direct access to the underlying DataGroups through read only property dataGroupsRead
Changed public properties on MFCPassportModel to read only (private set)
Renamed readDataGroups to dataGroupsAvailable and changed from [String] to [DataGroupId]
Made getName() and getIDFromName() on DataGroupId public
Fixed some logging
V1.0.6
Change so that SOD hashes are always extracted (if SOD is present) and checked even if no master list set
V1.0.5
Fixes for Active Authentication and encoding of Le in DO97 - thanks to @smlu for this.
Minor SwiftUI fixes for the example app
Better handling of wrong length (hopefully)
V1.0.4
So, turns out some passports can't send 255 bytes of data in one go, so if we get a wrong length error
then reduce the amount of data we are attempting to read
V1.0.3
PassportReader now handles DG not found
Only tries to read DG's that are available
Now defaults to not even attempting to read DataGroups 3 & 4 (as Extended Access Control required and this
isn't implemented (you can force the read if you want by setting skipSecureElements to false on the
readPassport call.
V1.0.2
Sample app now has an icon (passport image from FontAwesome)
Sample app date fields now includes date format in placeholder text
Previous fix for handling errors in DG elements didn't quite work if elements came in the wrong order
Hopefully this will - thanks to maxxx777 for his help with this
V1.0.1
Added OS_ACTIVITY_MODE = disabled to Example project scheme to hide internall CoreNFC Logging
Fixed bug where specific data groups were requested to be read but COM overrode this and caused everything to be read
Fixed bug where if DG3 element came last (which we can't read due to security), then the entire passport read failed
V1.0.0
Considered stable enough to release properly
V0.0.13
Updated README with new supported features
Removed tests folder as they have been moved into the Example Project
Removed old Passport model (NFCPassportModel replaces it)
Detail view now shows more information on verification status of passport
Datagroups 11, 12, and 15 now implemented (DG14 has stub but data not parsed yet)
Datagroup 15 only parses out an ECDSA public key (RSA still to be done)
Passive Authentication now properly verifies the SOD data is correctly signed by the Document Signing Certificate
Passive Authentication now checks all read data group hashes
Now supports Active Authentication - ONLY for ECDSA certificates in DG15
PassportReader now show progress when reading
Will re-try up-to 3 times to read passport fields (to reduce failed reads), and also attempts to re-establish BAC if we get an error whilst reading
Added Tests back in to Example project
V0.0.12
Removed old version of getSignedDataFromPKCS72
Changed getSignedDataFromPKCS7 to verifyAndGetSignedDataFromPKCS7
Updated above method to use CMS (PKCS7) for verifying the contents of the SOD rather than just dumping the contents
out (which previously was the case). The PKCS7_Verify function used only supports PKCS7 V1.5 not the new formats (e.g. RSA-OAEP signed messages)
NOTE -if the contents can't be verified then an exception is now returned rather than just returning the non-verified signed data.
Fixed a bug with display of Tampered data in the sample app
Fixed a feature where I was only reading out DG1 in the sample app
V0.0.11
Major (breaking) changes (sorry)
Restructured a lot of functionalilty - see sample app
LDS and Unicode Version now correctly parsed
MRZ element correctly stored
Certificates extracted and stored
Updated NFCPassportModel to have properties that return data in more meaningful form
e.g. documentNumber, name, documentSigningCertificate, countrySigningCertificate (if found)
Moved PassiveAuthentication into NFCPassportModel and can be done automatically as passport is read
PassportReader now accepts an optional URL to masterlist (currenrly needs to be either included in app bundle or downloaded onto device)
If masterlist url is present, PassiveAuthentication is done as part of passport read.
Added new X509Wrapper class that wraps up an OpenSSL X509 certificate and can extract elements from it.
V0.0.10
Added missing parameter
Removed passiveAuthentication from Example app
Fixed bug where model changes weren't correctly sent to SwiftUI
Bitcode disabled as doesn't compile properly without it!
Removed Package.swift
Merged in ChristianNorbertBraun's patch for Cocoapod support
Added JPEG2000CodestreamButmap header check when parsing DG2 (thanks to stack1overflow for finding and reporting this)
V0.0.9
Added check for openssl supporting the cms command
Updated sample app to work with to iOS 13 Beta 8 and XCode 11 Beta 6
V0.0.8
Updated with iOS 13 Beta 4 changes
Merge pull request #8 from haydarKarkin/master
Fix that getting MRZ type for ID cards
Removed included OpenSSL C code
Ported above C code over to Swift and reduced to only what was needed
Added .gitattributes files to make project as swift
Added additional troubleshooting information for when Mutual Authentication fails due to invalid MRZKey
Merge pull request #4 from WooD1k/bugfix/textfield-deprecated-placeholder-init
TextFields are using deprecated at iOS 13 beta 3 init
Merge pull request #3 from WooD1k/bugfix/content-view-visibility
The main screen of the app is not shown at iOS 13 beta 3
Use TextField's init without a placeholder property as it's deprecated at iOS 13 beta 3
Use UIWindow(windowScene:) instead of UIWindow(frame:) at SceneDelegate
Removed storyboard from Info.plist
V0.0.7
Passport is now NFCPassportModel as the passportMRZ now actually returns just the MRZ data rather than all the elements. There is now a passportDataElements which returns these properly.
Changed MRZ element key - to 5B rather than 5F5B so it now correctly matches the spec!
Sample app is back in SwiftUI and fairly well updated (I had some time to properly dive in!)
Passive Authentication is now done automatically when the passport is read.
Passive Authentication has been split up into the two seperate stages (each one can be done independently - so you can check of a passport is signed by a valid trusted certificate (from a master list), and then whether that data has been tampered with.
Moved some code around
V0.0.6
PassiveAuthentication now throws errors with better details as to why validation failed rather than just returning true/false
Added script to create a masterList.pem file from either the ICAO PKD repositry masterlists (LDIF) or a country masterlist CMS file
Added docs for above script
Added test masterList.pem file which WONT validate anything
Updated app readme
Reverted back to plain UIKit because I'm not ready to focus on that yet!
Refactored PassportReader slightly - fixed some bugs and moved out Passport to its own model
You'll note its not using CocoaPods because I'm including OpenSSL! I was going to use the Perfect-COpenSSL SPM Package but not too happy with that licence! Instead using Marcin Krzyżanowski's OpenSSL-Universal Pod - hopefully this will become a Swift Package at some point
Added Passive Authentication! Its included as part of the Sample App for reasons. Ideally this should be its own SPM/Pod but not got round to that yet!
It uses the Apps code from OpenSSL for the crypto stuff and as such is a bit (very) janky but it works
You need to manually add your own masterList.pem file which is a single file of all the unique PEMS in the master list - instructions will be coming soon!
Fixed Error handling - missed off error check when passport lost connection
Small cleanup of unused code
V0.0.5
If an error was sent from the passport whilst reading, the Error now includes a readable reason for that error
Refactored main UI slightly
Added ability to lookup errors received from the passport - currently just prints to logs not returned yet
Moved Sample app UI over to SwiftUI
V0.0.4
Implemented parsing for DG2, DG7 and COM data groups (inc tests)
Changed PassportReader to take in which data groups you wish to read and will read those
PassportReader now pulls data from parsed data groups
Added DataGroup2 Parsing and tests
Changed TagError - corrected case for NoConnectedTag and added two new errors
Renamed DataGroup to DataGroupId and DGMap to DataGroupToFileIdMap due to collision with new DataGroup parsing classes
Changed type of asn1Length to int rather than UInt64
Added DataGroupParsing - currently only DG1 parsed out
Added additional tests
V0.0.3
Renamed log to Log
Added some initial tests
Removed bridging header - no longer required now
V0.0.2
Updated Readme's
V0.0.1
Fixed url to point to master for SPM
Refactored for Swift Package Manager
Refactored code slighty to make it simpler to use
PassportReader now does all the NFC stuff
Just need to call passportReader.readPassport(mrzKey:, completed:) to do the scan
Started preparations for packaging
Initial version - working
Supports Basic Access Control and SecureMessaging
Reads DG1 (MRZ) and DG2 (image) - in both JPEG and JPEG2000 formats