Ave's tech notes

This is a list of quirks I spotted on eMRTDs that I'm posting to try and help out anyone else who is trying to parse them. It's a list I will continue updating, probably.

As I've spotted these while implementing hf emrtd set of commands on Proxmark3, they're all fixed there.

Authentication protocol

• Really old Belgian passports don't enforce any authentication.
• German Personalausweises, even those issued before 2018, enforce PACE. They do not, however, contain the chip inside icon at the time of writing (though they will get it on August 2021).
• German Aufenhaltstitels, even those issued before 2018, enforce PACE. They DO have the chip inside icon, and had them while enforcing PACE all the way back to 2015.

MRZ and EF_DG1 (TD3 – Passport Size)

• For the optional field, some countries use a number even if it is empty (all <), and some use <. (CH etc)
• Germany uses D for country code (D<< on MRZ) instead of DEU. This is the only instance where a country code deviates from ISO 3166-1 alpha-3. (This is also documented on ICAO 9303 p3 Edition 7 and German Passport Act Law.)

Note: ICAO 9303 p3 Edition 8 does not properly reflect this, and this is likely a drafting error. I have contacted ICAO about this.

MRZ and EF_DG1 (TD1 – ID Size)

• Old (2017) Turkish IDs use German-style ascii-ification while new ones (2018 and after) don't. (2017: OEZDIL, 2018 and after: OZDIL)
• Turkish IDs have one preceding < before the ID number on optional field (<1234568902<<<).
• Germany uses D for country code (D<< on MRZ) instead of DEU. This is the only instance where a country code deviates from ISO 3166-1 alpha-3. (This is also documented on ICAO 9303 p3 and German Passport Act Law.)

EF_DG11

• Belgian (and french?) passports have some tags with len=0, specifically on localized names (5F 0Eh) and alternative names (5F 0Fh under A0h).
• Hungarian passports have non-localized names (5F 0Fh) on EF_DG11.
• Turkish IDs and Passports (pre and post NVI) have full dates of birth (5F 2Bh) as ASCII.
• Belgian and French passports have full dates of birth (5F 2Bh) as bytes.

EF_DG12

• Turkish IDs and Passports (pre and post NVI) have issuance dates (5F 26h) as ASCII (Example: 20201231 or 50 48 50 48 49 50 51 49h).
• Belgian and French passports have issuance dates (5F 26h) as bytes (Example: 20 20 12 31h).

EF_SOD

• Turkish IDs and Passports don't include 05 00h at the end of hash algorithm (on descriptors such as 06 09 60 86 48 01 65 03 04 02 01 05 00h for SHA256), while some do.
• USA Passports use 80h for field length of the main EF_SOD sequence, declaring the size as having an indefinite length as per BER.
• Different countries have different times between the document issuance date and certificate start date, between the document expiry date and the certificate end date. Netherlands seems to be 3 and 6 days respectively for Netherlands, and 45 and 45 days respectively for Turkey.