I'm working on a project where a mobile app has to communicate with ePassport via NFC. We have to pull out just the basic data about users like first and last name, DOB, photo, etc. After reading similar posts, reading the specs on icao.int and the code of the library pyPassport, I'm still not sure what should be the first APDU command to be sent to ePassport. How to begin?
According to what I've read, it looks like it should be get challenge command 00 84 00 00 08 (somewhere is B4 instead of 84), but unfortunately I always get 63 00 response (no information given).
I know that before getting the data, I need to do the BAC. I saw the examples in the spec from above and I think I could code the BAC, but how to get to it? Does anybody know the flow/steps of how to begin and which authentification needs to be done (passive/active)?
I'm not exactly sure why you got 6300 response but I think it is because the epassport application is not yet selected. I could be wrong though.
BAC is the combination of GET CHALLENGE (00 84 00 00 08) and EXTERNAL AUTHENTICATE commands. You only need BAC authentication in order to read basic passport holder info.
Here is the sequence of commands you need to send to read data from a passport:
I can provide more details if needed. But for the meantime, you may also refer to ICAO Doc 9303, Machine Readable Travel Documents Part 3 Volume 2 for BAC specifications.