1、 ETSI TR 103 200 V1.1.1 (2011-09) Methods for Testing and Specification (MTS); ePassport Readers Interoperability Support; Framework for Developing Conformance Test Specifications floppy3Technical Report ETSI ETSI TR 103 200 V1.1.1 (2011-09) 2Reference DTR/MTS-00126 ePassFwk Keywords conformance, in
2、teroperability, testing, TTCN ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies
3、 of the present document can be downloaded from: http:/www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PD
4、F). In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status
5、of this and other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except a
6、s authorized by written permission. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2011. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit of its Membe
7、rs. 3GPPTM and LTE are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TR 103 200 V1.1.1 (2011-09) 3Contents Intellectual Property Rights 6g3Foreword . 6
8、g31 Scope 7g32 References 7g32.1 Normative references . 7g32.2 Informative references 7g33 Definitions and abbreviations . 8g33.1 Definitions 8g33.2 Abbreviations . 8g34 Electronic Passport Overview 9g34.1 Introduction 9g34.2 Data integrity (passive authentication) . 10g34.3 Active authentication (A
9、A) 10g34.4 Basic Access Control (BAC) 11g34.5 Extended Access Control (EAC) 11g34.5.1 Terminal authentication 11g34.5.1.1 Chip authentication . 13g34.6 Inspection system definition . 13g34.7 Use Cases: Example of EAC Message flows . 14g34.8 Automatic Interface 16g35 Test Suite Structure (TSS) 16g35.
10、1 Structure for ePassport Inspection System tests . 16g35.2 Test groups . 17g35.2.1 Root 17g35.2.2 Groups 17g36 Test Purposes (TP) . 17g36.1 Introduction 17g36.1.1 TP definition conventions . 17g36.1.2 TP Identifier naming conventions . 17g36.1.3 Rules for the behaviour description 18g36.1.4 Sources
11、 of TP definitions 18g36.2 Test purposes for ePassport Inspection System 18g36.2.1 ISO7816_A . 18g36.2.2 ISO7816_B . 19g36.2.3 ISO7816_C . 20g36.2.4 ISO7816_D . 21g36.2.5 ISO7816_E . 22g36.2.6 ISO7816_F 25g36.2.7 LDS_A 26g36.2.8 LDS_B 27g36.2.9 LDS_C 28g36.2.10 LDS_D 30g36.2.11 LDS_E 32g36.2.12 LDS_
12、F 33g36.2.13 LDS_G 34g36.2.14 LDS_H 35g36.2.15 LDS_I . 42g37 Abstract Test Method (ATM) . 43g37.1 Abstract protocol tester 43g37.2 Test configuration. 43g37.3 Test architecture . 44g37.3.1 Codec 44g3ETSI ETSI TR 103 200 V1.1.1 (2011-09) 47.3.2 Platform adapter 46g37.3.2.1 Management external functio
13、ns 46g37.3.2.2 Security external functions 47g37.3.2.3 File external functions . 48g37.3.3 System adapter 50g37.4 Ports and Abstract Services Primitives . 51g37.4.1 Primitives of MrtdPort 51g37.4.2 Primitives of MgmtPort 52g38 ATS conventions 52g38.1 Testing conventions 52g38.1.1 Initial state 52g38
14、.1.2 Final state 52g38.2 Naming conventions . 52g38.2.1 General guidelines 52g38.2.2 ePassport specific TTCN-3 naming conventions 53g38.2.3 Usage of Log statements . 54g38.2.4 Test Case identifiers 54g38.3 PIXIT 55g38.4 Online documentation 55g39 Validation Report . 56g39.1 First Validation Campaign
15、 . 56g39.1.1 Introduction. 56g39.1.2 Evaluation Notes . 57g39.1.3 Validation of Certificates 62g39.1.4 Validation of PA certificates . 62g39.1.5 Validation of TA certificates 64g39.1.6 Graphical documentation 66g39.1.7 Conclusion 69g39.2 Second Validation Campaign . 70g39.2.1 Introduction. 70g39.2.2
16、 Evaluation Notes . 71g39.2.3 Graphical documentation 73g39.2.4 Conclusion 75g39.3 Third Validation Campaign 75g39.3.1 Introduction. 75g39.3.2 Graphical documentation 80g39.3.3 Conclusion 82g39.4 Final Validation Campaign. 83g39.4.1 Introduction. 83g39.4.2 Evaluation of configuration files 83g39.4.3
17、 Validation of the PA certificates . 89g39.4.4 Validation of the TA certificates . 90g310 Lab Procedure 92g310.1 Test bed description 92g310.1.1 Hardware description 92g310.1.2 Software description . 93g310.2 Test Execution procedure . 94g310.2.1 IUT Configuration 94g310.2.2 Test System Configuratio
18、n . 95g310.2.3 Test Execution 100g310.2.4 Test Reporting 102g3Annex A: TTCN-3 library modules 105g3A.1 Electronic annex, zip file with TTCN-3 code 105g3A.2 Electronic annex, zip file with HTML documentation . 105g3Annex B: Partial PIXIT proforma for ePassport 106g3B.1 Identification summary. 106g3ET
19、SI ETSI TR 103 200 V1.1.1 (2011-09) 5B.2 ATS summary 106g3B.3 Test laboratory 106g3B.4 Client identification 106g3B.5 SUT 107g3B.6 Protocol layer information 107g3B.6.1 Protocol identification 107g3Annex C: PCTR Proforma for ePassport 108g3C.1 Identification summary. 108g3C.1.1 Protocol conformance
20、test report 108g3C.1.2 IUT identification . 108g3C.1.3 Testing environment . 108g3C.1.4 Limits and reservation 109g3C.1.5 Comments. 109g3C.2 IUT Conformance status 109g3C.3 Static conformance summary . 109g3C.4 Dynamic conformance summary 109g3C.5 Static conformance review report . 110g3C.6 Test cam
21、paign report 111g3C.7 Observations . 112g3History 116g3ETSI ETSI TR 103 200 V1.1.1 (2011-09) 6Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available
22、 for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (h
23、ttp:/ipr.etsi.org). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, esse
24、ntial to the present document. Foreword This Technical Report (TR) has been produced by ETSI Technical Committee Methods for Testing and Specification (MTS). ETSI ETSI TR 103 200 V1.1.1 (2011-09) 71 Scope The present document provides the Test Suite Structure and Test Purposes (TSS The Testing and T
25、est Control Notation version 3; Part 1: TTCN-3 Core Language“. i.2 BSI Technical Guideline TR-03110 1.11: “Advanced Security Mechanisms for Machine Readable Travel Documents - Extended Access Control (EAC)“. i.3 BSI TR-03105-5 1.1: “ePassport Conformity Testing - Test plan for ICAO compliant inspect
26、ion systems with EAC“. i.4 ICAO Document 9303, Edition 6, Part 1, Part 2 and Part 3. i.5 AIS Version 1.1: “ICAO Compliant Inspection Systems With EAC Conformity Testing - Automatic Interface Specification“. i.6 ETSI ETS 300 406: “Methods for Testing and Specification (MTS);Protocol and profile confo
27、rmance testing specifications; Standardization methodology“. i.7 ISO/IEC 9646-1: “Information technology - Open Systems Interconnection - Conformance testing methodology and framework - Part 1: General concepts“. i.8 ISO/IEC 9646-2: “Information technology - Open Systems Interconnection - Conformanc
28、e testing methodology and framework - Part 2: Abstract Test Suite specification“. i.9 ISO/IEC 9646-7: “Information technology - Open Systems Interconnection - Conformance testing methodology and framework - Part 7: Implementation Conformance Statements“. i.10 ETSI ETR 266: “Methods for Testing and S
29、pecification (MTS); Test Purpose style guide“. ETSI ETSI TR 103 200 V1.1.1 (2011-09) 8i.11 ISO/IEC 9646-6 (1994): “Information technology - Open Systems Interconnection - Conformance testing methodology and framework - Part 6: Protocol profile test specification“. i.12 ISO/IEC 7816-4: “Identificatio
30、n cards - Integrated circuit cards: Organization, security and commands for interchange“. i.13 ISO/IEC 14443: “Cartes didentification - Cartes circuit(s) intgr(s) sans contact - Cartes de proximit“. i.14 ISO/IEC 9796-2: “Information technology - Security techniques - Digital signature schemes giving
31、 message recovery - Part 2: Integer factorization based mechanisms“. i.15 ISO/IEC 15946: “Information technology - Security techniques - Cryptographic techniques based on elliptic curves“. i.16 ANSI X9.63: “Public Key Cryptography for the Financial Services Industry, Key Agreement and Key Transport
32、Using Elliptic Curve Cryptography“. i.17 IETF RFC 3278: “Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS)“. 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the terms and definitions given in ISO/IEC 7816-4 i.12, BSI T
33、echnical Guideline TR-03110 1.1 i.2, BSI TR-03105-5 1.1 i.3 and ICAO 9303 i.4, Part 1 Vol.2 apply. 3.2 Abbreviations For the purposes of the present document, the following abbreviations apply: AA Active Authentication AIP Advanced Inspection Procedure APDU Application Protocol Data Unit ASP Abstrac
34、t Services PrimitivesATM Abstract Test Method ATS Abstract Test Suite BAC Basic Access Control BHT Biometric Header Template CA Chip Authentication C-APDU Command APDU CAR Certificate Authority Reference CCSCA Country Signing Certificate Authority Certificate CDS Document Signer Certificate CMS Cryp
35、tographic Message Syntax CRL Certificate Revocation List CSCA Country Signing Certification Authority CV Card Verifiable CVCA Country Verifying Certification Authority DG Data Group DH Diffie-HellmanDV Document Verifier DVCA Document Verifying Certification Authority EAC Extended Access Control ECDH
36、 Elliptic Curve Diffie-Hellman ECDSA Elliptic Curve Digital Signature Algorithm IS Inspection System IUT Implementation Under Test ETSI ETSI TR 103 200 V1.1.1 (2011-09) 9LDS Logical Data Structure MAC Message Authentication Code MRP Machine Readable Passport MRZ Machine Readable Zone MTC Main Test C
37、omponent OID Object IDentifier PA Passive Authentication PKI Public Key Infrastructure R-APDU Response APDU RSA Rivest-Shamir-Adleman SHA Secure Hash Algorithm SIP Standard Inspection Procedure SOD Document Security Object SSC Send Sequence Counter SUT System Under Test TA Terminal Authentication TC
38、 Test Case TSS Test Suite Structure WSQ Wavelet Scalar Quantization 4 Electronic Passport Overview 4.1 Introduction The difference between a traditional passport and an electronic passport (ePassport) is the embedded chip with contactless interface (and the electronic passport logo on the front cove
39、r). According to i.4 the location of the contactless integrated circuit with its associated antenna in the MRP is at the discretion of the issuing State. States should be aware of the importance of the need for the contactless IC to be protected against physical tampering and casual damage including
40、 flexing and bending. (e.g. see Figure 1). The chip is a contactless smart card compliant to the ISO/IEC 14443 i.13 standard (both variants - A and B - are allowed). Technology based on ISO/IEC 14443 i.13 is designed to communicate over distance up to 10 cm and supports also relatively complex crypt
41、ographic chips and permanent memory of kilobytes or megabytes. Here it differs from many other RFID technologies that are capable to communicate over longer distances, but do not support more complicated operations other than sending a simple identification bitstring. Higher communication layer is b
42、ased on classical smart card protocol ISO/IEC 7816-4 i.12 (i.e. commands like SELECT AID, SELECT FILE and READ BINARY are used). Figure 1: Directly visible contactless chip and antenna in UK passports ETSI ETSI TR 103 200 V1.1.1 (2011-09) 10The data in electronic passports are stored as files (eleme
43、ntary files in the smart card terminology) in a single folder (dedicated file). Up to 16 data files named as DG1 to DG16 (DG for Data Group) can hold the data. DG1 contains the data from the machine-readable zone (i.e. nationality, first name, surname, passport number, issuing state, sex, birth date
44、, validity date, and optional data - for example a personal number), DG2 contains the photo of the passport holder (in JPEG or JPEG2000 and some additional metadata). DG3 is dedicated for fingerprints, DG4 may contain iris image. Remaining data groups contain information about the holder, issuing in
45、stitution or passport itself. Two or three additional files with metadata are also present. The file EF.COM contains a list of available data groups (and the information about versions used) and the file EF.SOD contains the digital signature of the data. EF.CVCA file may contain the name of the trus
46、tpoint used for the access control to sensitive biometric data. The files EF.COM, EF.SOD, DG1 and DG2 are mandatory for all electronic passports. The data groups DG3 and DG14 have been made mandatory in the EU countries after 28thJune 2009. All other data groups are optional. 4.2 Data integrity (pas
47、sive authentication) Data integrity of the stored information is protected by a digital signature available in the EF.SOD file. The file uses the SignedData structure of the CMS (Cryptographic Message Syntax) standard. The PKI hierarchy has a single level. Each country establishes its own CSCA (Coun
48、try Signing Certificate Authority), which certifies bodies responsible for issuing the passports (e.g. the state printers, embassies etc.). These bodies are called Document Signers. Data in the passport are then signed by one of these Document Signers. To verify signatures, the CSCA certificate of t
49、he issuing country needs to be available and its integrity guaranteed. The certificate of the Document Signer is either directly stored in the passport (in the certificate part of the SignedData structure - and this is mandatory in the EU) or is obtained from other sources (the issuing country, the ICAO public key directory, etc.). The signed data is a special structure containing hashes of all present datagroups in the passport. Integrity of each file can be verified separately (i.e. first the digital signa
