ID VERIFY SDK INTEGRATION GUIDE - Windows

**Version 4.3 **

Purpose

The ID Verify SDK is targeted to developers who want to develop an application that will verify the mobile driving license. The ID verify SDK is based on the ISO 18013-5. The purpose of this guide is to show the necessary steps to configure a sample application to test the SDK and to guide the developers to integrate the SDK with the application that they are developing

Release Notes

SDK is compatible with MID for Android & iOS
Device Engagement using QR Code
Data Transfer using BLE Mode
- Central/Client
- Peripheral/Server
Reader Authentication is supported
Load IACA Certificates from App or from a Directory
Agnostic Scan (QR/PDF417)
2D-2D Rendering (Generate PDF417 Barcode from scanned PDF417 AMWAA data)
IsDebugable flag is implemented
All request parameters can be selected from App.
Custom Namespace and custom fields support
Multi Doc support as per N1818
Intent to retain in Request
Tagging certificate with Not for Official use is removed
Supports .pem, .crt & .der formats for IACA certificates.
Supports Elliptic Curve P-256, P-384 & P-521
Supports multiple request in single session
Multi Request in a single session
Supports .pem, .crt & .der formats for IACA certificates.
Added support for Elliptic Curves P-384 and P-521 for ECDH(Key Agreement-DH) and ECDSA.
Supports ISO 18013-5, draft version N1677, N1818, N1938 and N1985
Support NFC Static Handover using D-logic's NFC Device
Support NFC Negotiated Handover using D-logic's NFC Device
NFC Support for Curve P-384 & P-521
Support for AAMVA 1.1
NFC Agnostic Scan
CRL and validation policy support
Implemented callback for downloading CRL data from the integrators application
ISO Amendment: ReaderAuthAll for N2448 (v1.1 Draft7)
ISO Amendment: Device Engagement 1.1 for N2448 (v1.1 Draft7)

Additions and updates

Load Vical API implementation with use-case.
CRL Data download on SDK.
MSO Revocation status verification.
Support for chain validation of certificate for Readerauth.

Supported ISO Version

ISO Version	Supported
N2448 (v1.1 Draft7)	Yes
N1985	Yes
N1938	Yes
N1818	Yes
N1677	Yes

Elliptic Curve Support

Operation	Curve	Specification	Curve Identifier
ECDH/ECDSA	P-256	FIPS-PUB 186-4	IANA COSE Registry
ECDH/ECDSA	P-384	FIPS-PUB 186-4	IANA COSE Registry
ECDH/ECDSA	P-521	FIPS-PUB 186-4	IANA COSE Registry

Prerequisites

Skills Required

To integrate the SDK the developer should have knowledge of following:

C#
UWP framework ver#16299 and above in Visual Studio 2017 and above

Resources Required

The tools required are:

Windows 10 v1703 or higher
Visual Studio 2017 Getting Started With Sample ID Verify SDK
Webcam on PC
Bluetooth on PC
For testing SDK a Smartphone (iOS/Android) with mID application.
The SDK supports only 64 bit Application

Sample TestApp

Download from mi-artifactory: https://mi-artifactory.otlabs.fr/artifactory/verify-sdk-windows-release/com/idemia/idverify/windows

Getting Started With Sample ID Verify SDK

Steps to test the sample application

Prerequisite
- The User should have Administrator privileges
- The User should be in the Developer Mode
- The current implementation uses Webcam for QR Scanning and BLE for data transfer. So, a Webcam and Bluetooth is must for executing the sample application and using SDK.
The sample application will be provided as zip file consisting of following files:
- Add-AppDevPackage.resources
- Dependencies
- Add-AppDevPackage.ps1
- VerifySDK_App_x.x.x.0_x86.appxbundle
- VerifySDK_App_x.x.x.0_x86.appxsym
- VerifySDK_App_x.x.x.0_x86.cer
- VerifySDKDlls (Folder containing all the Dlls)
After extracting the files open Windows PowerShell as administrator and go to the folder location of the unzipped files.
Then give the command .\Add-AppDevPackage.ps1
This will show a progress bar and after installation following message will appear: Success: Your app was successfully installed.
An application by name of ID.X Verify will be installed on the system.
When the ID.X Verify app is executed then a UI page will appear with title Create New Namespace.
On this page to enter Multiple Doc first enter data in N1818: Enter Doc Type then in Enter Namespace and in the last in Enter Fields for the Namespace. For the fields make sure that fields are seperated by comma (,). Click Add Fields.
For ISO N1818 and above only select Set Retain Intent and then to set the Intent to Retain to True check the boxes corresponding of fields in Intent to Retain Fields.
Select the fields that needs to be added into the request by checking the fields and then clicking Add Selected Fields
For the same Doc Type to add more namespaces and their fields just enter new namespace name in Enter Namespace and fields in Enter Fields for the new Namespace seperated by comma (,).
Once done adding new Doc Type and namespaces click Next Page.
Custom namespace page can be accessed using the button Custom Namespace Page
Select the fields and then click Set Retain Intent. List of all the selcted fields will be displayed in Retain Intent, check the box for which user want Intent to Retain to be True, by default it is false.
For N1901/N1938 "given_name_national_character" & "family_name_national_character" is added in the fields.
For using NFC add files uFCoder-x86.dll & uwp-serial-x86.dll in the Application project. After adding the files change their properties and mark property Build Action as Content.
These files are present in the VerifySDKDll\Dlls folder of the TesteApp.
Under NFC Option check Static Handover for Device Engagement using Static Handover or check Negotiated Handover for Device Engagement using Negotiated Handover.
Both Static Handover & Negotiated Handover options can't be selected. Only one can be selected.
For multiple request in single session select Multiple Request
To disconnect from a connected device during multiple request select Disconnect Device.
Currently this application only supports Device Engagement using QR. So, for QR scanning a webcam is used.
A mobile device (iOS or Android) will be need with installed mID application for performing this test.
On the mobile start the application in Peripheral mode and generated the QR code.
To check condition that age is over a certain value, select a value from Age Over NN
Select Is Debugable to yes when the user wants to display the logs on the Visual Studio's output screen. On enabling it Transaction Time will also be displayed.
When barcode is PDF417 then Age Over NN response will be based upon calculating age. If the barcode is QR then the whatever response is received from MobileID will be shown.
To force the download of the CRL Force Download CRL should be set to Yes. Default it is set to No.
The time to download CRL can be changed by setting the time value in seconds in the field CRL Download Time (Sec). By default the value is set to 0 and in this case SDK takes 3 seconds to try and download the CRL.
Fields for request can be selected from the list as shown below. Following fields will be there for selection, some fields will change as per the ISO version:
- "RealID"
- "family_name"
- "given_name"
- "birthdate"
- "issue_date"
- "expiry_date"
- "issuing_country"
- "issuing_authority"
- "driving_privileges"
- "portrait"
- "mgmt_lastupdate"
- "mgmt_validity"
- "online_token_xxxx"
- "administrative_number"
- "gender"
- "height"
- "weight"
- "eye_color"
- "hair_color"
- "birthplace"
- "resident_address"
- "portrait_capture_date"
- "age_in_years"
- "age_birth_year"
- "age_over_NN"
- "issuing_jurisdiction"
- "nationality"
- "resident_city"
- "resident_state"
- "resident_postal_code"
- "biometric_template_xx"
- "name_nat_char"
- "mgmt_nextupdate"
Fields for AAMVA 1.1 and above, can be selected from the list as shown below.
- "domestic_driving_privileges"
- "name_suffix", "audit_information"
- "organ_donor", "veteran"
- "aamva_version"
- "family_name_truncation"
- "given_name_truncation"
- "aka_family_name"
- "aka_family_name.v2"
- "aka_given_name"
- "aka_given_name.v2"
- "aka_suffix"
- "weight_range"
- "race_ethnicity"
- "DHS_compliance"
- "DHS_temporary_lawful_status"
- "EDL_credential"
- "resident_county"
- "hazmat_endorsement_expiration_date"
- "sex"
To perform the compete data transfer using QR Code click QR Scan and for NFC click NFC Scan
When using QR for the First time a popup will come asking to install a webcam from Microsoft Store
A webcam UI will popup. Scan the QR/PDF417 by placing the QR/PDF417 in the middle of the rectangle box of the UI.
For QR entire Device engagement and data transfer will take place between VerifySDK and mID.
But for PDF417 an image will be generated using the data of the scanned PDF417. The generated image will be saved by the name generatedPDF417.jpg. It is recommended to open this image using Paint
The final response will be showing in the Received Response text box.

Getting Started with App Development using ID.X Verify SDK

References Required

UWP Application -VerifySdkDll (Output Dll file of VerifySdkDll)
- Zxing.Net
- uFCoder-x86.dll
- uwp-serial-x86.dll
VerifySdkDll (Use Nuget Package Manager for installation)
- Bouncy Castle
- PeterO.Cbor
- IdParser
- Zxing.Net

Public Class Data Fields

Include namespace VerifySdkDll into the project The Class that will contain the Data for Developer is following

Language not specified
1public class VerifySDKReturn
2{	
3	public string Version = null;
4	public string IsoVersion = string.Empty; /* Version of ISO from Device Engagement */
5	public int ErrorCode = 0;
6	public Dictionary<string, int> FieldsWithError = new Dictionary<string, int>();
7	public Dictionary<string, Dictionary<string, string>> DataFields = new Dictionary<string, Dictionary<string, string>>();
8	public Dictionary<string, string> ErrorDetails = null;
9	public Dictionary<string, string> PDF417RecvData = new Dictionary<string, string>();
10	public string QRData = null;
11	public string PDF417Data = null;	
12	public Dictionary<string, string> DSCertificateInfo = new Dictionary<string, string>();
13	public bool MSOVerified = false;
14	public Dictionary<string, string> Testing = new Dictionary<string, string>();
15	public bool isPDF47Generated = false;
16	static public bool isTestingAppUsed = false;
17	public bool DeviceAuthHMACVerified = false; /* HMAC Verification of the mDL Device */
18	public bool DeviceAuthECDSAVerified = false; /* ECDSA Verification of the mDL Device */
19	public bool ValueDigestVerified = false;
20	public bool AreAllSecurityChecksPassed = false; /* Check Whether All Security Checks are Passed */
21	public ResponseAuthWithDS ResponseAuthWithDSObj = null;
22	public DomesticDrivingPrivilage DomesticDrivingPrivilageObj { get; set; } = null;  /* AAMVA 1.1 */
23	public IacaAuth IacaAuthObj { get; set; } = null; /* Certificate Authentication */
24	public MsoRevocationInfo MsoRevocationInfoObj { get; set; } = null;
25}

Description of Each Data Fields of Class VerifySDKReturn:

Version: Contains the Version of the Mobile ID
IsoVersion: Version of ISO from Device Engagement
ErrorCode: Contains the Error code returned by the Mobile ID
FieldsWithError: Contains the requested Fields against which an error code returned
DataFields: contains the valid response against the requested fields
ErrorDetails: Contains the information describing the details corresponding to the Error code received from Mobile ID
QRData: Contains the Scanned QR Code
PDF417RecvData: Parsed data from PDF417
PDF417Data: PDF417 data
DSCertificateInfo: Contains DS Certificate related information w.r.t. IACA. It contains following information
- DSCertificateVerified (Response on the validation of the Certificate)
MSOVerified: Confirms whether the MSO is verified or not
Testing: Contains data which is used in the Sequential SDK Testing. Should Not be used for Development purposed as this filed is specifically used for testing purpose
isPDF47Generated: Check whether PDF417 is generated
isTestingAppUsed: Check whether data in the testing field will be used
DeviceAuthHMACVerified: Confirm if the mDL Device is Authenticated using HMAC.
DeviceAuthECDSAVerified: Confirm if the mDL Device is Authenticated using ECDSA.
ValueDigestVerified: Check whether value digest of each received fields are verified or not.
AreAllSecurityChecksPassed: Check Whether All Security Checks are Passed
ResponseAuthWithDSObj: Object of class ResponseAuthWithDS
DomesticDrivingPrivilage: Response Object for Domestic Driving Privilage as per AAMVA 1.1
IacaAuthObj: Response Object for the Certificate Validation with Policy Updates
MsoRevocationInfoObj: Object of the MSO Revocation Class

Language not specified
1/* Enums for the Status in MSO Revocation */
2    public enum MsoRevocationStatus
3    {
4        /**
5        * indicates MSO is valid and not revoked
6        */
7        NOT_REVOKED,
8
9        /**
10        * indicates MSO has revoked
11        */
12        REVOKED,
13
14        /**
15        * Indicates MSO revocation check is unsuccessful due to any of below reasons.
16        *
17        * PAYLOAD_EXPIRED,
18        * SIGNATURE_MISMATCH,
19        * ROOT_CERT_MISMATCH,
20        * PAYLOAD_NOT_VALID,
21         */
22        UNSUCCESSFUL,
23
24        /**
25        * MSO revocation status check is not enabled by integrator
26        */
27        NOT_CHECKED,
28
29        /**
30        * Playload is not available due to any reasons e.g. not downloaded 
31        */
32        PAYLOAD_NOT_AVAILABLE,
33
34        /* None of the Above */
35        NA
36    }
37
38    public class MsoRevocationInfo
39    {
40        public MsoRevocationStatus RevocationStatus = MsoRevocationStatus.NA;
41        public RevocationDetails RevocationDetailsObj = null;
42    }
43
44	/* Fields for the Various Fields in a Certificate in MSO Revocation */
45    public class RevocationDetails
46    {
47        public bool IsSignatureValid = false;
48        public bool IsCertChainValid = false;
49        public bool IsExpired = false;
50        public bool IsSubjectMatchWithUri = false;
51        public bool IsValidPayloadStruct = false;
52        public string Subject = string.Empty;
53        public DateTime IssuedAt = DateTime.MinValue;
54        public DateTime Expiry = DateTime.MinValue;
55        public long ttl = -1;
56        public string PayloadDataHex = string.Empty;
57    }

Language not specified
1public class IacaAuth
2{
3	public bool isPolicyApplied = false;
4	public Dictionary<string, string> certInfo = new Dictionary<string, string>(); // The IACA object => CN, C, O, Filename, 
5	public string docType = string.Empty; // DocType of the cert
6	public bool certFinalValidationStatus = false;
7	public string[] certValidationRules = null; /* All the rules Available for validation */
8	public Dictionary<string, string> skipPolicyRules = null; /* Out of Total rules, the Rules that are not prent in the CRL certificate */
9	public Dictionary<string, string> nonCompliantCertAttributes = null; /* Policy Rules that are present in Certificate when applied are not complient */
10	public Dictionary<string, string> appliedPolicyAttrbutes = null;  /* Policy Rules that are Present in the Certificates and will be applied */
11}

Description of Each Data Fields of Class IacaAuth

isPolicyApplied: Check whether Policy is applied
certInfo: Certificate Basic Info
docType: Doc Type of the Certificate
certFinalValidationStatus: Final Validation Status of the Certificate after Checking Policy
certValidationRules: Validation Rules that are used for Validating Certificate
skipPolicyRules: Policy that are skipped as per Rules
appliedPolicyAttrbutes: Policy that are Applied on the Rules

Language not specified
1public class DomesticDrivingPrivilage
2{
3	public string ElementValue { get; set; } = string.Empty;
4	public Dictionary<string, List <Dictionary<string, string> >> AamvaResponseData { get; set; } = new Dictionary<string, List <Dictionary<string, string> >>();
5}

Description of Each Data Fields of Class DomesticDrivingPrivilage

ElementValue: Name of the Main structure of Domestic Driving Privilage
AamvaResponseData: Dictionary for each component of the Domestic Driving Privilage.

Language not specified
1public class ResponseAuthWithDS
2{
3	public bool isIssuingJurisdictionMatchWithDS { get; set; } = false;
4	public bool isIssuingCountryMatchWithDS { get; set; } = false;
5}

Description of Each Data Fields of Class ResponseAuthWithDS

isIssuingJurisdictionMatchWithDS: Verify whether Juridiction is maction with DS certificate
isIssuingCountryMatchWithDS: Verify whether Country is maction with DS certificate

Language not specified
1public class MultiDocRequest
2{
3	public string docType { get; set; } = string.Empty;    
4	public Dictionary<string, Dictionary<string, bool>>  CustomNamespaceFields { get; set; } = new Dictionary<string, Dictionary<string, bool>>();   /* Namespace with Fields and their intent to retain.  Dictionary<string: "Namespace" , Dictionary<string, bool>: "Field Name", "Intent to Retain(True/False)">*/
5	public Dictionary<string, Dictionary<string, Dictionary<string, string>>> RequestInfoFields { get; set; } = new Dictionary<string, Dictionary<string, Dictionary<string, string>>>();     /*** Dictionary for RequestInfo Map for a Doc Type. Dictionary<string: "Namespace", Dictionary<string: "Field Name", Dictionary<string, string>: "Presense","True/False">> ***/
6}

Description of Each Data Fields of Class MultiDocRequest

docType: Name of the DocType
CustomNamespaceFields: Dictionary for the Fields of the Namespaces
RequestInfoFields: Dictionary for RequestInfo Map

Language not specified
1public class Nfc
2    {
3        internal bool NfcStaticHandover { get; set; } = false;
4        internal bool NfcNegotiatedHandover { get; set; } = false;
5        public string NfcData { get; set; } = string.Empty;
6    }

Description of Each Data Fields of Class Nfc

NfcStaticHandover: Check whether NFC Static Handover is selected
NfcNegotiatedHandover: Check whether NFC Negotiated Handover is selected
NfcData: NFC data read from the NFC device.

Language not specified
1public class ApiConfigs
2{	
3	public Dictionary<string, string> DevEngErDetails = null;
4	public string JPGPath = null;
5	public string JPGBarcodeData = null;
6	public Dictionary<string, string> DevEngPDF417Data = new Dictionary<string, string>();
7	public int BarcodeType = 0;
8	public string[] ReqParameters = null;     /*** Array of Strings Containing the Requested optional Parameters for Pre-Defined Namespaces in SDK as per ISO ***/
9	public Dictionary<string, List<string>> CustomNamespaceFields = new Dictionary<string, List<string>>();     /*** Dictionary for Custom Namespaces & their Fields ***/
10	public int AgeOverNN = 0;
11	public List<MultiDocRequest> MultiDocRequestList = null; /* List of Request Data Field for MultiDoc support as per N1818 version of ISO 18013-5 */	
12	private ReaderAuthSignerCallback readerAuthCallback = null;
13	private Dictionary<int, int> Algorithm = new Dictionary<int, int>();
14	public ApiConfigs setReaderAuthInfo(ReaderAuthSignerCallback readerAuthSignerCallback, ReaderAuthAlgorithm signingAlgo, ApiConfigs ConfigData)
15	public MultipleRequest MultipleRequestObj = new MultipleRequest(); /* Multirequest */
16	public Nfc NfcObj = null; /* NFC Class Object */
17	public DelegateMsoRevocation DelegateMsoRevocationObj { get; set; } = null; /* MSO Revocation */
18}

Description of Each Data Fields of Class ApiConfigs:

DevEngErDetails: Error details
JPGPath: Path to the location of the JPG file
JPGBarcodeData: Data present in the JPG file code
DevEngPDF417Data: Data present in the PDF417 barcode
BarcodeType: Barcode type as per Zxing Library
ReqParameters: Array of Strings Containing the Requested optional Parameters for Pre-Defined Namespaces in SDK as per ISO
CustomNamespaceFields: Dictionary for Custom Namespaces & their Fields
AgeOverNN: Age in integer
MultiDocRequestList: List of class for MultiDoc support as per N1818 version of ISO 18013-5
ListRequestInfoData: List of RequestInfo Data Field as per Version 1.1 Request info for ISO N2448
readerAuthCallback: readerAuthCallback object used to set when Reader Authentication is requested
Algorithm: This is the signing algorithm provided by integrator from the enum list provided by SDK
setReaderAuthInfo: To set reader authentication information i.e callback object and Signing Algorithm. signingAlgo parameter accepts value from list of Enums provided by SDK
MultipleRequestObj: Object of MultipleRequest class, for multiple request in single session.
NfcObj: Object of NFC Class
DelegateMsoRevocationObj: callback of MSO Revocation.

Language not specified
1public enum ReaderAuthCertType
2{
3	NONE, /* No Certificate. ReaderAuth is not Required */
4	SINGLE, /* Single Certificate */
5	MULTIPLE, /* Multiple Certificate */        
6};

Language not specified
1public class ReaderAuthSign
2{
3	public byte[] X509Cert { get; set; } = null;  
4	public List< byte[]> X509CertList { get; set; } = null;  
5
6	/*Use Either AsymmetricCipherKeyPair or ECPrivateKeyParameters the other one should be null*/
7	public AsymmetricCipherKeyPair keyPair { get; set; } = null; 
8
9	public ECPrivateKeyParameters EcPrivateKey { get; set; } = null; 
10}

Description of Each Data Fields of Class ReaderAuthSign:

X509Cert: For Single Certificate
X509CertList: For Multiple Certificates
keyPair: AsymmetricCipherKeyPair
EcPrivateKey: private Key

Language not specified
1public delegate Task<ReaderAuthSign> GenerateReaderAuthCertificate();
2public delegate ReaderAuthCertType CertType();
3public class DelegateClassReaderAuth
4{
5	public GenerateReaderAuthCertificate GenerateReaderAuthCertificateCallback { get; set; }
6	public CertType ReaderAuthCertType { get; set; } 
7	public bool isUseSameCertificateForAllDocs = false;
8}

Description of Each Data Fields of Class DelegateClassReaderAuth:

GenerateReaderAuthCertificateCallback: Callback function for Generating New X509 Certificate.
ReaderAuthCertType: Check whether ReaderAuth Should be present in the Request.
isUseSameCertificateForAllDocs: Use Same Certificate for Signing all Document types

Language not specified
1/* Enums for the Vical  */
2 public enum VicalCases
3{        
4	DEFAULT, /* Vical and CRL Download & Caching by SDK */
5	URI, /* Vical URL Shared by App  and Downloaded by SDK*/
6	STORAGE, /* Vical File is Shared by App via Local Directory link to the SDK  */
7	ASSETS, /* Vical File is Shared by App Assets  */
8};

Language not specified
1public class VicalConfigs
2{
3	public VicalCases UseCase = VicalCases.DEFAULT;        
4	public List<string> VicalCertLocationList = null;
5	public int CachingRefreshIntervalVICAL = -1; /* Hours*/
6
7	/* CRL */
8	public bool EnableCrlChecks = false;
9	public bool AllowCrlDownloadBySDK = false;
10	public int CachingRefreshIntervalCRL = -1; /* Hours*/
11	//public bool ForceDownloadCrl = false; /* Only when SDK has to Download CRL */
12	public int CrlDownloadTime = -1; /* Time in Seconds to Download CRL from URL */
13}

Description of Each Data Fields of Class VicalConfigs:

UseCase: Vical case.
VicalCertLocationList: List of Vical Cert location.
CachingRefreshIntervalVICAL: Caching interval in Hours for Vical.
EnableCrlChecks: Enable CRL Checks.
AllowCrlDownloadBySDK: Allow CRL download by SDK.
CachingRefreshIntervalCRL: Caching interval in Hours for CRL.
CrlDownloadTime: Time to Download CRL using URL in seconds.

Language not specified
1/** Certificates Callbacks (Delegates) **/
2public delegate void OnSuccess(int NumCert);   /* Delegate for On Success */
3public delegate void OnError(Dictionary<string, string> ErrorCode);  /* Delegate for On Failure/Error */
4public delegate void RequestInfoCertData(List<RequestInfoIssuerIdentifier> RequestInfoCertObj);  /* Callback to get the Certificate Data for 'Issuer Identifier' in 'RequestInfo'  */
5public delegate Task<Stream[]> VicalCrlDownload(List<string> CrlDownloadUrlArray);  /*Vical: CrlDownloadUrlArray: An Array of URLs to download CRLs  */
6public delegate void VicalLoadStatusDelegate(VicalLoadStatus LoadStatus);   /* Vical: Delegate for Load Status */
7public delegate void GetVicalInfoData(VicalInfo VicalInfoObj); /* Vical: Delegate to get the Information about Vical Parameters */
8
9public class DelegateClassCertificate
10{
11	public OnSuccess OnSuccessDelegate { get; set; }
12	public OnError OnErrorDelegate { get; set; }        
13	public RequestInfoCertData GetAddedCertInfoCallback { get; set; } 
14	
15	/* Vical  */        
16	public VicalCrlDownload VicalCrlDownloadDelegate { get; set; }  
17	public VicalLoadStatusDelegate VicalLoadStatusCallback { get; set; } 
18	public GetVicalInfoData GetVicalInfo { get; set; } /* Vical: Delegate to get the Information about Vical Parameters */
19}

Description of Each Data Fields of Class DelegateClassCertificate:

OnSuccessDelegate: Callback on Success
OnErrorDelegate: Callback on Error
GetAddedCertInfoCallback: Callback to get the Data of Certificates for 'Issuer Identifier' in 'RequestInfo'
VicalCrlDownloadDelegate: Delegate to Download CRL using URL
VicalLoadStatusCallback: Delegate for Vical Load Status
GetVicalInfo: Vical: Delegate to get the Information about Vical Parameters

/* Enums for Vical */

Language not specified
1public enum VicalLoadStatus
2{
3	SUCCESSFUL, /*Indicates vical oading is successful and vical is geniune with all cert and  Digital signature checks passed. */
4	VICAL_EXPIRED, /* Indicates Vical loading failed due to vical has expired */
5	FILE_NOT_FOUND, /* Indicates Vical loading failed due to vical file not found in remote  or specified path  */
6	CERTIFICATE_CHECK_FAILED, /* Indicates Vical loading is unsuccessful due to vical certificate mismatch */
7	DIGITAL_SIGNATURE_MISMATCH, /* Indicates Vical loading is unsuccessful due to Digital signature mismatch */
8	ERROR /* Indicates Vical loading is failed due to some error */
9};

/* Parameters of Vical Certificate */

Language not specified
1public class VicalInfo
2{
3	/* Vical IACA Pem Certificate */
4	public byte[] VicalIacaPemCertByte = null;
5
6	/* Vical File Name */
7	public string VicalFileName = string.Empty;
8	public string VicalFilelocation = string.Empty;
9
10	/* Header */
11	public CBORObject[] DsHeaderCertificates = null;
12	public byte[] HeaderCurveByte = null; /* Curve as Byte...Used in Generating Cose_sign1 structure */
13	public string HeaderCurve = string.Empty; /* Curve Decoded as String */
14
15	/* Payload Information */
16	public byte[] PayloadByte = null;
17	public string payloadVersion = string.Empty;
18	public string payloadVicalProvider = string.Empty;
19	public string payloadDate = string.Empty;
20	public string payloadVicalIssueID = string.Empty;
21	public string payloadNextUpdate = string.Empty;        
22
23	/* Vical Signature */
24	public byte[] vicalSignature;
25}

Language not specified
1public delegate Task<Stream[]> CrlDownload(string[] CrlDownloadUrlArray);  
2public class DelegateClassVicalCertificate
3{
4	public CrlDownload CrlDownloadDelegate { get; set; }   
5	public int CrlDownloadTimeoutSeconds = 0;  
6	public bool ForceCrlDownload = false; 
7}

Description of Each Data Fields of Class DelegateClassVicalCertificate:

CrlDownloadUrlArray: An Array of URLs to download CRLs
CrlDownloadTimeoutSeconds: Expected Time to Download CRL from URL. If 0 then Default Time is 3 Seconds
CrlDownloadDelegate: Delegate to Download CRL using URL
ForceCrlDownload: Download CRL Even if CRL is present in the Vical Certificate

Language not specified
1/** Set Callback for CRL Download **/
2ConfigData.DelegateClassVicalCertificateObj = new DelegateClassVicalCertificate();
3ConfigData.DelegateClassVicalCertificateObj.CrlDownloadDelegate = CrlDownloadCallback;                
4ConfigData.DelegateClassVicalCertificateObj.CrlDownloadTimeoutSeconds = (int)CrlDownloadTime.SelectedValue;
5if ((string)CrlForceDownload.SelectedValue == "Yes")
6{
7	ConfigData.DelegateClassVicalCertificateObj.ForceCrlDownload = true;
8}
9else
10{
11	ConfigData.DelegateClassVicalCertificateObj.ForceCrlDownload = false;
12}

Language not specified
1/* Callback to Download CRL using URL */
2private async Task<Stream[]> CrlDownloadCallback(string[] CrlDownloadUrlArray)
3{
4	bool isInternetAvailable = isConnectedToInternet();
5	Stream[] StreamArray = null;
6	try
7	{
8		if (isInternetAvailable)  /* If Internet is Available Only then Download */
9		{
10			StreamArray = new Stream[CrlDownloadUrlArray.Length];                     
11			{  
12				using (System.Net.Http.HttpClient httpClient = new System.Net.Http.HttpClient())
13				{
14					for (int count = 0; count < CrlDownloadUrlArray.Length; count++)
15					{
16						string CrlUrl = CrlDownloadUrlArray[count];
17						string CrlUrlUpdated = CrlUrl.Substring(CrlUrl.IndexOf("http"));
18						httpClient.Timeout = TimeSpan.FromMilliseconds(Timeout.Infinite);
19						var stopwatch = new Stopwatch();
20						stopwatch.Start();
21						Stream stream = httpClient.GetStreamAsync(CrlUrlUpdated).Result;
22						stopwatch.Stop();
23						var elapsed_time = stopwatch.ElapsedMilliseconds;
24						PrintLogInfo("App Time Taken to Download CRL (Milliseconds): " + elapsed_time + "ms");
25						StreamArray[count] = stream;                               
26					}
27				}                       
28			}
29		}
30	}
31	catch (Exception ex)
32	{
33		PrintLogInfo("\n!!App Exception...CrlDownloadCallback()...Download error. Msg: " + ex.Message);
34	}
35	return StreamArray;
36}

Language not specified
1public class Config
2{
3	internal bool isDebugable = false; 	
4	public void enableDebug();
5}

Description of Each Data Fields of Class Config:

isDebugable: Enable Debug mode to display log in IDE (Visual Studio)
enableDebug(): enables the isdebugable flag to display log.

Language not specified
1public interface ReaderAuthSignerCallback
2{
3	ReaderAuthSign doSignItemRequest(byte[] readerAuthenticationBytes);
4}

Description of interface: Verify sdk will call doSignRequest with the readerAuthenticationSigBytes to be signed by the integrator with its private key. Integrator will give back the Signature and X509 Certifcate having Pub Key. SDK will share "ReaderAuth" COSE_SIGN1 structure in Request with mDL

Language not specified
1public class ReaderAuthSign
2{
3	public byte[] X509Cert { get; set; };
4	public byte[] signature { get; set; };
5	public AsymmetricCipherKeyPair keyPair { get; set; } 
6}

Description of Each Data Fields of Class ReaderAuthSign:

signature: Calculated signature
X509Cert - X509 Certifcate having Pub Key
AsymmetricCipherKeyPair: Public and Private Key Pair of the Certificate

Language not specified
1public enum ReaderAuthAlgorithm
2{
3	ALGO_SHA256WITHECDSA = -7,
4	ALGO_SHA384WITHECDSA = -35,
5	ALGO_SHA512WITHECDSA = -36,
6	ALGO_NONEWITHEDDSA = -8
7}

Description : Enum class to provide list of supported Algorithms

Language not specified
1public delegate void OnSuccess(int NumCert);   /* Delegate for On Success */
2public delegate void OnError(Dictionary<string, string> ErrorCode);  /* Delegate for On Failure/Error */
3public class DelegateClassOfflineCertificate
4{
5	public OnSuccess OnSuccessDelegate { get; set; };
6	public OnError OnErrorDelegate { get; set; };
7}

Description: These are the Delegates/Callbacks for Loading Offline Certificates
- OnSuccess: Callback on Success. The int value contains the Total number of Certificates loades
- OnError: Callback on Error. The Dictionary containes the Error code and description.

Language not specified
1public delegate void UpdateMultiRequestConnectionStatus(bool Status);   /* Delegate for checking Connection Status*/

Description: These are the Delegates/Callbacks for Multiple Request in single session
- UpdateMultiRequestConnectionStatus: The status parameter describes the connection status of the device

Language not specified
1public class MultipleRequest
2{
3	public bool isMultipleRequest { get; set; } = false; /* Check if Multiple Request will be send */
4	public bool DisconnectConnection { get; set; } = false; /* Disconnect the BLE connection from Connected Device */
5	public bool isDeviceAlreadyConnected { get; set; } = false; /* Check if the BLE connection with the MID is still active */
6	public  UpdateMultiRequestConnectionStatus UpdateMultiRequestConnectionStatusCallback { get; set; } 
7}

Description: Class of Multiple Request
- isMultipleRequest: Check if Multiple Request will be send
- DisconnectConnection: Disconnect the BLE connection from Connected Device
- isDeviceAlreadyConnected: Check if the BLE connection with the MID is still active

ID.Verify SDK Public APIs/Functions to be used by App Developer

Include namespace VerifySdkDll into the project
There are public APIs that are included in public class InterfaceVSDK

Language not specified
1public async Task<VerifySDKReturn> sendRequest(ApiConfigs ConfigData)
2	public async Task<VerifySDKReturn> initDeviceEngagement(ApiConfigs config)
3	public async Task<VerifySDKReturn> parsePDF417(ApiConfigs config)
4	public static async Task<InterfaceVSDK> getClient(Config ConfigData) 
5	public static  async Task LoadCertificates(String DirLink, DelegateClassOfflineCertificate DelegateClassObj)
6	public async Task<BluetoothConnectionStatus> MultiRequestDisconnectFromDevice(VerifySDKReturn RecvData, ApiConfigs ConfigData)
7	static public async Task LoadVical(VicalConfigs VicalConfigsObj, DelegateClassCertificate DelegateClassOfflineCertificateObj)

Description of Each API
- getClient(): Return a valid InterfaceVSDK object if request is valid
- initDeviceEngagement (): Uses the data from the JPGBarcodeData data field on successful scan, else throws an exception with Details of Error mentioned in ErrorDetails. Uses this data to initiate the device engagement.
- parsePDF417 (): Parses the scanned PDF417 and returns the data. If there is any error in parsing then an exception is thrown with Details of Error mentioned in ErrorDetails
- sendRequest (): On successfully parsing the QR data, this API accepts as second parameter a string[] of the fields requested by the developer. If this field is null then by default a request is generated containing all the 33 fields mentioned in 18013-5. If any error occurs between generating request and receiving response from Mobile ID then the error details are mentioned in ErrorDetails. This is the last API that has to be called. After successfully completing all the operations, the necessary fields mentioned for the class VerifySDKReturn will be updated. The developer can then use the data present in the fields as per their implementation
- LoadCertificates(): Loads the Certificates from the DirLink and corresponding response is shared using delegates from class DelegateClassOfflineCertificate
- MultiRequestDisconnectFromDevice(): In multiple request to disconnect from connected device this API is used.
- LoadVical(): Load Vical. VicalConfigsObj: Object of the VicalConfigs Class. DelegateClassOfflineCertificateObj: Object of the Callback class DelegateClassOfflineCertificate

Sample Code for MainPage.xaml.cs for calling the public APIs of ID Verify SDK

Language not specified
1Config initConfig = new Config();
2ApiConfigs ConfigData = new ApiConfigs();
3InterfaceVSDK VsdkInterface = await InterfaceVSDK.getClient(initConfig);
4	if (MultipleRequestObjApp.isDeviceAlreadyConnected == false)
5	{
6		/*** Get Data Present in the Barcode Picture ***/
7		await AppBarcodeData.getBarcodeData(ConfigData);
8		if (MultipleRequestObjApp.isMultipleRequest) /* On Multiple Request store QR Data */
9		{
10			BarcodeDataMultiRequest = ConfigData.JPGBarcodeData;
11			BarcodeTypeMultiRequest = ConfigData.BarcodeType;
12		}
13		VsdkInterface = InterfaceVSDK.getClient(initConfig);
14		if (VsdkInterface != null)
15		{		
16			if (ConfigData.DevEngErDetails == null)
17			{
18				if (ConfigData.BarcodeType == (int)BarcodeType.QR)
19				{
20					RecvData = VsdkInterface.initDeviceEngagement(ConfigData);
21					if (RecvData.OpticalInspectionResponseObj == null)
22					{
23						if (RecvData.ErrorDetails == null)
24						{
25							if (ReaderCheckBox.IsChecked == true)
26							{
27								IReaderAuthSignerCallback obj = new TestApiConfig();
28								ConfigData.setReaderAuthInfo(obj, ReaderAuthAlgorithm.ALGO_SHA256WITHECDSA, ConfigData); 
29							}
30							RecvData = await VsdkInterface.sendRequest(ConfigData);												
31						}
32					}
33				}
34				else if (ConfigData.BarcodeType == (int)BarcodeType.PDF417)
35				{
36					RecvData = VsdkInterface.parsePDF417(ConfigData);
37					if (RecvData.ErrorDetails == null)
38					{
39						RecvData = await VsdkInterface.GeneratePDF417(RecvData, ConfigData); /* Generate PDF417 Using SDK*/
40					}
41				}
42			}		
43		}
44	else /* MultiRequest: When devices are connected then only send the request */
45	{
46		ConfigData.JPGBarcodeData = BarcodeDataMultiRequest;
47		ConfigData.BarcodeType = BarcodeTypeMultiRequest;
48		RecvData = await VsdkInterface.sendRequest(ConfigData);
49	}

Language not specified
1private async void DiconnectFromDevice(object sender, RoutedEventArgs e)
2{	
3	MultipleRequestObjApp.DisconnectConnection = true; /* Disconnect*/
4	var Status = await VsdkInterface.MultiRequestDisconnectFromDevice(null, ConfigData);
5
6	if (Status.ToString() == "Disconnected")
7	{
8		MultipleRequestObjApp.isDeviceAlreadyConnected = false;
9	}
10	else
11	{
12		MultipleRequestObjApp.isDeviceAlreadyConnected = true;
13	}          
14}

Usage of the APIs for Vical Loading

Language not specified
1VicalConfigsObj = new VicalConfigs();
2
3/* Vical Operation */
4AppVicalObj = new AppVical();
5AppCrl AppCrlObj = new AppCrl();
6
7
8/* Vical Implementation */
9
10DelegateClassCertificate DelegateClassCertificateObj = new DelegateClassCertificate(); /* Callback Initialization */
11																					    
12DelegateClassCertificateObj.VicalLoadStatusCallback = AppVicalObj.VicalExtendLoadStatus;
13DelegateClassCertificateObj.GetVicalInfo = AppVicalObj.GetAndPrintVicalInfo;
14DelegateClassCertificateObj.OnErrorDelegate = CertDirCallbackOnError;
15DelegateClassCertificateObj.OnSuccessDelegate = CertDirCallbackOnSuccess;
16
17/* Check for Allowing CRL Download by SDK*/
18VicalConfigsObj.AllowCrlDownloadBySDK = VicalExtendSetParametersObj.isCrlDownloadBySdkAllowed;
19DelegateClassCertificateObj.VicalCrlDownloadDelegate = AppCrlObj.CrlDownloadCallback; /* Set Callback to Download CRL from SDK */
20VicalConfigsObj.CrlDownloadTime = VicalExtendSetParametersObj.CrlDownloadTimesec;
21
22
23/* Check for Allowing CRL Checks by SDK*/
24VicalConfigsObj.EnableCrlChecks = VicalExtendSetParametersObj.isCrlCheckAllowed;
25
26/* Vical Cache Time */
27VicalConfigsObj.CachingRefreshIntervalVICAL = VicalExtendSetParametersObj.VicalCacheTimeHrs;
28
29/* Crl Cache Time */
30VicalConfigsObj.CachingRefreshIntervalCRL = VicalExtendSetParametersObj.CrlCacheTimeHrs;
31
32/* On the App Set the Config and Callback Object */
33AppVicalObj.SetVicalExtendConfigs(VicalConfigsObj);
34AppVicalObj.SetDelegateClassCertificate(DelegateClassCertificateObj);
35AppCrlObj.SetVicalExtendConfigs(VicalConfigsObj);
36AppCrlObj.SetDelegateClassCertificate(DelegateClassCertificateObj);
37
38
39switch (VicalExtendSetParametersObj.SelectedVicalCase)
40{
41	/* When SDK will Handle Downloading & Caching of Vical and CRL */
42	case nameof(VicalCases.DEFAULT):
43		VicalConfigsObj.UseCase = VicalCases.DEFAULT;
44		await InterfaceVsdk.LoadVical(VicalConfigsObj, DelegateClassCertificateObj);
45
46		break;
47
48	/* When SDK will Handle Downloading Vical from URL received from App */
49	case nameof(VicalCases.URI):
50		VicalConfigsObj.UseCase = VicalCases.URI;
51		List<string> UrlListApp = new List<string>();
52		if (VicalExtendSetParametersObj.UrlValue != string.Empty)
53		{
54			UrlListApp = VicalExtendSetParametersObj.UrlValue.Split(new char[] { ',' }).ToList();
55		}
56
57		List<String> UrlList = AppVicalObj.SetUrlForSdkVicalDownload(UrlListApp); /* 'null' when no Input is received from App */
58		VicalConfigsObj.VicalCertLocationList = UrlList;
59
60		await InterfaceVsdk.LoadVical(VicalConfigsObj, DelegateClassCertificateObj);
61		break;
62
63	/* When SDK will Handle Downloading Vical from Local Link received from App */
64	case nameof(VicalCases.STORAGE):
65		VicalConfigsObj.UseCase = VicalCases.STORAGE;
66		string VicalPath = string.Empty;
67		if (VicalExtendSetParametersObj.UrlValue != string.Empty)
68		{
69			/* Use Files That are Downloaded Using Given URL into a Local Folder by App via URL */
70			List<string> UrlListAppLocal = new List<string>();
71			if (VicalExtendSetParametersObj.UrlValue.Contains("http"))
72			{
73				UrlListAppLocal = VicalExtendSetParametersObj.UrlValue.Split(new char[] { ',' }).ToList();
74				AppVicalObj.UpdateUrlForDownloading(UrlListAppLocal);
75				VicalPath = await AppVicalObj.DownloadAndCacheVical(VicalConfigsObj, DelegateClassCertificateObj);
76			}
77			else /* When Path of Local Directory is shared */
78			{
79				VicalPath = VicalExtendSetParametersObj.UrlValue;
80			}
81		}
82		
83		List<string> LocalDirList = new List<string>();
84		LocalDirList.Add(VicalPath);
85		VicalConfigsObj.VicalCertLocationList = LocalDirList;
86
87		await InterfaceVsdk.LoadVical(VicalConfigsObj, DelegateClassCertificateObj);
88		break;
89
90	/* When SDK will Handle Downloading Vical from Local Link received from App */
91	case nameof(VicalCases.ASSETS):
92		VicalConfigsObj.UseCase = VicalCases.ASSETS;
93
94		/* Use Files Available in 'Assets' */
95		StorageFolder Folder = Windows.ApplicationModel.Package.Current.InstalledLocation;
96		Folder = await Folder.GetFolderAsync("AppIACACertificates\\IACA_Vical_Extend"); /* Get Location of the App's Certificate Directory */
97		List<String> AssetFolderList = new List<string>();
98		AssetFolderList.Add(Folder.Path);
99		VicalConfigsObj.VicalCertLocationList = AssetFolderList;
100
101		await InterfaceVsdk.LoadVical(VicalConfigsObj, DelegateClassCertificateObj);
102		break;
103
104	/* No Valid Case is Received */
105	default:
106		await LoadCertificates();
107		break;
108}

*** V2 Architecture APIs ***

Language not specified
1

public enum ConnectionType { NFC = 1, BLE, WifiAware }; public enum DisconnectConnectionType { NFC = 1, BLE, WifiAware, All };

public static async Task getClient(Config ConfigData)

/* V2 Device Engagement */ public delegate void DevEngSuccessCallback(bool Result); public delegate void DevEngEngagementModelCallback(VerifySdkReturn VsdkRet); public void initDeviceEngament(ApiConfigs ConfigData, int ConnectionType, DevEngSuccessCallback SuccessCallback, DevEngEngagementModelCallback ModelCallback)

/* V2 Prepare Connection */ public delegate void PrepareConnectionStatusCallback(bool Result); public async Task prepareConnection(VerifySdkReturn RecvData, ApiConfigs ConfigData, int ConnectionType, PrepareConnectionStatusCallback ConnectStatus)

/* V2 Send Request */ public delegate void ResponseCallback(VerifySdkReturn RecvData); public async Task sendRequest(ResponseCallback ResCallback, ApiConfigs ConfigData)

/* V2 Terminate Session */ public delegate void TerminateSessionCallback(bool Result); public async Task terminateSession(int CancelReason, TerminateSessionCallback TermSessCall)

/* V2 Terminate Connection */ public async Task terminateConnection(int CancelReason, TerminateConnectionCallback TermConnCall) public delegate void TerminateConnectionCallback(bool Result);

Language not specified
1- Description of Each API
2	- getClient(): Return a valid InterfaceVSDK object if request is valid
3	- initDeviceEngagement(): Accepts object of ApiConfigs, type of connection, Callback for success,  Callback for the DeviceEngagementModel.
4	- prepareConnection(): Creates connection with the MID. Accepts object of VerifySdkReturn, Accepts object of ApiConfigs, type of connection, Callback for PrepareConnectionStatusCallback.	
5	- sendRequest(): Sends request to the MID. Callback for ResponseCallback, Accepts object of ApiConfigs.
6	- terminateSession(): Terminates connection with device but the information received during Device Engagement is not erased and can be used later. Accepts reason for cancellation, Callback for TerminateSessionCallback.
7	- terminateConnection(): Terminates Connection with device and all data received during Device Engagement is removed. Accepts reason for termination, callback for TerminateConnectionCallback.
8
9###  Setting at the App side
10- Enable following permission using Package.appmanifest ->Capabilities in the UWP application project 
11	- Bluetooth
12	- Point of Service
13	- Webcam
14
15### Errors Codes
16
17| **Error Code**	| **Error Code Message** 						| **Description**																																						| **Error Type** |
18|-------------------|-----------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------|
19| 101   			|Invalid QR Code		   						| Please try again.																																						| SDK	
20| 102				| QR Data item is missing or found any issue	| If item type is not as expected																																		| SDK	
21| 103				| QR Data item is missing or found any issue	| If DataItem(Map) is empty																																				| SDK
22| 104				| QR Data item is missing or found any issue	| If DataItem(Array) is empty																																			| SDK
23| 105				| QR code scan error							| Unable to Scan QR code may be because of invalid data or bad encoding.																								| SDK
24| 106				| Error PDF417 decoder							| Error in generating PDF417 barcode 																																	| SDK
25| 109				| Incorrect Cipher Suite Found					| Cipher Suite Identifier is not valid, only Cipher Suite 1 is supported. 																								| SDK
26| 182				| Permission to Access Camera Denied			| Camera permission not enabled or Permission to Access Camera Denied																									| SDK
27| 183				| QR Scanner Not Found							| No QR Scanner Device found on the System 																																| SDK
28| 184				| Barcode Picture Not Found						| Unable to find Barcode Picture in the Installed Folder																												| SDK
29| 185				| App is Not Valid								| App is not authorized to access VerifySDK features																													| SDK
30| 186				| NFC Device Engagement Data Not Valid 	 		| NFC Device Engagement Data is not in the correct format or invalid																									| SDK
31| 201				| Unable to initialise BLE						| Error in initializing BLE feature of this device																														| SDK
32| 202				| Device Doesn't Support BLE					| This device doesn't support BLE feature																																| SDK
33| 203				| BLE Scanning Error							| Scanning of BLE devices failed																																		| SDK
34| 204				| Bluetooth is OFF								| This device Bluetooth is Off																																			| SDK
35| 205				| BLE Scanning Error							| Please provide the BLUETOOTH permissions																																| SDK
36| 206				| BLE Connection Timeout						| Unable to establish a BLE communication channel with the Mobile ID device. Please try again.																			| SDK
37| 281				| BLE Scanning Error							| Please enable bluetooth to get scan results																															| SDK
38| 282				| BLE Scanning Error							| Your device does not support BLE																																		| SDK
39| 301				| Transaction Cancelled							| Transaction has been cancelled by the user																															| SDK
40| 302				| Device Disconnected							| Unfortunately device disconnected. Maybe device is not in the range of BLE																							| SDK
41| 303				| Timed Out, Please try again					|																																										| SDK
42| 304				| Incomplete Request							| Please select one or more attributes to be included in the request to the Mobile ID																					| SDK
43| 305				| Incomplete Request							| An Mobile ID comes to an end of data when expecting more data. For example, an Mobile ID expects certain length, number of arrays elements, or map entries but instead encounters the end of the data. The Mobile ID does not return any data but the error messag	| SDK
44| 306				| Request Rejected								| The Mobile ID indicates that the request is rejected																													| ISO
45| 307				| Mobile ID Reader Authentication Failed		| The Mobile ID indicates there is an error with mobile ID Reader authentication																						| ISO
46| 308                | General Error                                    | The Mobile ID returns an error without any given reason                                                                                                           | ISO
47| 309				| Invalid Request								| Request can't contain more than two *age_over_nn* as request attributes.																								| SDK
48| 310				| Error in reader authentication				| Error in Reader Authentication, ReaderAuthSign data is not valid																										| SDK
49| 381				| Connection Lost								| Error occurred while transferring the data																															| SDK
50| 382				| Error Creating Request						| Unable to create the request for MDL																																	| SDK
51| 383				| Connection Failed								| Unable to connect the device																																			| SDK
52| 384				| Decryption Failed								| Unable to Decrypt Received Data																																		| SDK
53| 401				| Parsing Error									| An mDL encountered data element that is not well- formed (e.g., invalid initial byte) and failed decoding data. The mDL does not return any data but the error message.| ISO
54| 402				| Invalid format								| The Mobile ID cannot process the requested data element due to formatting error																						| ISO
55| 403				| Data Not Found								| The requested NameSpace or data element within a NameSpace is not found																								| ISO
56| 404				| Data Request Denied							| The release of requested data element was rejected by the Mobile ID holder																							| ISO
57| 405				| Data Not Returned								| The Mobile ID does not provide the requested data element without any given reason																					| ISO
58| 406				| CBOR decoding error							| The mdoc indicates an error during CBOR decoding that the data received is not valid CBOR.. Returning this status code is optional									| ISO
59| 407				| CBOR validation error							| The mdoc indicates an error during CBOR validation, e.g. wrong CBOR structures. Returning this status code is optional												| ISO
60| 408				| Functionality Not Supported in ISO			| The Requested Functionality is not supported for the Received ISO Version.																							| ISO
61| 451				| Certificate Path Error						| Either Path is invalid or inaccessible or not a folder path or folder is empty																						| SDK
62| 481				| Received Data parsing error					| Unable to parse Received Data																																			| SDK
63| 482				| IACA-DS validation Error						| Transaction not authenticated due to non-compliant or invalid DS or IACA certificate																					| SDK
64| 483				| Vical Load Error								| Error in Loading Vical Files																																			| SDK
65| 484				| Vical Auth Error								| Failure in Authenticating Vical File																																	| SDK
66
67
68D-Logic NFC Device's Error Codes
69
70| **Error Code Message** 									|  **Error Code**  |
71|-----------------------------------------------------------|------------------|
72|UFR_OK 													|0x00
73|UFR_COMMUNICATION_ERROR 									|0x01
74|UFR_CHKSUM_ERROR 											|0x02
75|UFR_READING_ERROR 											|0x03
76|UFR_WRITING_ERROR 											|0x04
77|UFR_BUFFER_OVERFLOW 										|0x05
78|UFR_MAX_ADDRESS_EXCEEDED 									|0x06
79|UFR_MAX_KEY_INDEX_EXCEEDED 								|0x07
80|UFR_NO_CARD 												|0x08
81|UFR_COMMAND_NOT_SUPPORTED 									|0x09
82|UFR_FORBIDEN_DIRECT_WRITE_IN_SECTOR_TRAILER 				|0x0A
83|UFR_ADDRESSED_BLOCK_IS_NOT_SECTOR_TRAILER 					|0x0B
84|UFR_WRONG_ADDRESS_MODE 									|0x0C
85|UFR_WRONG_ACCESS_BITS_VALUES 								|0x0D
86|UFR_AUTH_ERROR 											|0x0E
87|UFR_PARAMETERS_ERROR 										|0x0F
88|UFR_MAX_SIZE_EXCEEDED 										|0x10
89|UFR_UNSUPPORTED_CARD_TYPE 									|0x11
90|UFR_COUNTER_ERROR 											|0x12
91|UFR_WRITE_VERIFICATION_ERROR 								|0x70
92|UFR_BUFFER_SIZE_EXCEEDED 									|0x71
93|UFR_VALUE_BLOCK_INVALID 									|0x72
94|UFR_VALUE_BLOCK_ADDR_INVALID 								|0x73
95|UFR_VALUE_BLOCK_MANIPULATION_ERROR 						|0x74
96|UFR_WRONG_UI_MODE 											|0x75
97|UFR_KEYS_LOCKED 											|0x76
98|UFR_KEYS_UNLOCKED											|0x77
99|UFR_WRONG_PASSWORD 										|0x78
100|UFR_CAN_NOT_LOCK_DEVICE 									|0x79
101|UFR_CAN_NOT_UNLOCK_DEVICE 									|0x7A
102|UFR_DEVICE_EEPROM_BUSY 									|0x7B
103|UFR_RTC_SET_ERROR 											|0x7C
104|ANTI_COLLISION_DISABLED 									|0x7D
105|NO_TAGS_ENUMERRATED										|0x7E
106|CARD_ALREADY_SELECTED										|0x7F
107|UFR_COMMUNICATION_BREAK 									|0x50
108|UFR_NO_MEMORY_ERROR 										|0x51
109|UFR_CAN_NOT_OPEN_READER 									|0x52
110|UFR_READER_NOT_SUPPORTED 									|0x53
111|UFR_READER_OPENING_ERROR 									|0x54
112|UFR_READER_PORT_NOT_OPENED 								|0x55
113|UFR_CANT_CLOSE_READER_PORT 								|0x56
114|UFR_FT_STATUS_ERROR_1 										|0xA0
115|UFR_FT_STATUS_ERROR_2 										|0xA1
116|UFR_FT_STATUS_ERROR_3 										|0xA2
117|UFR_FT_STATUS_ERROR_4 										|0xA3
118|UFR_FT_STATUS_ERROR_5 										|0xA4
119|UFR_FT_STATUS_ERROR_6 										|0xA5
120|UFR_FT_STATUS_ERROR_7 										|0xA6
121|UFR_FT_STATUS_ERROR_8 										|0xA7
122|UFR_FT_STATUS_ERROR_9 										|0xA8
123|UFR_WRONG_NDEF_CARD_FORMAT 								|0x80
124|UFR_NDEF_MESSAGE_NOT_FOUND 								|0x81
125|UFR_NDEF_UNSUPPORTED_CARD_TYPE 							|0x82
126|UFR_NDEF_CARD_FORMAT_ERROR 								|0x83
127|UFR_MAD_NOT_ENABLED 										|0x84
128|UFR_MAD_VERSION_NOT_SUPPORTED 								|0x85
129|UFR_NDEF_MESSAGE_NOT_COMPATIBLE 							|0x86
130|FORBIDDEN_IN_TAG_EMULATION_MODE 							|0x90
131|UFR_MFP_COMMAND_OVERFLOW 									|0xB0
132|UFR_MFP_INVALID_MAC 										|0xB1
133|UFR_MFP_INVALID_BLOCK_NR 									|0xB2
134|UFR_MFP_NOT_EXIST_BLOCK_NR 								|0xB3
135|UFR_MFP_COND_OF_USE_ERROR 									|0xB4
136|UFR_MFP_LENGTH_ERROR 										|0xB5
137|UFR_MFP_GENERAL_MANIP_ERROR 								|0xB6
138|UFR_MFP_SWITCH_TO_ISO14443_4_ERROR 						|0xB7
139|UFR_MFP_ILLEGAL_STATUS_CODE 								|0xB8
140|UFR_MFP_MULTI_BLOCKS_READ 									|0xB9
141|NT4H_COMMAND_ABORTED 										|0xC0
142|NT4H_LENGTH_ERROR 											|0xC1
143|NT4H_PARAMETER_ERROR 										|0xC2
144|NT4H_NO_SUCH_KEY 											|0xC3
145|NT4H_PERMISSION_DENIED 									|0xC4
146|NT4H_AUTHENTICATION_DELAY 									|0xC5