I read this article, but seems like any information about it is kind a omited.
Source: I have been working on a blockchain implementation in the past that was compatible with the cryptographic functions in an NFC passport. Basically using a standard NFC passport as a cold wallet.
Fun fact. The cryptographic system even differs per country.
E.g. the Dutch don't trust the NIST elliptic curves so use the brainpool curves instead. Some other countries are still using RSA iirc.
That's true for older passports, but there's actually a newer scheme that uses Diffie-Hellman key agreement instead, since non-repudiation, which is hard to avoid with RSA signatures, is considered a non-goal for passports. (Some governments apparently don't want them to be used as a "backdoor e-signing scheme", hence the change to the new repudiable authentication scheme.)
Some countries (like Belgium) this _is_ a goal. They implemented a full PKI in their identity cards.
Essentially, these countries run two applications on the document chip: One that lets anyone verify the authenticity of the document, using the ICAO PKI and active or chip authentication, and one that lets the document owner sign data, usually after entering a PIN or password (or anybody holding the document could do so on their behalf).
Other countries decouple e-signatures/remote authentication and electronically verifiable identity documents, e.g. Austria – which now has an ICAO-compatible identity card, but a completely separate e-signature schme based on, and it really pains me to say this... server-side private keys.