_static/doxygen/pace_8h_source.html

/*

 * Copyright (c) 2010-2012 Frank Morgner and Dominik Oepen

 *

 * This file is part of OpenPACE.

 *

 * OpenPACE is free software: you can redistribute it and/or modify it under

 * the terms of the GNU General Public License as published by the Free

 * Software Foundation, either version 3 of the License, or (at your option)

 * any later version.

 *

 * OpenPACE is distributed in the hope that it will be useful, but WITHOUT ANY

 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS

 * FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more

 * details.

 *

 * You should have received a copy of the GNU General Public License along with

 * OpenPACE.  If not, see <http://www.gnu.org/licenses/>.

 *

 * Additional permission under GNU GPL version 3 section 7

 *

 * If you modify this Program, or any covered work, by linking or combining it

 * with OpenSSL (or a modified version of that library), containing

 * parts covered by the terms of OpenSSL's license, the licensors of

 * this Program grant you additional permission to convey the resulting work.

 * Corresponding Source for a non-source form of such a combination shall include

 * the source code for the parts of OpenSSL used as well as that of the

 * covered work.

 *

 * If you modify this Program, or any covered work, by linking or combining it

 * with OpenSC (or a modified version of that library), containing

 * parts covered by the terms of OpenSC's license, the licensors of

 * this Program grant you additional permission to convey the resulting work.

 * Corresponding Source for a non-source form of such a combination shall include

 * the source code for the parts of OpenSC used as well as that of the

 * covered work.

 */


#ifndef PACE_H_

#define PACE_H_


#include "eac.h"

#include <openssl/bn.h>

#include <openssl/buffer.h>


#ifdef __cplusplus

extern "C" {

#endif


enum s_type {

    PACE_MRZ = 1,

    PACE_CAN,

    PACE_PIN,

    PACE_PUK,

    PACE_RAW,

    PACE_SEC_UNDEF

};


typedef struct pace_sec {

    enum s_type type;

    BUF_MEM *mem;

    BUF_MEM *encoded;

} PACE_SEC;


void PACE_SEC_clear_free(PACE_SEC * s);

PACE_SEC *

PACE_SEC_new(const char *sec, size_t sec_len, enum s_type type);


int

PACE_SEC_print_private(BIO *out, const PACE_SEC *sec, int indent);

BUF_MEM * PACE_STEP1_enc_nonce(const EAC_CTX * ctx, const PACE_SEC * pi);

int PACE_STEP2_dec_nonce(const EAC_CTX * ctx, const PACE_SEC * pi,

        const BUF_MEM * enc_nonce);

BUF_MEM *

PACE_STEP3A_generate_mapping_data(const EAC_CTX * ctx);

int

PACE_STEP3A_map_generator(const EAC_CTX * ctx, const BUF_MEM * in);

BUF_MEM * PACE_STEP3B_generate_ephemeral_key(EAC_CTX * ctx);

int

PACE_STEP3B_compute_shared_secret(const EAC_CTX * ctx, const BUF_MEM * in);

int PACE_STEP3C_derive_keys(const EAC_CTX *ctx);

BUF_MEM * PACE_STEP3D_compute_authentication_token(const EAC_CTX *ctx,

        const BUF_MEM *pub);

int PACE_STEP3D_verify_authentication_token(const EAC_CTX * ctx,

        const BUF_MEM * token);


#ifdef  __cplusplus

}

#endif

#endif

eac.h
Interface for Extended Access Control.

PACE_SEC_clear_free
void PACE_SEC_clear_free(PACE_SEC *s)
Free a PACE secret.

PACE_SEC_print_private
int PACE_SEC_print_private(BIO *out, const PACE_SEC *sec, int indent)
Print PACE_SEC object including private secret.

PACE_SEC_new
PACE_SEC * PACE_SEC_new(const char *sec, size_t sec_len, enum s_type type)
Create and initialize a new PACE secret.

PACE_STEP3B_generate_ephemeral_key
BUF_MEM * PACE_STEP3B_generate_ephemeral_key(EAC_CTX *ctx)
Generate a keypair for key agreement.

PACE_STEP3D_compute_authentication_token
BUF_MEM * PACE_STEP3D_compute_authentication_token(const EAC_CTX *ctx, const BUF_MEM *pub)
Compute the authentication token from domain parameters and public key.

PACE_STEP3D_verify_authentication_token
int PACE_STEP3D_verify_authentication_token(const EAC_CTX *ctx, const BUF_MEM *token)
Verifies an authentication token.

PACE_STEP3A_map_generator
int PACE_STEP3A_map_generator(const EAC_CTX *ctx, const BUF_MEM *in)
Map to the ephemeral domain parameters.

PACE_STEP3A_generate_mapping_data
BUF_MEM * PACE_STEP3A_generate_mapping_data(const EAC_CTX *ctx)
Generate a mapping data to perform the mapping to ephemeral domain parameters.

PACE_STEP2_dec_nonce
int PACE_STEP2_dec_nonce(const EAC_CTX *ctx, const PACE_SEC *pi, const BUF_MEM *enc_nonce)
Decrypt the nonce from the other party.

PACE_STEP1_enc_nonce
BUF_MEM * PACE_STEP1_enc_nonce(const EAC_CTX *ctx, const PACE_SEC *pi)
Generates and encrypts a nonce.

PACE_STEP3C_derive_keys
int PACE_STEP3C_derive_keys(const EAC_CTX *ctx)
Derives encryption and authentication keys.

PACE_STEP3B_compute_shared_secret
int PACE_STEP3B_compute_shared_secret(const EAC_CTX *ctx, const BUF_MEM *in)
Compute the shared secret for key agreement.

s_type
s_type
Type of the secret.
Definition pace.h:67

PACE_MRZ
@ PACE_MRZ
MRZ is the Machine Readable Zone, printed on the card, encoding the personal information of the user.
Definition pace.h:70

PACE_PUK
@ PACE_PUK
PUK is the Personal Unblocking key. This type of secret is used when the card is suspended due to too...
Definition pace.h:78

PACE_SEC_UNDEF
@ PACE_SEC_UNDEF
Undefined type, if nothing else matches.
Definition pace.h:83

PACE_PIN
@ PACE_PIN
PIN is the Personal Identification Number, a secret known only to the user and not printed on the car...
Definition pace.h:75

PACE_RAW
@ PACE_RAW
This type of secret is not defined in BSI TR-03110. We use it as a generic type, so we can use PACE i...
Definition pace.h:81

PACE_CAN
@ PACE_CAN
CAN is the Card access number printed on the card.
Definition pace.h:72

PACE_SEC
struct pace_sec PACE_SEC
Shared secret for PACE.

eac_ctx
Context for the Extended Access Control protocol.
Definition eac.h:342

pace_sec
Shared secret for PACE.
Definition pace.h:87

pace_sec::mem
BUF_MEM * mem
Raw secret.
Definition pace.h:91

pace_sec::type
enum s_type type
Type of the secret.
Definition pace.h:89

pace_sec::encoded
BUF_MEM * encoded
Encoded secret.
Definition pace.h:93