Loading ePassport/ttcn/ePassport_Altsteps.ttcn +5 −8 Original line number Diff line number Diff line Loading @@ -219,7 +219,6 @@ // Check current file v_logicalChannel := f_getLogicalChannel(v_readCommand.class); if(vc_simu.currentFiles[v_logicalChannel] == c_noFileInfo) { //TODO mrtdport.send(m_responseNOK(c_w1w2NoCurrentEF)); t_ac.start; repeat; Loading Loading @@ -362,6 +361,7 @@ var CommandManageSecurityEnvironment v_command; var octetstring v_publicKeyPcd; var octetstring v_keyReference := ''O; var W1W2Status v_chipAuthenticationResult; [] mrtdport.receive(mw_mseSetKAT_chipAuthentication) -> value v_command { v_publicKeyPcd := v_command.payload Loading @@ -371,14 +371,15 @@ if(ispresent(v_command.payload.manageSecurityEnvironmentData.crtKAT.crtReferenceOfSessionOrPrivateKey)) { v_keyReference := v_command.payload.manageSecurityEnvironmentData.crtKAT.crtReferenceOfSessionOrPrivateKey.tlvValue; } if(f_chipAuthentication(v_publicKeyPcd, v_keyReference)) { v_chipAuthenticationResult := f_chipAuthentication(v_publicKeyPcd, v_keyReference); if(v_chipAuthenticationResult == c_w1w2NormalProcessing) { mrtdport.send(m_responseOK); vc_simu.securityStatus := e_chipAuthenticated; f_setKeysForSecureMessaging(vc_simu.kEnc & vc_simu.kMac); f_setInitialSscForMessageAuthentication(c_8ZeroBytes); } else { mrtdport.send(m_responseNOK(c_w1w2SecurityRelatedIssues)); mrtdport.send(m_responseNOK(v_chipAuthenticationResult)); } t_ac.start; repeat; Loading Loading @@ -561,7 +562,6 @@ // Check current file v_logicalChannel := f_getLogicalChannel(v_readCommand.class); if(vc_simu.currentFiles[v_logicalChannel] == c_noFileInfo) { //TODO mrtdport.send(m_responseNOK(c_w1w2NoCurrentEF)); t_ac.start; repeat; Loading Loading @@ -617,7 +617,6 @@ // Check current file v_logicalChannel := f_getLogicalChannel(v_readB1Command.class); if(match(vc_simu.currentFiles[v_logicalChannel], c_noFileInfo)) { //TODO mrtdport.send(m_responseNOK(c_w1w2NoCurrentEF)); t_ac.start; repeat; Loading Loading @@ -680,7 +679,6 @@ // Check current file v_logicalChannel := f_getLogicalChannel(v_readCommand.class); if(match(vc_simu.currentFiles[v_logicalChannel], c_noFileInfo)) { //TODO mrtdport.send(m_responseNOK(c_w1w2NoCurrentEF)); t_ac.start; repeat; Loading Loading @@ -745,7 +743,6 @@ // Check current file v_logicalChannel := f_getLogicalChannel(v_readB1Command.class); if(match(vc_simu.currentFiles[v_logicalChannel], c_noFileInfo)) { //TODO mrtdport.send(m_responseNOK(c_w1w2NoCurrentEF)); t_ac.start; repeat; Loading ePassport/ttcn/ePassport_Functions.ttcn +26 −19 Original line number Diff line number Diff line Loading @@ -504,7 +504,7 @@ function f_chipAuthentication(in octetstring p_publicKeyPcd, in octetstring p_keyReference) runs on MRTD return boolean { return W1W2Status { var octetstring v_k := ''O; var octetstring v_h; Loading @@ -520,13 +520,14 @@ v_dg14PrFileInfo.filename := v_dg14PrFileInfo.filename & "." & oct2str(p_keyReference); } log(v_dg14PrFileInfo); f_readFileData(v_dg14PrFileInfo, 0, -1, v_dg14PrivateKey); // FIXME: check read file result and send 6A80 if file not found (means bad reference) if(f_readFileData(v_dg14PrFileInfo, 0, -1, v_dg14PrivateKey) == c_w1w2FileOrApplicationNotFound) { return c_w1w2ReferencedDataOrReferenceDataNotFound; } v_algo := f_computeSharedSecret(v_dg14PrivateKey, p_publicKeyPcd, v_k); if(v_algo == e_invalid) { log("**** f_chipAuthentication: ERROR: Invalid key agreement algorithm ****"); return false; return c_w1w2SecurityRelatedIssues; } // b) The session keys KMAC and KEnc derived from K for Secure Messaging. Loading @@ -545,7 +546,7 @@ vc_simu.isDhPublicKeyHash := f_extractXcoordinateFromEcPublicKey(p_publicKeyPcd); } return true; return c_w1w2NormalProcessing; } // end f_chipAuthentication Loading Loading @@ -624,6 +625,17 @@ return v_chrs; } function f_extractMrzFromDg1(in octetstring p_dg1) return octetstring { var integer i; var integer v_start := lengthof(p_dg1) - 88; var octetstring v_mrz := ''O; for(i:=v_start; i < 88 + v_start; i:=i+1) { v_mrz := v_mrz & p_dg1[i]; } return v_mrz; } } // end fileFunctions Loading @@ -647,16 +659,19 @@ var octetstring v_csvCertRefIds; var CvCertificate v_cvcaCvCertificate; var integer v_decodeResult; var octetstring v_dg1 := ''O; // Load filesystem f_loadPassportConfiguration(p_configurationId); // Prepare basic access keys // FIXME: Read DG1 instead of optical MRZ f_readFileData(c_fileMRZ, 0, -1, vc_simu.mrz); f_readFileData(c_fileDG1, 0, -1, v_dg1); vc_simu.mrz := f_extractMrzFromDg1(v_dg1); log("DG1 MRZ: ", oct2char(vc_simu.mrz)); f_deriveKeys(f_extractKseedFromMrz(vc_simu.mrz), vc_simu.kEnc, vc_simu.kMac); vc_simu.documentNumber := f_extractDocumentNumberFromMrz(vc_simu.mrz); log("documentNumber: ", oct2char(vc_simu.documentNumber)); vc_simu.securityStatus := e_noApplication; vc_simu.passportProtection := e_bac; vc_simu.activeAuthenticationPerformed := false; Loading Loading @@ -685,6 +700,8 @@ log("**** f_initializeMRTD: WARNING: " & c_fileCVCA.filename & " is empty ****"); } f_readFileData(c_fileMRZ, 0, -1, vc_simu.opticalMrz); // FIXME read c_fileCertRefIds f_readFileData(c_fileCertRefIds, 0, -1, v_csvCertRefIds); vc_simu.aisCertRefIds := f_parseCertRefIds(v_csvCertRefIds); Loading @@ -699,8 +716,8 @@ //function for initializing the system and start the ePassport procedure function f_initializeIS(in charstring p_specialOperatorMessage) runs on MRTD { var charstring v_opticalMrzLine1 := oct2char(substr(vc_simu.mrz, 0, lengthof(vc_simu.mrz)/2)); var charstring v_opticalMrzLine2 := oct2char(substr(vc_simu.mrz, lengthof(vc_simu.mrz)/2, lengthof(vc_simu.mrz)/2)); var charstring v_opticalMrzLine1 := oct2char(substr(vc_simu.opticalMrz, 0, lengthof(vc_simu.opticalMrz)/2)); var charstring v_opticalMrzLine2 := oct2char(substr(vc_simu.opticalMrz, lengthof(vc_simu.opticalMrz)/2, lengthof(vc_simu.opticalMrz)/2)); // Activate antenna f_activateProbe(); Loading Loading @@ -748,16 +765,6 @@ } // end postambleFunctions function f_getCertificate(in octetstring p_data) return octetstring { // TODO: refine... return ''O; } // end f_getCertificate function f_getSignature(in octetstring p_data) return octetstring { // TODO: refine... return ''O; } // end f_getCertificate group simuParamsFunctions { function f_pushFailResult(in AisFailureClass p_resultId) runs on MRTD { Loading ePassport/ttcn/ePassport_TestSystem.ttcn +1 −0 Original line number Diff line number Diff line Loading @@ -63,6 +63,7 @@ module ePassport_TestSystem { Chr at optional, octetstring challenge optional, octetstring mrz optional, octetstring opticalMrz optional, octetstring documentNumber optional, octetstring isDhPublicKeyHash optional, Loading ePassport/ttcn/ePassport_Values.ttcn +1 −0 Original line number Diff line number Diff line Loading @@ -28,6 +28,7 @@ module ePassport_Values { const W1W2Status c_w1w2SecurityStatusNotSatisfied := '6982'O; const W1W2Status c_w1w2ConditionsOfUseNotSatisfied := '6985'O; const W1W2Status c_w1w2NoCurrentEF := '6986'O; const W1W2Status c_w1w2FileOrApplicationNotFound := '6A82'O; const W1W2Status c_w1w2ReferencedDataOrReferenceDataNotFound := '6A88'O; const W1W2Status c_w1w2WrongParametersP1P2 := '6B00'O; const W1W2Status c_w1w2InstructionCodeNotSupportedOrInvalid := '6D00'O; Loading Loading
ePassport/ttcn/ePassport_Altsteps.ttcn +5 −8 Original line number Diff line number Diff line Loading @@ -219,7 +219,6 @@ // Check current file v_logicalChannel := f_getLogicalChannel(v_readCommand.class); if(vc_simu.currentFiles[v_logicalChannel] == c_noFileInfo) { //TODO mrtdport.send(m_responseNOK(c_w1w2NoCurrentEF)); t_ac.start; repeat; Loading Loading @@ -362,6 +361,7 @@ var CommandManageSecurityEnvironment v_command; var octetstring v_publicKeyPcd; var octetstring v_keyReference := ''O; var W1W2Status v_chipAuthenticationResult; [] mrtdport.receive(mw_mseSetKAT_chipAuthentication) -> value v_command { v_publicKeyPcd := v_command.payload Loading @@ -371,14 +371,15 @@ if(ispresent(v_command.payload.manageSecurityEnvironmentData.crtKAT.crtReferenceOfSessionOrPrivateKey)) { v_keyReference := v_command.payload.manageSecurityEnvironmentData.crtKAT.crtReferenceOfSessionOrPrivateKey.tlvValue; } if(f_chipAuthentication(v_publicKeyPcd, v_keyReference)) { v_chipAuthenticationResult := f_chipAuthentication(v_publicKeyPcd, v_keyReference); if(v_chipAuthenticationResult == c_w1w2NormalProcessing) { mrtdport.send(m_responseOK); vc_simu.securityStatus := e_chipAuthenticated; f_setKeysForSecureMessaging(vc_simu.kEnc & vc_simu.kMac); f_setInitialSscForMessageAuthentication(c_8ZeroBytes); } else { mrtdport.send(m_responseNOK(c_w1w2SecurityRelatedIssues)); mrtdport.send(m_responseNOK(v_chipAuthenticationResult)); } t_ac.start; repeat; Loading Loading @@ -561,7 +562,6 @@ // Check current file v_logicalChannel := f_getLogicalChannel(v_readCommand.class); if(vc_simu.currentFiles[v_logicalChannel] == c_noFileInfo) { //TODO mrtdport.send(m_responseNOK(c_w1w2NoCurrentEF)); t_ac.start; repeat; Loading Loading @@ -617,7 +617,6 @@ // Check current file v_logicalChannel := f_getLogicalChannel(v_readB1Command.class); if(match(vc_simu.currentFiles[v_logicalChannel], c_noFileInfo)) { //TODO mrtdport.send(m_responseNOK(c_w1w2NoCurrentEF)); t_ac.start; repeat; Loading Loading @@ -680,7 +679,6 @@ // Check current file v_logicalChannel := f_getLogicalChannel(v_readCommand.class); if(match(vc_simu.currentFiles[v_logicalChannel], c_noFileInfo)) { //TODO mrtdport.send(m_responseNOK(c_w1w2NoCurrentEF)); t_ac.start; repeat; Loading Loading @@ -745,7 +743,6 @@ // Check current file v_logicalChannel := f_getLogicalChannel(v_readB1Command.class); if(match(vc_simu.currentFiles[v_logicalChannel], c_noFileInfo)) { //TODO mrtdport.send(m_responseNOK(c_w1w2NoCurrentEF)); t_ac.start; repeat; Loading
ePassport/ttcn/ePassport_Functions.ttcn +26 −19 Original line number Diff line number Diff line Loading @@ -504,7 +504,7 @@ function f_chipAuthentication(in octetstring p_publicKeyPcd, in octetstring p_keyReference) runs on MRTD return boolean { return W1W2Status { var octetstring v_k := ''O; var octetstring v_h; Loading @@ -520,13 +520,14 @@ v_dg14PrFileInfo.filename := v_dg14PrFileInfo.filename & "." & oct2str(p_keyReference); } log(v_dg14PrFileInfo); f_readFileData(v_dg14PrFileInfo, 0, -1, v_dg14PrivateKey); // FIXME: check read file result and send 6A80 if file not found (means bad reference) if(f_readFileData(v_dg14PrFileInfo, 0, -1, v_dg14PrivateKey) == c_w1w2FileOrApplicationNotFound) { return c_w1w2ReferencedDataOrReferenceDataNotFound; } v_algo := f_computeSharedSecret(v_dg14PrivateKey, p_publicKeyPcd, v_k); if(v_algo == e_invalid) { log("**** f_chipAuthentication: ERROR: Invalid key agreement algorithm ****"); return false; return c_w1w2SecurityRelatedIssues; } // b) The session keys KMAC and KEnc derived from K for Secure Messaging. Loading @@ -545,7 +546,7 @@ vc_simu.isDhPublicKeyHash := f_extractXcoordinateFromEcPublicKey(p_publicKeyPcd); } return true; return c_w1w2NormalProcessing; } // end f_chipAuthentication Loading Loading @@ -624,6 +625,17 @@ return v_chrs; } function f_extractMrzFromDg1(in octetstring p_dg1) return octetstring { var integer i; var integer v_start := lengthof(p_dg1) - 88; var octetstring v_mrz := ''O; for(i:=v_start; i < 88 + v_start; i:=i+1) { v_mrz := v_mrz & p_dg1[i]; } return v_mrz; } } // end fileFunctions Loading @@ -647,16 +659,19 @@ var octetstring v_csvCertRefIds; var CvCertificate v_cvcaCvCertificate; var integer v_decodeResult; var octetstring v_dg1 := ''O; // Load filesystem f_loadPassportConfiguration(p_configurationId); // Prepare basic access keys // FIXME: Read DG1 instead of optical MRZ f_readFileData(c_fileMRZ, 0, -1, vc_simu.mrz); f_readFileData(c_fileDG1, 0, -1, v_dg1); vc_simu.mrz := f_extractMrzFromDg1(v_dg1); log("DG1 MRZ: ", oct2char(vc_simu.mrz)); f_deriveKeys(f_extractKseedFromMrz(vc_simu.mrz), vc_simu.kEnc, vc_simu.kMac); vc_simu.documentNumber := f_extractDocumentNumberFromMrz(vc_simu.mrz); log("documentNumber: ", oct2char(vc_simu.documentNumber)); vc_simu.securityStatus := e_noApplication; vc_simu.passportProtection := e_bac; vc_simu.activeAuthenticationPerformed := false; Loading Loading @@ -685,6 +700,8 @@ log("**** f_initializeMRTD: WARNING: " & c_fileCVCA.filename & " is empty ****"); } f_readFileData(c_fileMRZ, 0, -1, vc_simu.opticalMrz); // FIXME read c_fileCertRefIds f_readFileData(c_fileCertRefIds, 0, -1, v_csvCertRefIds); vc_simu.aisCertRefIds := f_parseCertRefIds(v_csvCertRefIds); Loading @@ -699,8 +716,8 @@ //function for initializing the system and start the ePassport procedure function f_initializeIS(in charstring p_specialOperatorMessage) runs on MRTD { var charstring v_opticalMrzLine1 := oct2char(substr(vc_simu.mrz, 0, lengthof(vc_simu.mrz)/2)); var charstring v_opticalMrzLine2 := oct2char(substr(vc_simu.mrz, lengthof(vc_simu.mrz)/2, lengthof(vc_simu.mrz)/2)); var charstring v_opticalMrzLine1 := oct2char(substr(vc_simu.opticalMrz, 0, lengthof(vc_simu.opticalMrz)/2)); var charstring v_opticalMrzLine2 := oct2char(substr(vc_simu.opticalMrz, lengthof(vc_simu.opticalMrz)/2, lengthof(vc_simu.opticalMrz)/2)); // Activate antenna f_activateProbe(); Loading Loading @@ -748,16 +765,6 @@ } // end postambleFunctions function f_getCertificate(in octetstring p_data) return octetstring { // TODO: refine... return ''O; } // end f_getCertificate function f_getSignature(in octetstring p_data) return octetstring { // TODO: refine... return ''O; } // end f_getCertificate group simuParamsFunctions { function f_pushFailResult(in AisFailureClass p_resultId) runs on MRTD { Loading
ePassport/ttcn/ePassport_TestSystem.ttcn +1 −0 Original line number Diff line number Diff line Loading @@ -63,6 +63,7 @@ module ePassport_TestSystem { Chr at optional, octetstring challenge optional, octetstring mrz optional, octetstring opticalMrz optional, octetstring documentNumber optional, octetstring isDhPublicKeyHash optional, Loading
ePassport/ttcn/ePassport_Values.ttcn +1 −0 Original line number Diff line number Diff line Loading @@ -28,6 +28,7 @@ module ePassport_Values { const W1W2Status c_w1w2SecurityStatusNotSatisfied := '6982'O; const W1W2Status c_w1w2ConditionsOfUseNotSatisfied := '6985'O; const W1W2Status c_w1w2NoCurrentEF := '6986'O; const W1W2Status c_w1w2FileOrApplicationNotFound := '6A82'O; const W1W2Status c_w1w2ReferencedDataOrReferenceDataNotFound := '6A88'O; const W1W2Status c_w1w2WrongParametersP1P2 := '6B00'O; const W1W2Status c_w1w2InstructionCodeNotSupportedOrInvalid := '6D00'O; Loading
