Loading ePassport/ttcn/ePassport_Functions.ttcn +14 −10 Original line number Diff line number Diff line Loading @@ -178,7 +178,6 @@ // ISO/IEC 9797-1 MAC Algorithm 3 function f_cryptographicChecksum(in octetstring p_key, in octetstring p_data) return octetstring { // FIXME return fx_cryptographicChecksum(p_key, p_data); } // end f_cryptographicChecksum Loading @@ -201,9 +200,7 @@ } // end f_verifySignature function f_digest(in HashAlgorithm p_algorithm, in octetstring p_data) return octetstring { // FIXME // return fx_digest(p_algorithm, p_data); return '0001020304050607'O; return fx_digest(p_algorithm, p_data); } //end f_digest function f_getHashLength(in HashAlgorithm p_algorithm) return integer { Loading Loading @@ -244,6 +241,9 @@ var octetstring v_rndIfd; var octetstring v_keyIfd, v_keyIcc; var octetstring v_receivedRndIcc, v_computedMacIcc; var octetstring v_respData; var octetstring v_kSeed; var octetstring v_ssc; v_encryptedIfdLength := lengthof(p_challengeResponse) - c_bacMacSize; v_encryptedIfd := substr(p_challengeResponse, 0, v_encryptedIfdLength); Loading Loading @@ -275,11 +275,15 @@ v_macIcc := f_cryptographicChecksum(vc_simu.kMac, v_encryptedIcc); // h) Send the response using the data E_ICC || M_ICC. return v_encryptedIcc & v_macIcc; v_respData := v_encryptedIcc & v_macIcc; //TODO // calulating KSenc, KSmac and SSC used for Secure Message // v_sm:=fx_SM(Kicc,v_ifd); v_sm is here a record of 3 octetstring KSenc, KSmac and SSC // i) compute new K.SEED and derive keys v_kSeed := bit2oct(oct2bit(v_keyIfd) xor4b oct2bit(v_keyIcc)); f_deriveKeys(v_kSeed, vc_simu.kEnc, vc_simu.kMac); v_ssc := substr(p_rndIcc, 4, 4) & substr(v_rndIfd, 4, 4); return v_respData; } // end f_basicAccessControl Loading Loading @@ -330,7 +334,7 @@ f_deriveKeys(v_k, vc_simu.kEnc, vc_simu.kMac); // c) The hash of the inspection system's ephemeral public key H(^PKPCD) for Terminal Authentication. v_h := f_digest(e_sha1, p_publicKeyPcd); // FIXME v_h := f_digest(e_sha1, p_publicKeyPcd); } // end f_chipAuthentication Loading ePassport/ttcn/ePassport_Testcases.ttcn +162 −0 Original line number Diff line number Diff line Loading @@ -429,6 +429,8 @@ module ePassport_Testcases { } // end groupLDS_H group debug { testcase TC_Fake_For_Test() runs on MRTD system MRTD_System { t_guard.start; Loading @@ -452,4 +454,164 @@ module ePassport_Testcases { t_guard.stop; } testcase TC_checkBac() runs on MRTD system MRTD_System { var octetstring v_rndIcc := '4608F91988702212'O; var octetstring v_challengeResponse := '72C29C2371CC9BDB65B779B8E8D37B29ECC154AA56A8799FAE2F498F76ED92F25F1448EEA8AD90A7'O; var integer v_encryptedIfdLength; var octetstring v_encryptedIfd, v_encryptedIcc; var octetstring v_macIfd, v_macIcc; var octetstring v_s, v_r; var octetstring v_rndIfd; var octetstring v_keyIfd, v_keyIcc; var octetstring v_receivedRndIcc, v_computedMacIcc; var octetstring v_respData; var octetstring v_kSeed; var octetstring v_ssc; f_initializeMRTD("CFG.DFLT.PLAIN"); v_encryptedIfdLength := lengthof(v_challengeResponse) - c_bacMacSize; v_encryptedIfd := substr(v_challengeResponse, 0, v_encryptedIfdLength); v_macIfd := substr(v_challengeResponse, v_encryptedIfdLength, c_bacMacSize); // a) Check the checksum M_IFD of the cryptogram E_IFD. v_computedMacIcc := f_cryptographicChecksum(vc_simu.kMac, v_encryptedIcc); // b) Decrypt the cryptogram E_IFD. v_s := f_decrypt(vc_simu.kEnc, v_encryptedIfd); // c) Extract RND.ICC from S and check if IFD returned the correct value. v_rndIfd := substr(v_s, 0, c_bacNonceSize); if(match(v_rndIfd, '781723860C06C226'O)) { log("c) RND.IFD correct"); setverdict(pass); } else { log("c) RND.IFD incorrect"); setverdict(fail); stop; } v_receivedRndIcc := substr(v_s, c_bacNonceSize, c_bacNonceSize); if(match(v_receivedRndIcc, '4608F91988702212'O)) { log("c) RND.ICC correct"); setverdict(pass); } else { log("c) RND.ICC incorrect"); setverdict(fail); stop; } v_keyIfd := substr(v_s, 2*c_bacNonceSize, c_bacKeySize); if(match(v_receivedRndIcc, '0B795240CB7049B01C19B33E32804F0B'O)) { log("c) K.IFD correct"); setverdict(pass); } else { log("c) K.IFD incorrect"); setverdict(fail); stop; } // d) Generate keying material K.ICC. v_keyIcc := '0B4F80323EB3191CB04970CB4052790B'O; // e) Generate the concatenation R = RND.ICC || RND.IFD || K.ICC v_r := v_rndIcc & v_rndIfd & v_keyIcc; if(match(v_r, '4608F91988702212781723860C06C2260B4F80323EB3191CB04970CB4052790B'O)) { log("e) R correct"); setverdict(pass); } else { log("e) R incorrect"); setverdict(fail); stop; } // f) Compute the cryptogram E_ICC = E[K_ENC](R). v_encryptedIcc := f_encrypt(f_build3DesKey(vc_simu.kEnc), v_r); if(match(v_encryptedIcc, '46B9342A41396CD7386BF5803104D7CEDC122B9132139BAF2EEDC94EE178534F'O)) { log("f) E_ICC correct"); setverdict(pass); } else { log("f) E_ICC incorrect"); setverdict(fail); stop; } // g) Compute the checksum M_ICC = MAC[K_MAC](E_ICC). v_macIcc := f_cryptographicChecksum(vc_simu.kMac, v_encryptedIcc); if(match(v_macIcc, '2F2D235D074D7449'O)) { log("g) M_ICC correct"); setverdict(pass); } else { log("g) M_ICC incorrect"); setverdict(fail); stop; } // h) Send the response using the data E_ICC || M_ICC. v_respData := v_encryptedIcc & v_macIcc; if(match(v_respData, '46B9342A41396CD7386BF5803104D7CEDC122B9132139BAF2EEDC94EE178534F2F2D235D074D7449'O)) { log("g) ResponseData correct"); setverdict(pass); } else { log("g) ResponseData incorrect"); setverdict(fail); stop; } // i) compute new K.SEED and derive keys v_kSeed := bit2oct(oct2bit(v_keyIfd) xor4b oct2bit(v_keyIcc)); if(match(v_kSeed, '0036D272F5C350ACAC50C3F572D23600'O)) { log("i) K.SEED correct"); setverdict(pass); } else { log("i) K.SEED incorrect"); setverdict(fail); stop; } f_deriveKeys(v_kSeed, vc_simu.kEnc, vc_simu.kMac); if(match(vc_simu.kEnc, '979EC13B1CBFE9DCD01AB0FED307EAE5'O)) { log("i) kEnc correct"); setverdict(pass); } else { log("i) kEnc incorrect"); setverdict(fail); stop; } if(match(vc_simu.kMac, 'F1CB1F1FB5ADF208806B89DC579DC1F8'O)) { log("i) kMac correct"); setverdict(pass); } else { log("i) kMac incorrect"); setverdict(fail); stop; } v_ssc := substr(v_rndIcc, 4, 4) & substr(v_rndIfd, 4, 4); if(match(v_ssc, '887022120C06C226'O)) { log("i) SSC correct"); setverdict(pass); } else { log("i) SSC incorrect"); setverdict(fail); stop; } setverdict(pass); } } // end debug } // end ePassport_Testcases Loading
ePassport/ttcn/ePassport_Functions.ttcn +14 −10 Original line number Diff line number Diff line Loading @@ -178,7 +178,6 @@ // ISO/IEC 9797-1 MAC Algorithm 3 function f_cryptographicChecksum(in octetstring p_key, in octetstring p_data) return octetstring { // FIXME return fx_cryptographicChecksum(p_key, p_data); } // end f_cryptographicChecksum Loading @@ -201,9 +200,7 @@ } // end f_verifySignature function f_digest(in HashAlgorithm p_algorithm, in octetstring p_data) return octetstring { // FIXME // return fx_digest(p_algorithm, p_data); return '0001020304050607'O; return fx_digest(p_algorithm, p_data); } //end f_digest function f_getHashLength(in HashAlgorithm p_algorithm) return integer { Loading Loading @@ -244,6 +241,9 @@ var octetstring v_rndIfd; var octetstring v_keyIfd, v_keyIcc; var octetstring v_receivedRndIcc, v_computedMacIcc; var octetstring v_respData; var octetstring v_kSeed; var octetstring v_ssc; v_encryptedIfdLength := lengthof(p_challengeResponse) - c_bacMacSize; v_encryptedIfd := substr(p_challengeResponse, 0, v_encryptedIfdLength); Loading Loading @@ -275,11 +275,15 @@ v_macIcc := f_cryptographicChecksum(vc_simu.kMac, v_encryptedIcc); // h) Send the response using the data E_ICC || M_ICC. return v_encryptedIcc & v_macIcc; v_respData := v_encryptedIcc & v_macIcc; //TODO // calulating KSenc, KSmac and SSC used for Secure Message // v_sm:=fx_SM(Kicc,v_ifd); v_sm is here a record of 3 octetstring KSenc, KSmac and SSC // i) compute new K.SEED and derive keys v_kSeed := bit2oct(oct2bit(v_keyIfd) xor4b oct2bit(v_keyIcc)); f_deriveKeys(v_kSeed, vc_simu.kEnc, vc_simu.kMac); v_ssc := substr(p_rndIcc, 4, 4) & substr(v_rndIfd, 4, 4); return v_respData; } // end f_basicAccessControl Loading Loading @@ -330,7 +334,7 @@ f_deriveKeys(v_k, vc_simu.kEnc, vc_simu.kMac); // c) The hash of the inspection system's ephemeral public key H(^PKPCD) for Terminal Authentication. v_h := f_digest(e_sha1, p_publicKeyPcd); // FIXME v_h := f_digest(e_sha1, p_publicKeyPcd); } // end f_chipAuthentication Loading
ePassport/ttcn/ePassport_Testcases.ttcn +162 −0 Original line number Diff line number Diff line Loading @@ -429,6 +429,8 @@ module ePassport_Testcases { } // end groupLDS_H group debug { testcase TC_Fake_For_Test() runs on MRTD system MRTD_System { t_guard.start; Loading @@ -452,4 +454,164 @@ module ePassport_Testcases { t_guard.stop; } testcase TC_checkBac() runs on MRTD system MRTD_System { var octetstring v_rndIcc := '4608F91988702212'O; var octetstring v_challengeResponse := '72C29C2371CC9BDB65B779B8E8D37B29ECC154AA56A8799FAE2F498F76ED92F25F1448EEA8AD90A7'O; var integer v_encryptedIfdLength; var octetstring v_encryptedIfd, v_encryptedIcc; var octetstring v_macIfd, v_macIcc; var octetstring v_s, v_r; var octetstring v_rndIfd; var octetstring v_keyIfd, v_keyIcc; var octetstring v_receivedRndIcc, v_computedMacIcc; var octetstring v_respData; var octetstring v_kSeed; var octetstring v_ssc; f_initializeMRTD("CFG.DFLT.PLAIN"); v_encryptedIfdLength := lengthof(v_challengeResponse) - c_bacMacSize; v_encryptedIfd := substr(v_challengeResponse, 0, v_encryptedIfdLength); v_macIfd := substr(v_challengeResponse, v_encryptedIfdLength, c_bacMacSize); // a) Check the checksum M_IFD of the cryptogram E_IFD. v_computedMacIcc := f_cryptographicChecksum(vc_simu.kMac, v_encryptedIcc); // b) Decrypt the cryptogram E_IFD. v_s := f_decrypt(vc_simu.kEnc, v_encryptedIfd); // c) Extract RND.ICC from S and check if IFD returned the correct value. v_rndIfd := substr(v_s, 0, c_bacNonceSize); if(match(v_rndIfd, '781723860C06C226'O)) { log("c) RND.IFD correct"); setverdict(pass); } else { log("c) RND.IFD incorrect"); setverdict(fail); stop; } v_receivedRndIcc := substr(v_s, c_bacNonceSize, c_bacNonceSize); if(match(v_receivedRndIcc, '4608F91988702212'O)) { log("c) RND.ICC correct"); setverdict(pass); } else { log("c) RND.ICC incorrect"); setverdict(fail); stop; } v_keyIfd := substr(v_s, 2*c_bacNonceSize, c_bacKeySize); if(match(v_receivedRndIcc, '0B795240CB7049B01C19B33E32804F0B'O)) { log("c) K.IFD correct"); setverdict(pass); } else { log("c) K.IFD incorrect"); setverdict(fail); stop; } // d) Generate keying material K.ICC. v_keyIcc := '0B4F80323EB3191CB04970CB4052790B'O; // e) Generate the concatenation R = RND.ICC || RND.IFD || K.ICC v_r := v_rndIcc & v_rndIfd & v_keyIcc; if(match(v_r, '4608F91988702212781723860C06C2260B4F80323EB3191CB04970CB4052790B'O)) { log("e) R correct"); setverdict(pass); } else { log("e) R incorrect"); setverdict(fail); stop; } // f) Compute the cryptogram E_ICC = E[K_ENC](R). v_encryptedIcc := f_encrypt(f_build3DesKey(vc_simu.kEnc), v_r); if(match(v_encryptedIcc, '46B9342A41396CD7386BF5803104D7CEDC122B9132139BAF2EEDC94EE178534F'O)) { log("f) E_ICC correct"); setverdict(pass); } else { log("f) E_ICC incorrect"); setverdict(fail); stop; } // g) Compute the checksum M_ICC = MAC[K_MAC](E_ICC). v_macIcc := f_cryptographicChecksum(vc_simu.kMac, v_encryptedIcc); if(match(v_macIcc, '2F2D235D074D7449'O)) { log("g) M_ICC correct"); setverdict(pass); } else { log("g) M_ICC incorrect"); setverdict(fail); stop; } // h) Send the response using the data E_ICC || M_ICC. v_respData := v_encryptedIcc & v_macIcc; if(match(v_respData, '46B9342A41396CD7386BF5803104D7CEDC122B9132139BAF2EEDC94EE178534F2F2D235D074D7449'O)) { log("g) ResponseData correct"); setverdict(pass); } else { log("g) ResponseData incorrect"); setverdict(fail); stop; } // i) compute new K.SEED and derive keys v_kSeed := bit2oct(oct2bit(v_keyIfd) xor4b oct2bit(v_keyIcc)); if(match(v_kSeed, '0036D272F5C350ACAC50C3F572D23600'O)) { log("i) K.SEED correct"); setverdict(pass); } else { log("i) K.SEED incorrect"); setverdict(fail); stop; } f_deriveKeys(v_kSeed, vc_simu.kEnc, vc_simu.kMac); if(match(vc_simu.kEnc, '979EC13B1CBFE9DCD01AB0FED307EAE5'O)) { log("i) kEnc correct"); setverdict(pass); } else { log("i) kEnc incorrect"); setverdict(fail); stop; } if(match(vc_simu.kMac, 'F1CB1F1FB5ADF208806B89DC579DC1F8'O)) { log("i) kMac correct"); setverdict(pass); } else { log("i) kMac incorrect"); setverdict(fail); stop; } v_ssc := substr(v_rndIcc, 4, 4) & substr(v_rndIfd, 4, 4); if(match(v_ssc, '887022120C06C226'O)) { log("i) SSC correct"); setverdict(pass); } else { log("i) SSC incorrect"); setverdict(fail); stop; } setverdict(pass); } } // end debug } // end ePassport_Testcases
