Loading ePassport/ttcn/ePassport_Altsteps.ttcn +17 −21 Original line number Original line Diff line number Diff line Loading @@ -245,7 +245,7 @@ v_offset := v_readCommand.params.longOffset.offset; v_offset := v_readCommand.params.longOffset.offset; v_dataLength := v_readCommand.lengthE; v_dataLength := v_readCommand.lengthE; v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel], v_offset, v_dataLength, v_data); v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel].filename, v_offset, v_dataLength, v_data); if(v_data == ''O) { if(v_data == ''O) { mrtdport.send(m_responseNOK(c_w1w2WrongParametersP1P2)); mrtdport.send(m_responseNOK(c_w1w2WrongParametersP1P2)); Loading Loading @@ -281,7 +281,7 @@ v_offset := v_readCommand.params.fileIdAndOffset.offset; v_offset := v_readCommand.params.fileIdAndOffset.offset; v_dataLength := v_readCommand.lengthE; v_dataLength := v_readCommand.lengthE; v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel], v_offset, v_dataLength, v_data); v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel].filename, v_offset, v_dataLength, v_data); if(v_data == ''O ) { if(v_data == ''O ) { mrtdport.send(m_responseNOK(v_result)); mrtdport.send(m_responseNOK(v_result)); } } Loading Loading @@ -515,7 +515,7 @@ if(vc_simu.securityStatus != e_noApplication) { if(vc_simu.securityStatus != e_noApplication) { // Reset MRTD settings // Reset MRTD settings f_initializeMRTD(vc_simu.ePassportProfile); f_initializeMRTD(vc_simu.ePassportProfile, vc_simu.passportProtection); } } vc_simu.securityStatus := e_noSecurity; vc_simu.securityStatus := e_noSecurity; Loading Loading @@ -545,8 +545,6 @@ v_challengeResponse := v_command.payload v_challengeResponse := v_command.payload .externalOrMutualAuthenticateData.challengeResponse ; .externalOrMutualAuthenticateData.challengeResponse ; // TODO check vc_simu.rndIcc != omit v_response := f_basicAccessControl(vc_simu.challenge, v_challengeResponse); v_response := f_basicAccessControl(vc_simu.challenge, v_challengeResponse); if(v_response != ''O) { if(v_response != ''O) { mrtdport.send(m_responseRead(v_response)); mrtdport.send(m_responseRead(v_response)); Loading @@ -559,7 +557,7 @@ } // end a_bac } // end a_bac altstep a_readFile(in FileInfo p_file) runs on MRTD { altstep a_readFile(in ElementFileInfo p_file) runs on MRTD { var CommandSelect v_selectCommand; var CommandSelect v_selectCommand; var CommandReadBinary v_readCommand; var CommandReadBinary v_readCommand; Loading Loading @@ -588,7 +586,7 @@ v_offset := v_readCommand.params.longOffset.offset; v_offset := v_readCommand.params.longOffset.offset; v_dataLength := v_readCommand.lengthE; v_dataLength := v_readCommand.lengthE; v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel], v_offset, v_dataLength, v_data); v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel].filename, v_offset, v_dataLength, v_data); mrtdport.send(m_responseReadWithStatus(v_data, v_result)); mrtdport.send(m_responseReadWithStatus(v_data, v_result)); t_ac.start; t_ac.start; repeat; repeat; Loading Loading @@ -618,7 +616,7 @@ v_offset := v_readCommand.params.fileIdAndOffset.offset; v_offset := v_readCommand.params.fileIdAndOffset.offset; v_dataLength := v_readCommand.lengthE; v_dataLength := v_readCommand.lengthE; v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel], v_offset, v_dataLength, v_data); v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel].filename, v_offset, v_dataLength, v_data); if(v_data == ''O ) { if(v_data == ''O ) { mrtdport.send(m_responseNOK(v_result)); mrtdport.send(m_responseNOK(v_result)); } } Loading @@ -640,7 +638,7 @@ repeat; repeat; } } // FIXME Dirty hack. Codec needed. // Manual encoding. Codec needed v_encodedTlv := v_readB1Command.payload.readBinaryWithOffsetDataObjectData.data; v_encodedTlv := v_readB1Command.payload.readBinaryWithOffsetDataObjectData.data; v_encodedLength := oct2int(v_encodedTlv[1]); v_encodedLength := oct2int(v_encodedTlv[1]); Loading @@ -654,7 +652,7 @@ if(ispresent(v_readB1Command.lengthE)) { if(ispresent(v_readB1Command.lengthE)) { v_dataLength := v_readB1Command.lengthE - 1 - lengthof(f_encodeLength(v_readB1Command.lengthE - 2)); // -1 => tag 53 and length field v_dataLength := v_readB1Command.lengthE - 1 - lengthof(f_encodeLength(v_readB1Command.lengthE - 2)); // -1 => tag 53 and length field v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel], v_offset, v_dataLength, v_data); v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel].filename, v_offset, v_dataLength, v_data); } } else { else { v_data := ''O; v_data := ''O; Loading Loading @@ -705,7 +703,7 @@ v_offset := v_readCommand.params.longOffset.offset; v_offset := v_readCommand.params.longOffset.offset; v_dataLength := v_readCommand.lengthE; v_dataLength := v_readCommand.lengthE; v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel], v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel].filename, v_offset, v_dataLength, v_data); v_offset, v_dataLength, v_data); mrtdport.send(m_responseReadWithStatus(v_data, v_result)); mrtdport.send(m_responseReadWithStatus(v_data, v_result)); t_ac.start; t_ac.start; Loading Loading @@ -738,7 +736,7 @@ if(ispresent(v_readCommand.lengthE)) { if(ispresent(v_readCommand.lengthE)) { v_dataLength := v_readCommand.lengthE; v_dataLength := v_readCommand.lengthE; v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel], v_offset, v_dataLength, v_data); v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel].filename, v_offset, v_dataLength, v_data); } } else { else { v_data := ''O; v_data := ''O; Loading Loading @@ -766,7 +764,7 @@ repeat; repeat; } } // FIXME Dirty hack. Codec needed. // Manual encoding. Codec needed v_encodedTlv := v_readB1Command.payload.readBinaryWithOffsetDataObjectData.data; v_encodedTlv := v_readB1Command.payload.readBinaryWithOffsetDataObjectData.data; v_encodedLength := oct2int(v_encodedTlv[1]); v_encodedLength := oct2int(v_encodedTlv[1]); Loading @@ -780,7 +778,7 @@ if(ispresent(v_readB1Command.lengthE)) { if(ispresent(v_readB1Command.lengthE)) { v_dataLength := v_readB1Command.lengthE - 1 - lengthof(f_encodeLength(v_readB1Command.lengthE - 2)); // -1 => tag 53 and length field v_dataLength := v_readB1Command.lengthE - 1 - lengthof(f_encodeLength(v_readB1Command.lengthE - 2)); // -1 => tag 53 and length field v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel], v_offset, v_dataLength, v_data); v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel].filename, v_offset, v_dataLength, v_data); } } else { else { v_data := ''O; v_data := ''O; Loading @@ -798,7 +796,7 @@ } // end of a_readAnyFile } // end of a_readAnyFile altstep a_refuseFileAccess(in FileInfo p_file) runs on MRTD { altstep a_refuseFileAccess(in ElementFileInfo p_file) runs on MRTD { // SELECT Command // SELECT Command [] mrtdport.receive(mw_selectByFileId(p_file.longFileId)) { [] mrtdport.receive(mw_selectByFileId(p_file.longFileId)) { Loading @@ -814,11 +812,8 @@ repeat; repeat; } } // TODO: receive statements for B1 } // end a_refuseFileAccess } // end a_refuseFileAccess //FIXME: duplicated code altstep a_refuseAnyFileAccess() runs on MRTD { altstep a_refuseAnyFileAccess() runs on MRTD { // SELECT Command // SELECT Command Loading @@ -841,6 +836,7 @@ repeat; repeat; } } // READ Command with DO (using current EF) [] mrtdport.receive(mw_readCurrentEFWithOffsetDataObject) { [] mrtdport.receive(mw_readCurrentEFWithOffsetDataObject) { mrtdport.send(m_responseNOK(c_w1w2NoCurrentEF)); mrtdport.send(m_responseNOK(c_w1w2NoCurrentEF)); repeat; repeat; Loading ePassport/ttcn/ePassport_Functions.ttcn +69 −45 Original line number Original line Diff line number Diff line Loading @@ -36,6 +36,7 @@ * @see Automatic Interfaces Specification (Version 1.0) - Clause 2. Automatic Interface Proposal * @see Automatic Interfaces Specification (Version 1.0) - Clause 2. Automatic Interface Proposal */ */ external function fx_deactivateProbe(); external function fx_deactivateProbe(); } // end managementExternalFunctions } // end managementExternalFunctions group securityExternalFunctions { group securityExternalFunctions { Loading Loading @@ -180,7 +181,7 @@ */ */ external function fx_extractPublicKey(in octetstring p_dgfile, out octetstring p_publicKey) return KeyAgreementAlgorithm; external function fx_extractPublicKey(in octetstring p_dgfile, out octetstring p_publicKey) return KeyAgreementAlgorithm; /* /** * @desc Compute a Diffie-Hellman shared secret * @desc Compute a Diffie-Hellman shared secret * @param p_privateKeyPicc Private key of peer A * @param p_privateKeyPicc Private key of peer A * @param p_publicKeyPiccAndDomainInfo Public key of peer A (not used) and DH domain info * @param p_publicKeyPiccAndDomainInfo Public key of peer A (not used) and DH domain info Loading Loading @@ -539,16 +540,14 @@ var KeyAgreementAlgorithm v_algo; var KeyAgreementAlgorithm v_algo; var octetstring v_dummy; var octetstring v_dummy; var octetstring v_dg14PrivateKey; var octetstring v_dg14PrivateKey; var FileInfo v_dg14PrFileInfo; var charstring v_dg14PrFile; // a) The shared secret K = KA(SKPICC;^PKPCD;DPICC) = KA(^SKPCD;PKPICC;DPICC) // a) The shared secret K = KA(SKPICC;^PKPCD;DPICC) = KA(^SKPCD;PKPICC;DPICC) // select private key based on key ref // select private key based on key ref v_dg14PrFileInfo := c_filePrCA; if(p_keyReference != ''O) { if(p_keyReference != ''O) { v_dg14PrFileInfo.filename := v_dg14PrFileInfo.filename & "." & oct2str(p_keyReference); v_dg14PrFile := c_filePrCA & "." & oct2str(p_keyReference); } } log(v_dg14PrFileInfo); if(f_readFileData(v_dg14PrFile, 0, -1, v_dg14PrivateKey) == c_w1w2FileOrApplicationNotFound) { if(f_readFileData(v_dg14PrFileInfo, 0, -1, v_dg14PrivateKey) == c_w1w2FileOrApplicationNotFound) { return c_w1w2ReferencedDataOrReferenceDataNotFound; return c_w1w2ReferencedDataOrReferenceDataNotFound; } } v_algo := f_computeSharedSecret(v_dg14PrivateKey, p_publicKeyPcd, v_k); v_algo := f_computeSharedSecret(v_dg14PrivateKey, p_publicKeyPcd, v_k); Loading Loading @@ -589,15 +588,15 @@ function f_readFileData( function f_readFileData( in FileInfo p_fileInfo, in charstring p_filename, in integer p_offset, in integer p_offset, in integer p_dataLength, in integer p_dataLength, out octetstring p_data) out octetstring p_data) return W1W2Status { return W1W2Status { return fx_readFileData(p_fileInfo.filename, p_offset, p_dataLength, p_data); return fx_readFileData(p_filename, p_offset, p_dataLength, p_data); } //end f_readFileData } //end f_readFileData function getFileByLongId(in LongFileId p_longFileId) return FileInfo { function getFileByLongId(in LongFileId p_longFileId) return ElementFileInfo { var integer i; var integer i; for(i:=0; i<sizeof(c_ePassportFiles); i:=i+1) { for(i:=0; i<sizeof(c_ePassportFiles); i:=i+1) { Loading @@ -609,7 +608,7 @@ return c_noFileInfo; return c_noFileInfo; } // end getFileByLongId } // end getFileByLongId function getFileByShortId(in ShortFileId p_shortFileId) return FileInfo { function getFileByShortId(in ShortFileId p_shortFileId) return ElementFileInfo { var integer i; var integer i; for(i:=0; i<sizeof(c_ePassportFiles); i:=i+1) { for(i:=0; i<sizeof(c_ePassportFiles); i:=i+1) { Loading @@ -628,7 +627,7 @@ return fx_readCertificateData(v_fullpath); return fx_readCertificateData(v_fullpath); } // end f_readCertificateData } // end f_readCertificateData function f_createDg(in FileInfo p_fileInfo, in octetstring p_data) { function f_createDg(in ElementFileInfo p_fileInfo, in octetstring p_data) { fx_createDg(p_fileInfo.filename, p_data); fx_createDg(p_fileInfo.filename, p_data); } // end f_createDg } // end f_createDg Loading Loading @@ -680,55 +679,65 @@ group initializationFunctions { group initializationFunctions { function f_initializeMRTD(in charstring p_configurationId) runs on MRTD { function f_initializeMRTD(in charstring p_configurationId, in PassportProtection p_passportProctection) runs on MRTD { var octetstring v_trustPointRaw; var octetstring v_csvCertRefIds; var octetstring v_trustPointsRaw; var octetstring v_cvcaRaw; var octetstring v_cvcaRaw; var ChrList v_cvcaTrustPoints; var ChrList v_cvcaTrustPoints; var octetstring v_csvCertRefIds; var ChrList v_trustPoints; var octetstring v_trustPointRaw; var CvCertificate v_trustPointCertificate; var CvCertificate v_trustPointCertificate; var Chr v_trustPointChr; var integer v_decodeResult; var integer v_decodeResult; var octetstring v_dg1 := ''O; var octetstring v_dg1 := ''O; var integer i; // Load profile // Load profile f_loadPassportConfiguration(p_configurationId); f_loadPassportConfiguration(p_configurationId); vc_simu.ePassportProfile := p_configurationId; vc_simu.ePassportProfile := p_configurationId; // Optical MRZ f_readFileData(c_fileMRZ, 0, -1, vc_simu.opticalMrz); // Prepare Automatic Interface f_readFileData(c_fileCertRefIds, 0, -1, v_csvCertRefIds); vc_simu.aisCertRefIds := f_parseCertRefIds(v_csvCertRefIds); f_createDg(c_fileDGCertData, f_encodeCertData(vc_simu.aisCertRefIds)); // Prepare basic access keys // Prepare basic access keys f_readFileData(c_fileDG1, 0, -1, v_dg1); f_readFileData(c_fileDG1.filename, 0, -1, v_dg1); vc_simu.mrz := f_extractMrzFromDg1(v_dg1); vc_simu.mrz := f_extractMrzFromDg1(v_dg1); f_deriveKeys(f_extractKseedFromMrz(vc_simu.mrz), vc_simu.kEnc, vc_simu.kMac); f_deriveKeys(f_extractKseedFromMrz(vc_simu.mrz), vc_simu.kEnc, vc_simu.kMac); vc_simu.documentNumber := f_extractDocumentNumberFromMrz(vc_simu.mrz); vc_simu.documentNumber := f_extractDocumentNumberFromMrz(vc_simu.mrz); // Initialize ePassport security vc_simu.securityStatus := e_noApplication; vc_simu.securityStatus := e_noApplication; vc_simu.passportProtection := e_bac; vc_simu.passportProtection := p_passportProctection; vc_simu.activeAuthenticationPerformed := false; vc_simu.activeAuthenticationPerformed := false; // Read officialy trusted CHRs from EF.CVCA // Terminal Authentication f_readFileData(c_fileCVCA, 0, -1, v_cvcaRaw); f_readFileData(c_fileCVCA.filename, 0, -1, v_cvcaRaw); v_cvcaTrustPoints := f_decodeCvca(v_cvcaRaw); v_cvcaTrustPoints := f_decodeCvca(v_cvcaRaw); f_readFileData(c_fileTrustPointIds, 0, -1, v_trustPointsRaw); // TODO: Read real trust points v_trustPoints := f_parseTrustPointIds(v_trustPointsRaw); for(i:=0; i < sizeof(v_trustPoints); i:=i+1) { // FIXME: only in case of terminal authentication f_readFileData(v_trustPoints[i], 0, -1, v_trustPointRaw); f_readFileData(c_fileTrustPointCert, 0, -1, v_trustPointRaw); if(v_trustPointRaw != ''O) { if(v_trustPointRaw != ''O) { v_decodeResult := decvalue(oct2bit(v_trustPointRaw), v_trustPointCertificate); v_decodeResult := decvalue(oct2bit(v_trustPointRaw), v_trustPointCertificate); // FIXME check v_decodeREsiult + ispresent v_trustPointChr := oct2char(v_trustPointCertificate.tlvValue.cvCertificateBody.tlvValue.cvCertificateHolderReference.tlvValue); if(oct2char(v_trustPointCertificate.tlvValue.cvCertificateBody.tlvValue.cvCertificateHolderReference.tlvValue) != v_cvcaTrustPoints[0]) { if(v_trustPointChr != v_trustPoints[i]) { log("**** f_initializeMRTD: WARNING: " & c_fileCVCA.filename & " does not match trust points ****"); log("**** f_initializeMRTD: WARNING: " & v_trustPoints[i] & " filename does not match CHR (" & v_trustPointChr & ") ****"); } if(not(match(v_cvcaTrustPoints, superset(v_trustPoints[i])))) { log("**** f_initializeMRTD: WARNING: Trustpoint " & v_trustPoints[i] & " not contained in " & c_fileCVCA.filename & " ****"); } } vc_simu.trustedCAs := {oct2char(v_trustPointCertificate.tlvValue.cvCertificateBody.tlvValue.cvCertificateHolderReference.tlvValue)}; vc_simu.trustedCAs := {v_trustPointChr}; f_addTrustedCertificate( f_addTrustedCertificate( oct2char(v_trustPointCertificate.tlvValue.cvCertificateBody.tlvValue.cvCertificateHolderReference.tlvValue), v_trustPointChr, v_trustPointCertificate.tlvValue.cvCertificateBody.tlvValue.cvPublicKey.tlvValue); v_trustPointCertificate.tlvValue.cvCertificateBody.tlvValue.cvPublicKey.tlvValue); } } } f_readFileData(c_fileMRZ, 0, -1, vc_simu.opticalMrz); // Read c_fileCertRefIds f_readFileData(c_fileCertRefIds, 0, -1, v_csvCertRefIds); vc_simu.aisCertRefIds := f_parseCertRefIds(v_csvCertRefIds); f_createDg(c_fileDGCertData, f_encodeCertData(vc_simu.aisCertRefIds)); // Active Authentication // Active Authentication vc_simu.aaHashAlgorithm := e_sha1; vc_simu.aaHashAlgorithm := e_sha1; Loading Loading @@ -1020,6 +1029,21 @@ group AutomaticInterfaceSpecificationFunctions { group AutomaticInterfaceSpecificationFunctions { function f_parseTrustPointIds(in octetstring p_trustPointIds) return ChrList { var ChrList v_trustPointIds := {}; var octetstring v_trustPointId; var integer v_next := 0; do { v_next := f_extractId(p_trustPointIds, v_next, v_trustPointId) + 1; v_trustPointIds[sizeof(v_trustPointIds)] := oct2char(v_trustPointId); } while(v_next < lengthof(p_trustPointIds)); return v_trustPointIds; } function f_parseCertRefIds(in octetstring p_csvCertRefIds) function f_parseCertRefIds(in octetstring p_csvCertRefIds) return AisCertificateReferenceIds { return AisCertificateReferenceIds { Loading ePassport/ttcn/ePassport_Templates.ttcn +0 −1 Original line number Original line Diff line number Diff line Loading @@ -117,7 +117,6 @@ module ePassport_Templates { lengthE := omit lengthE := omit } } //SELECT TEMPLATES 00 a4 02 0c 02 01 1e template CommandSelect mw_selectByFileId (LongFileId v_fileID) := { template CommandSelect mw_selectByFileId (LongFileId v_fileID) := { class := mw_class_00, class := mw_class_00, ins := e_select, ins := e_select, Loading ePassport/ttcn/ePassport_Testcases.ttcn +52 −83 File changed.Preview size limit exceeded, changes collapsed. Show changes ePassport/ttcn/ePassport_Types.ttcn +2 −2 Original line number Original line Diff line number Diff line Loading @@ -89,13 +89,13 @@ module ePassport_Types { type Oct2 LongFileId; type Oct2 LongFileId; type Oct1 ShortFileId; type Oct1 ShortFileId; type record FileInfo { type record ElementFileInfo { charstring filename, charstring filename, ShortFileId shortFileId, ShortFileId shortFileId, LongFileId longFileId LongFileId longFileId }; }; type record of FileInfo FileSet; type record of ElementFileInfo FileSet; type enumerated MrtdConfiguration { type enumerated MrtdConfiguration { e_cfgDfltBac, e_cfgDfltBac, Loading Loading
ePassport/ttcn/ePassport_Altsteps.ttcn +17 −21 Original line number Original line Diff line number Diff line Loading @@ -245,7 +245,7 @@ v_offset := v_readCommand.params.longOffset.offset; v_offset := v_readCommand.params.longOffset.offset; v_dataLength := v_readCommand.lengthE; v_dataLength := v_readCommand.lengthE; v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel], v_offset, v_dataLength, v_data); v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel].filename, v_offset, v_dataLength, v_data); if(v_data == ''O) { if(v_data == ''O) { mrtdport.send(m_responseNOK(c_w1w2WrongParametersP1P2)); mrtdport.send(m_responseNOK(c_w1w2WrongParametersP1P2)); Loading Loading @@ -281,7 +281,7 @@ v_offset := v_readCommand.params.fileIdAndOffset.offset; v_offset := v_readCommand.params.fileIdAndOffset.offset; v_dataLength := v_readCommand.lengthE; v_dataLength := v_readCommand.lengthE; v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel], v_offset, v_dataLength, v_data); v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel].filename, v_offset, v_dataLength, v_data); if(v_data == ''O ) { if(v_data == ''O ) { mrtdport.send(m_responseNOK(v_result)); mrtdport.send(m_responseNOK(v_result)); } } Loading Loading @@ -515,7 +515,7 @@ if(vc_simu.securityStatus != e_noApplication) { if(vc_simu.securityStatus != e_noApplication) { // Reset MRTD settings // Reset MRTD settings f_initializeMRTD(vc_simu.ePassportProfile); f_initializeMRTD(vc_simu.ePassportProfile, vc_simu.passportProtection); } } vc_simu.securityStatus := e_noSecurity; vc_simu.securityStatus := e_noSecurity; Loading Loading @@ -545,8 +545,6 @@ v_challengeResponse := v_command.payload v_challengeResponse := v_command.payload .externalOrMutualAuthenticateData.challengeResponse ; .externalOrMutualAuthenticateData.challengeResponse ; // TODO check vc_simu.rndIcc != omit v_response := f_basicAccessControl(vc_simu.challenge, v_challengeResponse); v_response := f_basicAccessControl(vc_simu.challenge, v_challengeResponse); if(v_response != ''O) { if(v_response != ''O) { mrtdport.send(m_responseRead(v_response)); mrtdport.send(m_responseRead(v_response)); Loading @@ -559,7 +557,7 @@ } // end a_bac } // end a_bac altstep a_readFile(in FileInfo p_file) runs on MRTD { altstep a_readFile(in ElementFileInfo p_file) runs on MRTD { var CommandSelect v_selectCommand; var CommandSelect v_selectCommand; var CommandReadBinary v_readCommand; var CommandReadBinary v_readCommand; Loading Loading @@ -588,7 +586,7 @@ v_offset := v_readCommand.params.longOffset.offset; v_offset := v_readCommand.params.longOffset.offset; v_dataLength := v_readCommand.lengthE; v_dataLength := v_readCommand.lengthE; v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel], v_offset, v_dataLength, v_data); v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel].filename, v_offset, v_dataLength, v_data); mrtdport.send(m_responseReadWithStatus(v_data, v_result)); mrtdport.send(m_responseReadWithStatus(v_data, v_result)); t_ac.start; t_ac.start; repeat; repeat; Loading Loading @@ -618,7 +616,7 @@ v_offset := v_readCommand.params.fileIdAndOffset.offset; v_offset := v_readCommand.params.fileIdAndOffset.offset; v_dataLength := v_readCommand.lengthE; v_dataLength := v_readCommand.lengthE; v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel], v_offset, v_dataLength, v_data); v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel].filename, v_offset, v_dataLength, v_data); if(v_data == ''O ) { if(v_data == ''O ) { mrtdport.send(m_responseNOK(v_result)); mrtdport.send(m_responseNOK(v_result)); } } Loading @@ -640,7 +638,7 @@ repeat; repeat; } } // FIXME Dirty hack. Codec needed. // Manual encoding. Codec needed v_encodedTlv := v_readB1Command.payload.readBinaryWithOffsetDataObjectData.data; v_encodedTlv := v_readB1Command.payload.readBinaryWithOffsetDataObjectData.data; v_encodedLength := oct2int(v_encodedTlv[1]); v_encodedLength := oct2int(v_encodedTlv[1]); Loading @@ -654,7 +652,7 @@ if(ispresent(v_readB1Command.lengthE)) { if(ispresent(v_readB1Command.lengthE)) { v_dataLength := v_readB1Command.lengthE - 1 - lengthof(f_encodeLength(v_readB1Command.lengthE - 2)); // -1 => tag 53 and length field v_dataLength := v_readB1Command.lengthE - 1 - lengthof(f_encodeLength(v_readB1Command.lengthE - 2)); // -1 => tag 53 and length field v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel], v_offset, v_dataLength, v_data); v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel].filename, v_offset, v_dataLength, v_data); } } else { else { v_data := ''O; v_data := ''O; Loading Loading @@ -705,7 +703,7 @@ v_offset := v_readCommand.params.longOffset.offset; v_offset := v_readCommand.params.longOffset.offset; v_dataLength := v_readCommand.lengthE; v_dataLength := v_readCommand.lengthE; v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel], v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel].filename, v_offset, v_dataLength, v_data); v_offset, v_dataLength, v_data); mrtdport.send(m_responseReadWithStatus(v_data, v_result)); mrtdport.send(m_responseReadWithStatus(v_data, v_result)); t_ac.start; t_ac.start; Loading Loading @@ -738,7 +736,7 @@ if(ispresent(v_readCommand.lengthE)) { if(ispresent(v_readCommand.lengthE)) { v_dataLength := v_readCommand.lengthE; v_dataLength := v_readCommand.lengthE; v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel], v_offset, v_dataLength, v_data); v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel].filename, v_offset, v_dataLength, v_data); } } else { else { v_data := ''O; v_data := ''O; Loading Loading @@ -766,7 +764,7 @@ repeat; repeat; } } // FIXME Dirty hack. Codec needed. // Manual encoding. Codec needed v_encodedTlv := v_readB1Command.payload.readBinaryWithOffsetDataObjectData.data; v_encodedTlv := v_readB1Command.payload.readBinaryWithOffsetDataObjectData.data; v_encodedLength := oct2int(v_encodedTlv[1]); v_encodedLength := oct2int(v_encodedTlv[1]); Loading @@ -780,7 +778,7 @@ if(ispresent(v_readB1Command.lengthE)) { if(ispresent(v_readB1Command.lengthE)) { v_dataLength := v_readB1Command.lengthE - 1 - lengthof(f_encodeLength(v_readB1Command.lengthE - 2)); // -1 => tag 53 and length field v_dataLength := v_readB1Command.lengthE - 1 - lengthof(f_encodeLength(v_readB1Command.lengthE - 2)); // -1 => tag 53 and length field v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel], v_offset, v_dataLength, v_data); v_result := f_readFileData(vc_simu.currentFiles[v_logicalChannel].filename, v_offset, v_dataLength, v_data); } } else { else { v_data := ''O; v_data := ''O; Loading @@ -798,7 +796,7 @@ } // end of a_readAnyFile } // end of a_readAnyFile altstep a_refuseFileAccess(in FileInfo p_file) runs on MRTD { altstep a_refuseFileAccess(in ElementFileInfo p_file) runs on MRTD { // SELECT Command // SELECT Command [] mrtdport.receive(mw_selectByFileId(p_file.longFileId)) { [] mrtdport.receive(mw_selectByFileId(p_file.longFileId)) { Loading @@ -814,11 +812,8 @@ repeat; repeat; } } // TODO: receive statements for B1 } // end a_refuseFileAccess } // end a_refuseFileAccess //FIXME: duplicated code altstep a_refuseAnyFileAccess() runs on MRTD { altstep a_refuseAnyFileAccess() runs on MRTD { // SELECT Command // SELECT Command Loading @@ -841,6 +836,7 @@ repeat; repeat; } } // READ Command with DO (using current EF) [] mrtdport.receive(mw_readCurrentEFWithOffsetDataObject) { [] mrtdport.receive(mw_readCurrentEFWithOffsetDataObject) { mrtdport.send(m_responseNOK(c_w1w2NoCurrentEF)); mrtdport.send(m_responseNOK(c_w1w2NoCurrentEF)); repeat; repeat; Loading
ePassport/ttcn/ePassport_Functions.ttcn +69 −45 Original line number Original line Diff line number Diff line Loading @@ -36,6 +36,7 @@ * @see Automatic Interfaces Specification (Version 1.0) - Clause 2. Automatic Interface Proposal * @see Automatic Interfaces Specification (Version 1.0) - Clause 2. Automatic Interface Proposal */ */ external function fx_deactivateProbe(); external function fx_deactivateProbe(); } // end managementExternalFunctions } // end managementExternalFunctions group securityExternalFunctions { group securityExternalFunctions { Loading Loading @@ -180,7 +181,7 @@ */ */ external function fx_extractPublicKey(in octetstring p_dgfile, out octetstring p_publicKey) return KeyAgreementAlgorithm; external function fx_extractPublicKey(in octetstring p_dgfile, out octetstring p_publicKey) return KeyAgreementAlgorithm; /* /** * @desc Compute a Diffie-Hellman shared secret * @desc Compute a Diffie-Hellman shared secret * @param p_privateKeyPicc Private key of peer A * @param p_privateKeyPicc Private key of peer A * @param p_publicKeyPiccAndDomainInfo Public key of peer A (not used) and DH domain info * @param p_publicKeyPiccAndDomainInfo Public key of peer A (not used) and DH domain info Loading Loading @@ -539,16 +540,14 @@ var KeyAgreementAlgorithm v_algo; var KeyAgreementAlgorithm v_algo; var octetstring v_dummy; var octetstring v_dummy; var octetstring v_dg14PrivateKey; var octetstring v_dg14PrivateKey; var FileInfo v_dg14PrFileInfo; var charstring v_dg14PrFile; // a) The shared secret K = KA(SKPICC;^PKPCD;DPICC) = KA(^SKPCD;PKPICC;DPICC) // a) The shared secret K = KA(SKPICC;^PKPCD;DPICC) = KA(^SKPCD;PKPICC;DPICC) // select private key based on key ref // select private key based on key ref v_dg14PrFileInfo := c_filePrCA; if(p_keyReference != ''O) { if(p_keyReference != ''O) { v_dg14PrFileInfo.filename := v_dg14PrFileInfo.filename & "." & oct2str(p_keyReference); v_dg14PrFile := c_filePrCA & "." & oct2str(p_keyReference); } } log(v_dg14PrFileInfo); if(f_readFileData(v_dg14PrFile, 0, -1, v_dg14PrivateKey) == c_w1w2FileOrApplicationNotFound) { if(f_readFileData(v_dg14PrFileInfo, 0, -1, v_dg14PrivateKey) == c_w1w2FileOrApplicationNotFound) { return c_w1w2ReferencedDataOrReferenceDataNotFound; return c_w1w2ReferencedDataOrReferenceDataNotFound; } } v_algo := f_computeSharedSecret(v_dg14PrivateKey, p_publicKeyPcd, v_k); v_algo := f_computeSharedSecret(v_dg14PrivateKey, p_publicKeyPcd, v_k); Loading Loading @@ -589,15 +588,15 @@ function f_readFileData( function f_readFileData( in FileInfo p_fileInfo, in charstring p_filename, in integer p_offset, in integer p_offset, in integer p_dataLength, in integer p_dataLength, out octetstring p_data) out octetstring p_data) return W1W2Status { return W1W2Status { return fx_readFileData(p_fileInfo.filename, p_offset, p_dataLength, p_data); return fx_readFileData(p_filename, p_offset, p_dataLength, p_data); } //end f_readFileData } //end f_readFileData function getFileByLongId(in LongFileId p_longFileId) return FileInfo { function getFileByLongId(in LongFileId p_longFileId) return ElementFileInfo { var integer i; var integer i; for(i:=0; i<sizeof(c_ePassportFiles); i:=i+1) { for(i:=0; i<sizeof(c_ePassportFiles); i:=i+1) { Loading @@ -609,7 +608,7 @@ return c_noFileInfo; return c_noFileInfo; } // end getFileByLongId } // end getFileByLongId function getFileByShortId(in ShortFileId p_shortFileId) return FileInfo { function getFileByShortId(in ShortFileId p_shortFileId) return ElementFileInfo { var integer i; var integer i; for(i:=0; i<sizeof(c_ePassportFiles); i:=i+1) { for(i:=0; i<sizeof(c_ePassportFiles); i:=i+1) { Loading @@ -628,7 +627,7 @@ return fx_readCertificateData(v_fullpath); return fx_readCertificateData(v_fullpath); } // end f_readCertificateData } // end f_readCertificateData function f_createDg(in FileInfo p_fileInfo, in octetstring p_data) { function f_createDg(in ElementFileInfo p_fileInfo, in octetstring p_data) { fx_createDg(p_fileInfo.filename, p_data); fx_createDg(p_fileInfo.filename, p_data); } // end f_createDg } // end f_createDg Loading Loading @@ -680,55 +679,65 @@ group initializationFunctions { group initializationFunctions { function f_initializeMRTD(in charstring p_configurationId) runs on MRTD { function f_initializeMRTD(in charstring p_configurationId, in PassportProtection p_passportProctection) runs on MRTD { var octetstring v_trustPointRaw; var octetstring v_csvCertRefIds; var octetstring v_trustPointsRaw; var octetstring v_cvcaRaw; var octetstring v_cvcaRaw; var ChrList v_cvcaTrustPoints; var ChrList v_cvcaTrustPoints; var octetstring v_csvCertRefIds; var ChrList v_trustPoints; var octetstring v_trustPointRaw; var CvCertificate v_trustPointCertificate; var CvCertificate v_trustPointCertificate; var Chr v_trustPointChr; var integer v_decodeResult; var integer v_decodeResult; var octetstring v_dg1 := ''O; var octetstring v_dg1 := ''O; var integer i; // Load profile // Load profile f_loadPassportConfiguration(p_configurationId); f_loadPassportConfiguration(p_configurationId); vc_simu.ePassportProfile := p_configurationId; vc_simu.ePassportProfile := p_configurationId; // Optical MRZ f_readFileData(c_fileMRZ, 0, -1, vc_simu.opticalMrz); // Prepare Automatic Interface f_readFileData(c_fileCertRefIds, 0, -1, v_csvCertRefIds); vc_simu.aisCertRefIds := f_parseCertRefIds(v_csvCertRefIds); f_createDg(c_fileDGCertData, f_encodeCertData(vc_simu.aisCertRefIds)); // Prepare basic access keys // Prepare basic access keys f_readFileData(c_fileDG1, 0, -1, v_dg1); f_readFileData(c_fileDG1.filename, 0, -1, v_dg1); vc_simu.mrz := f_extractMrzFromDg1(v_dg1); vc_simu.mrz := f_extractMrzFromDg1(v_dg1); f_deriveKeys(f_extractKseedFromMrz(vc_simu.mrz), vc_simu.kEnc, vc_simu.kMac); f_deriveKeys(f_extractKseedFromMrz(vc_simu.mrz), vc_simu.kEnc, vc_simu.kMac); vc_simu.documentNumber := f_extractDocumentNumberFromMrz(vc_simu.mrz); vc_simu.documentNumber := f_extractDocumentNumberFromMrz(vc_simu.mrz); // Initialize ePassport security vc_simu.securityStatus := e_noApplication; vc_simu.securityStatus := e_noApplication; vc_simu.passportProtection := e_bac; vc_simu.passportProtection := p_passportProctection; vc_simu.activeAuthenticationPerformed := false; vc_simu.activeAuthenticationPerformed := false; // Read officialy trusted CHRs from EF.CVCA // Terminal Authentication f_readFileData(c_fileCVCA, 0, -1, v_cvcaRaw); f_readFileData(c_fileCVCA.filename, 0, -1, v_cvcaRaw); v_cvcaTrustPoints := f_decodeCvca(v_cvcaRaw); v_cvcaTrustPoints := f_decodeCvca(v_cvcaRaw); f_readFileData(c_fileTrustPointIds, 0, -1, v_trustPointsRaw); // TODO: Read real trust points v_trustPoints := f_parseTrustPointIds(v_trustPointsRaw); for(i:=0; i < sizeof(v_trustPoints); i:=i+1) { // FIXME: only in case of terminal authentication f_readFileData(v_trustPoints[i], 0, -1, v_trustPointRaw); f_readFileData(c_fileTrustPointCert, 0, -1, v_trustPointRaw); if(v_trustPointRaw != ''O) { if(v_trustPointRaw != ''O) { v_decodeResult := decvalue(oct2bit(v_trustPointRaw), v_trustPointCertificate); v_decodeResult := decvalue(oct2bit(v_trustPointRaw), v_trustPointCertificate); // FIXME check v_decodeREsiult + ispresent v_trustPointChr := oct2char(v_trustPointCertificate.tlvValue.cvCertificateBody.tlvValue.cvCertificateHolderReference.tlvValue); if(oct2char(v_trustPointCertificate.tlvValue.cvCertificateBody.tlvValue.cvCertificateHolderReference.tlvValue) != v_cvcaTrustPoints[0]) { if(v_trustPointChr != v_trustPoints[i]) { log("**** f_initializeMRTD: WARNING: " & c_fileCVCA.filename & " does not match trust points ****"); log("**** f_initializeMRTD: WARNING: " & v_trustPoints[i] & " filename does not match CHR (" & v_trustPointChr & ") ****"); } if(not(match(v_cvcaTrustPoints, superset(v_trustPoints[i])))) { log("**** f_initializeMRTD: WARNING: Trustpoint " & v_trustPoints[i] & " not contained in " & c_fileCVCA.filename & " ****"); } } vc_simu.trustedCAs := {oct2char(v_trustPointCertificate.tlvValue.cvCertificateBody.tlvValue.cvCertificateHolderReference.tlvValue)}; vc_simu.trustedCAs := {v_trustPointChr}; f_addTrustedCertificate( f_addTrustedCertificate( oct2char(v_trustPointCertificate.tlvValue.cvCertificateBody.tlvValue.cvCertificateHolderReference.tlvValue), v_trustPointChr, v_trustPointCertificate.tlvValue.cvCertificateBody.tlvValue.cvPublicKey.tlvValue); v_trustPointCertificate.tlvValue.cvCertificateBody.tlvValue.cvPublicKey.tlvValue); } } } f_readFileData(c_fileMRZ, 0, -1, vc_simu.opticalMrz); // Read c_fileCertRefIds f_readFileData(c_fileCertRefIds, 0, -1, v_csvCertRefIds); vc_simu.aisCertRefIds := f_parseCertRefIds(v_csvCertRefIds); f_createDg(c_fileDGCertData, f_encodeCertData(vc_simu.aisCertRefIds)); // Active Authentication // Active Authentication vc_simu.aaHashAlgorithm := e_sha1; vc_simu.aaHashAlgorithm := e_sha1; Loading Loading @@ -1020,6 +1029,21 @@ group AutomaticInterfaceSpecificationFunctions { group AutomaticInterfaceSpecificationFunctions { function f_parseTrustPointIds(in octetstring p_trustPointIds) return ChrList { var ChrList v_trustPointIds := {}; var octetstring v_trustPointId; var integer v_next := 0; do { v_next := f_extractId(p_trustPointIds, v_next, v_trustPointId) + 1; v_trustPointIds[sizeof(v_trustPointIds)] := oct2char(v_trustPointId); } while(v_next < lengthof(p_trustPointIds)); return v_trustPointIds; } function f_parseCertRefIds(in octetstring p_csvCertRefIds) function f_parseCertRefIds(in octetstring p_csvCertRefIds) return AisCertificateReferenceIds { return AisCertificateReferenceIds { Loading
ePassport/ttcn/ePassport_Templates.ttcn +0 −1 Original line number Original line Diff line number Diff line Loading @@ -117,7 +117,6 @@ module ePassport_Templates { lengthE := omit lengthE := omit } } //SELECT TEMPLATES 00 a4 02 0c 02 01 1e template CommandSelect mw_selectByFileId (LongFileId v_fileID) := { template CommandSelect mw_selectByFileId (LongFileId v_fileID) := { class := mw_class_00, class := mw_class_00, ins := e_select, ins := e_select, Loading
ePassport/ttcn/ePassport_Testcases.ttcn +52 −83 File changed.Preview size limit exceeded, changes collapsed. Show changes
ePassport/ttcn/ePassport_Types.ttcn +2 −2 Original line number Original line Diff line number Diff line Loading @@ -89,13 +89,13 @@ module ePassport_Types { type Oct2 LongFileId; type Oct2 LongFileId; type Oct1 ShortFileId; type Oct1 ShortFileId; type record FileInfo { type record ElementFileInfo { charstring filename, charstring filename, ShortFileId shortFileId, ShortFileId shortFileId, LongFileId longFileId LongFileId longFileId }; }; type record of FileInfo FileSet; type record of ElementFileInfo FileSet; type enumerated MrtdConfiguration { type enumerated MrtdConfiguration { e_cfgDfltBac, e_cfgDfltBac, Loading
