Loading ePassport/ttcn/ePassport_Functions.ttcn +26 −14 Original line number Diff line number Diff line Loading @@ -41,11 +41,11 @@ external function fx_deriveBasicAccessKeysFromKeySeed(in octetstring p_kSeed, out octetstring p_kEnc, out octetstring p_kMac); /** * @desc Set the master key for message encryption between ePassport and IS * @remark The master key is the concatenation of two length fixed key * @param The master key to used, derived from kenc and Kmac) * @desc Set the master key for message encryption/authentication between ePassport and IS * @remark The master key is the concatenation of two length fixed keys * @param The master key to used(concatenation of Kenc and Kmac) */ external function fx_setEncrypKeyFor3DES( in octetstring p_masterKey); external function fx_setKeysForSecureMessaging(in octetstring p_masterKey); /** * @desc Set the Send Sequence Counter used for Message Authentication Loading Loading @@ -94,10 +94,10 @@ /** * @desc Generate a pseudo-random vector as described in RFC2246 * @param p_stringSize Sieze of the random vector * @param p_stringSize Size of the random vector * @return A random vector */ external function fx_randomOctetstring( integer p_stringSize ) return octetstring; external function fx_randomOctetstring(in integer p_stringSize) return octetstring; /** * @desc Compute a cryptographic checksum using ISO/IEC 9797-1 MAC algorithm 3 Loading Loading @@ -236,7 +236,11 @@ v_kb := substr(p_keyPair, v_keyLen, v_keyLen); return p_keyPair & v_ka; // Ka || Kb || Ka } } // end f_build3DesKey function f_setKeysForSecureMessaging(in octetstring p_masterKey) { fx_setKeysForSecureMessaging(p_masterKey); } // end f_setKeysForSecureMessaging function f_basicAccessControl(in octetstring p_rndIcc, in octetstring p_challengeResponse) runs on MRTD Loading @@ -247,7 +251,7 @@ var octetstring v_s, v_r; var octetstring v_rndIfd; var octetstring v_keyIfd, v_keyIcc; var octetstring v_receivedRndIcc, v_computedMacIcc; var octetstring v_receivedRndIcc, v_computedMacIfd; var octetstring v_respData; var octetstring v_kSeed; var octetstring v_ssc; Loading @@ -257,8 +261,11 @@ v_macIfd := substr(p_challengeResponse, v_encryptedIfdLength, c_bacMacSize); // a) Check the checksum M_IFD of the cryptogram E_IFD. v_computedMacIcc := f_cryptographicChecksum(vc_simu.kMac, v_encryptedIcc); // TODO: if() v_computedMacIfd := f_cryptographicChecksum(vc_simu.kMac, v_encryptedIfd); if(not match(v_computedMacIfd, v_macIfd)) { //TODO return ''O; } // b) Decrypt the cryptogram E_IFD. v_s := f_decrypt(f_build3DesKey(vc_simu.kEnc), v_encryptedIfd); Loading @@ -267,7 +274,10 @@ v_rndIfd := substr(v_s, 0, c_bacNonceSize); v_receivedRndIcc := substr(v_s, c_bacNonceSize, c_bacNonceSize); v_keyIfd := substr(v_s, 2*c_bacNonceSize, c_bacKeySize); // TODO: if() if(not match(v_receivedRndIcc, p_rndIcc)) { //TODO return ''O; } // d) Generate keying material K.ICC. v_keyIcc := f_generateRandomOctetstring(c_bacKeySize); Loading Loading @@ -406,6 +416,8 @@ f_readFileData(c_fileMRZ, 0, -1, v_mrz); f_deriveKeys(f_extractKseedFromMrz(v_mrz), vc_simu.kEnc, vc_simu.kMac); f_setKeysForSecureMessaging(vc_simu.kEnc & vc_simu.kMac); } // end f_initializeMRTD Loading ePassport/ttcn/ePassport_MainModule.ttcn +2 −1 Original line number Diff line number Diff line Loading @@ -25,6 +25,7 @@ module ePassport_MainModule { execute(TC_LDS_F04()); execute(TC_LDS_H37()); execute(TC_Fake_For_Test()); execute(TC_checkBac()); } } with { Loading ePassport/ttcn/ePassport_Testcases.ttcn +2 −2 Original line number Diff line number Diff line Loading @@ -484,7 +484,7 @@ module ePassport_Testcases { var octetstring v_s, v_r; var octetstring v_rndIfd; var octetstring v_keyIfd, v_keyIcc; var octetstring v_receivedRndIcc, v_computedMacIcc; var octetstring v_receivedRndIcc, v_computedMacIfd; var octetstring v_respData; var octetstring v_kSeed; var octetstring v_ssc; Loading @@ -496,7 +496,7 @@ module ePassport_Testcases { v_macIfd := substr(v_challengeResponse, v_encryptedIfdLength, c_bacMacSize); // a) Check the checksum M_IFD of the cryptogram E_IFD. v_computedMacIcc := f_cryptographicChecksum(vc_simu.kMac, v_encryptedIcc); v_computedMacIfd := f_cryptographicChecksum(vc_simu.kMac, v_encryptedIfd); // b) Decrypt the cryptogram E_IFD. v_s := f_decrypt(f_build3DesKey(vc_simu.kEnc), v_encryptedIfd); Loading Loading
ePassport/ttcn/ePassport_Functions.ttcn +26 −14 Original line number Diff line number Diff line Loading @@ -41,11 +41,11 @@ external function fx_deriveBasicAccessKeysFromKeySeed(in octetstring p_kSeed, out octetstring p_kEnc, out octetstring p_kMac); /** * @desc Set the master key for message encryption between ePassport and IS * @remark The master key is the concatenation of two length fixed key * @param The master key to used, derived from kenc and Kmac) * @desc Set the master key for message encryption/authentication between ePassport and IS * @remark The master key is the concatenation of two length fixed keys * @param The master key to used(concatenation of Kenc and Kmac) */ external function fx_setEncrypKeyFor3DES( in octetstring p_masterKey); external function fx_setKeysForSecureMessaging(in octetstring p_masterKey); /** * @desc Set the Send Sequence Counter used for Message Authentication Loading Loading @@ -94,10 +94,10 @@ /** * @desc Generate a pseudo-random vector as described in RFC2246 * @param p_stringSize Sieze of the random vector * @param p_stringSize Size of the random vector * @return A random vector */ external function fx_randomOctetstring( integer p_stringSize ) return octetstring; external function fx_randomOctetstring(in integer p_stringSize) return octetstring; /** * @desc Compute a cryptographic checksum using ISO/IEC 9797-1 MAC algorithm 3 Loading Loading @@ -236,7 +236,11 @@ v_kb := substr(p_keyPair, v_keyLen, v_keyLen); return p_keyPair & v_ka; // Ka || Kb || Ka } } // end f_build3DesKey function f_setKeysForSecureMessaging(in octetstring p_masterKey) { fx_setKeysForSecureMessaging(p_masterKey); } // end f_setKeysForSecureMessaging function f_basicAccessControl(in octetstring p_rndIcc, in octetstring p_challengeResponse) runs on MRTD Loading @@ -247,7 +251,7 @@ var octetstring v_s, v_r; var octetstring v_rndIfd; var octetstring v_keyIfd, v_keyIcc; var octetstring v_receivedRndIcc, v_computedMacIcc; var octetstring v_receivedRndIcc, v_computedMacIfd; var octetstring v_respData; var octetstring v_kSeed; var octetstring v_ssc; Loading @@ -257,8 +261,11 @@ v_macIfd := substr(p_challengeResponse, v_encryptedIfdLength, c_bacMacSize); // a) Check the checksum M_IFD of the cryptogram E_IFD. v_computedMacIcc := f_cryptographicChecksum(vc_simu.kMac, v_encryptedIcc); // TODO: if() v_computedMacIfd := f_cryptographicChecksum(vc_simu.kMac, v_encryptedIfd); if(not match(v_computedMacIfd, v_macIfd)) { //TODO return ''O; } // b) Decrypt the cryptogram E_IFD. v_s := f_decrypt(f_build3DesKey(vc_simu.kEnc), v_encryptedIfd); Loading @@ -267,7 +274,10 @@ v_rndIfd := substr(v_s, 0, c_bacNonceSize); v_receivedRndIcc := substr(v_s, c_bacNonceSize, c_bacNonceSize); v_keyIfd := substr(v_s, 2*c_bacNonceSize, c_bacKeySize); // TODO: if() if(not match(v_receivedRndIcc, p_rndIcc)) { //TODO return ''O; } // d) Generate keying material K.ICC. v_keyIcc := f_generateRandomOctetstring(c_bacKeySize); Loading Loading @@ -406,6 +416,8 @@ f_readFileData(c_fileMRZ, 0, -1, v_mrz); f_deriveKeys(f_extractKseedFromMrz(v_mrz), vc_simu.kEnc, vc_simu.kMac); f_setKeysForSecureMessaging(vc_simu.kEnc & vc_simu.kMac); } // end f_initializeMRTD Loading
ePassport/ttcn/ePassport_MainModule.ttcn +2 −1 Original line number Diff line number Diff line Loading @@ -25,6 +25,7 @@ module ePassport_MainModule { execute(TC_LDS_F04()); execute(TC_LDS_H37()); execute(TC_Fake_For_Test()); execute(TC_checkBac()); } } with { Loading
ePassport/ttcn/ePassport_Testcases.ttcn +2 −2 Original line number Diff line number Diff line Loading @@ -484,7 +484,7 @@ module ePassport_Testcases { var octetstring v_s, v_r; var octetstring v_rndIfd; var octetstring v_keyIfd, v_keyIcc; var octetstring v_receivedRndIcc, v_computedMacIcc; var octetstring v_receivedRndIcc, v_computedMacIfd; var octetstring v_respData; var octetstring v_kSeed; var octetstring v_ssc; Loading @@ -496,7 +496,7 @@ module ePassport_Testcases { v_macIfd := substr(v_challengeResponse, v_encryptedIfdLength, c_bacMacSize); // a) Check the checksum M_IFD of the cryptogram E_IFD. v_computedMacIcc := f_cryptographicChecksum(vc_simu.kMac, v_encryptedIcc); v_computedMacIfd := f_cryptographicChecksum(vc_simu.kMac, v_encryptedIfd); // b) Decrypt the cryptogram E_IFD. v_s := f_decrypt(f_build3DesKey(vc_simu.kEnc), v_encryptedIfd); Loading
