Loading ePassport/ttcn/ePassport_Functions.ttcn +24 −10 Original line number Diff line number Diff line Loading @@ -25,18 +25,18 @@ /** * @desc Derive key seed from MRZ information fields (document number, date of birth and date of expiry) * @param p_MRZ MRZ * @param p_Kseed Calculated Kenc * @param p_mrz MRZ * @param p_kSeed Calculated Kenc */ external function fx_deriveKeySeedFromMRZ( in octetstring p_MRZ, out octetstring p_Kseed); external function fx_deriveKeySeedFromMRZ( in octetstring p_mrz, out octetstring p_kSeed); /** * @desc Derive Kenc (KencA+KencB) and Kmac (KmacA+KmacB) keys from key seed. * @param p_Kseed Key seed * @param p_Kenc Calculated Kenc * @param p_Kmac Calculated Kmac * @param p_kSeed Key seed * @param p_kEnc Calculated Kenc * @param p_kMac Calculated Kmac */ external function fx_deriveBasicAccessKeysFromKeySeed( in octetstring p_Kseed, out octetstring p_Kenc, out octetstring p_Kmac); external function fx_deriveBasicAccessKeysFromKeySeed( in octetstring p_kSeed, out octetstring p_kEnc, out octetstring p_kMac); /** * @desc Set the master key for message encryption between ePassport and IS Loading Loading @@ -138,11 +138,19 @@ } // end f_generateRandomOctetstring function f_extractKseedFromMrz(in octetstring p_mrz) return octetstring { var octetstring v_kSeed; fx_deriveKeySeedFromMRZ(p_mrz, v_kSeed); return v_kSeed; } function f_deriveKeys( in octetstring p_keySeed, out octetstring p_keyEnc, out octetstring p_keyMac) { // TODO return fx_deriveBasicAccessKeysFromKeySeed(p_keySeed, p_keyEnc, p_keyMac); } // end f_deriveKeys // ISO/IEC 9797-1 MAC Algorithm 3 Loading Loading @@ -282,14 +290,13 @@ function f_chipAuthentication(in octetstring p_publicKeyPcd) runs on MRTD { var octetstring v_k; var octetstring v_kEnc, v_kMac; var octetstring v_h; // a) The shared secret K = KA(SKPICC;^PKPCD;DPICC) = KA(^SKPCD;PKPICC;DPICC) v_k := f_computeSharedSecret(vc_simu.privateKey, p_publicKeyPcd); // b) The session keys KMAC and KEnc derived from K for Secure Messaging. f_deriveKeys(v_k, v_kEnc, v_kMac); f_deriveKeys(v_k, vc_simu.kEnc, vc_simu.kMac); // c) The hash of the inspection system's ephemeral public key H(^PKPCD) for Terminal Authentication. v_h := f_digest(e_sha1, p_publicKeyPcd); // FIXME Loading Loading @@ -348,8 +355,15 @@ function f_initializeMRTD(in charstring p_configurationId) runs on MRTD { var octetstring v_mrz; // Load filesystem f_loadPassportConfiguration(p_configurationId); // Prepare security elements f_readFileData(c_fileMRZ, 0, -1, v_mrz); f_deriveKeys(f_extractKseedFromMrz(v_mrz), vc_simu.kEnc, vc_simu.kMac); } // end f_initializeMRTD Loading ePassport/ttcn/ePassport_Types.ttcn +1 −0 Original line number Diff line number Diff line Loading @@ -786,3 +786,4 @@ module ePassport_Types { } // end group commandTypesGroup } } ePassport/ttcn/ePassport_Values.ttcn +1 −0 Original line number Diff line number Diff line Loading @@ -25,6 +25,7 @@ module ePassport_Values { group fileConstants { const FileInfo c_noFileInfo := {filename := "", shortFileId := '00'O, longFileId := '0000'O}; const FileInfo c_fileMRZ := {filename := "MRZ", shortFileId := '00'O, longFileId := '0000'O}; const FileInfo c_fileDG1 := {filename := "EF.DG1", shortFileId := '01'O, longFileId := '0101'O}; const FileInfo c_fileDG2 := {filename := "EF.DG2", shortFileId := '02'O, longFileId := '0102'O}; const FileInfo c_fileDG3 := {filename := "EF.DG3", shortFileId := '03'O, longFileId := '0103'O}; Loading Loading
ePassport/ttcn/ePassport_Functions.ttcn +24 −10 Original line number Diff line number Diff line Loading @@ -25,18 +25,18 @@ /** * @desc Derive key seed from MRZ information fields (document number, date of birth and date of expiry) * @param p_MRZ MRZ * @param p_Kseed Calculated Kenc * @param p_mrz MRZ * @param p_kSeed Calculated Kenc */ external function fx_deriveKeySeedFromMRZ( in octetstring p_MRZ, out octetstring p_Kseed); external function fx_deriveKeySeedFromMRZ( in octetstring p_mrz, out octetstring p_kSeed); /** * @desc Derive Kenc (KencA+KencB) and Kmac (KmacA+KmacB) keys from key seed. * @param p_Kseed Key seed * @param p_Kenc Calculated Kenc * @param p_Kmac Calculated Kmac * @param p_kSeed Key seed * @param p_kEnc Calculated Kenc * @param p_kMac Calculated Kmac */ external function fx_deriveBasicAccessKeysFromKeySeed( in octetstring p_Kseed, out octetstring p_Kenc, out octetstring p_Kmac); external function fx_deriveBasicAccessKeysFromKeySeed( in octetstring p_kSeed, out octetstring p_kEnc, out octetstring p_kMac); /** * @desc Set the master key for message encryption between ePassport and IS Loading Loading @@ -138,11 +138,19 @@ } // end f_generateRandomOctetstring function f_extractKseedFromMrz(in octetstring p_mrz) return octetstring { var octetstring v_kSeed; fx_deriveKeySeedFromMRZ(p_mrz, v_kSeed); return v_kSeed; } function f_deriveKeys( in octetstring p_keySeed, out octetstring p_keyEnc, out octetstring p_keyMac) { // TODO return fx_deriveBasicAccessKeysFromKeySeed(p_keySeed, p_keyEnc, p_keyMac); } // end f_deriveKeys // ISO/IEC 9797-1 MAC Algorithm 3 Loading Loading @@ -282,14 +290,13 @@ function f_chipAuthentication(in octetstring p_publicKeyPcd) runs on MRTD { var octetstring v_k; var octetstring v_kEnc, v_kMac; var octetstring v_h; // a) The shared secret K = KA(SKPICC;^PKPCD;DPICC) = KA(^SKPCD;PKPICC;DPICC) v_k := f_computeSharedSecret(vc_simu.privateKey, p_publicKeyPcd); // b) The session keys KMAC and KEnc derived from K for Secure Messaging. f_deriveKeys(v_k, v_kEnc, v_kMac); f_deriveKeys(v_k, vc_simu.kEnc, vc_simu.kMac); // c) The hash of the inspection system's ephemeral public key H(^PKPCD) for Terminal Authentication. v_h := f_digest(e_sha1, p_publicKeyPcd); // FIXME Loading Loading @@ -348,8 +355,15 @@ function f_initializeMRTD(in charstring p_configurationId) runs on MRTD { var octetstring v_mrz; // Load filesystem f_loadPassportConfiguration(p_configurationId); // Prepare security elements f_readFileData(c_fileMRZ, 0, -1, v_mrz); f_deriveKeys(f_extractKseedFromMrz(v_mrz), vc_simu.kEnc, vc_simu.kMac); } // end f_initializeMRTD Loading
ePassport/ttcn/ePassport_Types.ttcn +1 −0 Original line number Diff line number Diff line Loading @@ -786,3 +786,4 @@ module ePassport_Types { } // end group commandTypesGroup } }
ePassport/ttcn/ePassport_Values.ttcn +1 −0 Original line number Diff line number Diff line Loading @@ -25,6 +25,7 @@ module ePassport_Values { group fileConstants { const FileInfo c_noFileInfo := {filename := "", shortFileId := '00'O, longFileId := '0000'O}; const FileInfo c_fileMRZ := {filename := "MRZ", shortFileId := '00'O, longFileId := '0000'O}; const FileInfo c_fileDG1 := {filename := "EF.DG1", shortFileId := '01'O, longFileId := '0101'O}; const FileInfo c_fileDG2 := {filename := "EF.DG2", shortFileId := '02'O, longFileId := '0102'O}; const FileInfo c_fileDG3 := {filename := "EF.DG3", shortFileId := '03'O, longFileId := '0103'O}; Loading
