OpenPACE
pace.h
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2010-2012 Frank Morgner and Dominik Oepen
3  *
4  * This file is part of OpenPACE.
5  *
6  * OpenPACE is free software: you can redistribute it and/or modify it under
7  * the terms of the GNU General Public License as published by the Free
8  * Software Foundation, either version 3 of the License, or (at your option)
9  * any later version.
10  *
11  * OpenPACE is distributed in the hope that it will be useful, but WITHOUT ANY
12  * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
13  * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
14  * details.
15  *
16  * You should have received a copy of the GNU General Public License along with
17  * OpenPACE. If not, see <http://www.gnu.org/licenses/>.
18  */
19 
37 #ifndef PACE_H_
38 #define PACE_H_
39 
40 #include "eac.h"
41 #include <openssl/bn.h>
42 #include <openssl/buffer.h>
43 
44 #ifdef __cplusplus
45 extern "C" {
46 #endif
47 
49 enum s_type {
52  PACE_MRZ = 1,
66 };
67 
69 typedef struct pace_sec {
71  enum s_type type;
73  BUF_MEM *mem;
75  BUF_MEM *encoded;
76 } PACE_SEC;
77 
100 PACE_SEC *
101 PACE_SEC_new(const char *sec, size_t sec_len, enum s_type type);
102 
112 int
113 PACE_SEC_print_private(BIO *out, const PACE_SEC *sec, int indent);
131 BUF_MEM * PACE_STEP1_enc_nonce(const EAC_CTX * ctx, const PACE_SEC * pi);
143 int PACE_STEP2_dec_nonce(const EAC_CTX * ctx, const PACE_SEC * pi,
144  const BUF_MEM * enc_nonce);
156 BUF_MEM *
168 int
169 PACE_STEP3A_map_generator(const EAC_CTX * ctx, const BUF_MEM * in);
190 int
191 PACE_STEP3B_compute_shared_secret(const EAC_CTX * ctx, const BUF_MEM * in);
201 int PACE_STEP3C_derive_keys(const EAC_CTX *ctx);
214  const BUF_MEM *pub);
227  const BUF_MEM * token);
228 
232 #ifdef __cplusplus
233 }
234 #endif
235 #endif
int PACE_STEP2_dec_nonce(const EAC_CTX *ctx, const PACE_SEC *pi, const BUF_MEM *enc_nonce)
Decrypt the nonce from the other party.
int PACE_STEP3A_map_generator(const EAC_CTX *ctx, const BUF_MEM *in)
Map to the ephemeral domain parameters.
BUF_MEM * PACE_STEP3B_generate_ephemeral_key(EAC_CTX *ctx)
Generate a keypair for key agreement.
Interface for Extended Access Control.
s_type
Type of the secret.
Definition: pace.h:49
Undefined type, if nothing else matches.
Definition: pace.h:65
PUK is the Personal Unblocking key. This type of secret is used when the card is suspended due to too...
Definition: pace.h:60
void PACE_SEC_clear_free(PACE_SEC *s)
Free a PACE secret.
enum s_type type
Type of the secret.
Definition: pace.h:71
int PACE_SEC_print_private(BIO *out, const PACE_SEC *sec, int indent)
Print PACE_SEC object including private secret.
BUF_MEM * PACE_STEP1_enc_nonce(const EAC_CTX *ctx, const PACE_SEC *pi)
Generates and encrypts a nonce.
int PACE_STEP3B_compute_shared_secret(const EAC_CTX *ctx, const BUF_MEM *in)
Compute the shared secret for key agreement.
PIN is the Personal Identification Number, a secret known only to the user and not printed on the car...
Definition: pace.h:57
PACE_SEC * PACE_SEC_new(const char *sec, size_t sec_len, enum s_type type)
Create and initialize a new PACE secret.
Context for the Extended Access Control protocol.
Definition: eac.h:324
MRZ is the Machine Readable Zone, printed on the card, encoding the personal information of the user...
Definition: pace.h:52
BUF_MEM * PACE_STEP3D_compute_authentication_token(const EAC_CTX *ctx, const BUF_MEM *pub)
Compute the authentication token from domain parameters and public key.
int PACE_STEP3D_verify_authentication_token(const EAC_CTX *ctx, const BUF_MEM *token)
Verifies an authentication token.
This type of secret is not defined in BSI TR-03110. We use it as a generic type, so we can use PACE i...
Definition: pace.h:63
BUF_MEM * encoded
Encoded secret.
Definition: pace.h:75
Shared secret for PACE.
Definition: pace.h:69
struct pace_sec PACE_SEC
Shared secret for PACE.
BUF_MEM * PACE_STEP3A_generate_mapping_data(const EAC_CTX *ctx)
Generate a mapping data to perform the mapping to ephemeral domain parameters.
int PACE_STEP3C_derive_keys(const EAC_CTX *ctx)
Derives encryption and authentication keys.
CAN is the Card access number printed on the card.
Definition: pace.h:54
BUF_MEM * mem
Raw secret.
Definition: pace.h:73