def get_authentication_token(self):
ret = eac.PACE_STEP3D_compute_authentication_token(
self.ctx, self._opp_pubkey)
if (not ret):
raise PACEException("Failed to compute authentication token")
if (eac.EAC_CTX_set_encryption_ctx(self.ctx, eac.EAC_ID_PACE) == 0):
raise PACEException(
"Failed to initialize Secure Messaging context")
return ret
def verify_authentication_token(self, token):
ret = eac.PACE_STEP3D_verify_authentication_token(self.ctx, token)
if (not ret):
raise PACEException("Failed to verify authentication token")
if (eac.EAC_CTX_set_encryption_ctx(self.ctx, eac.EAC_ID_PACE) == 0):
raise PACEException(
"Failed to initialize Secure Messaging context")
# PICC starts with ssc = 1
if not eac.EAC_increment_ssc(self.ctx):
raise PACEException("Failed to incremement ssc")
return ret
def parse_SM_CAPDU(self, CAPDU, header_authentication):
if hasattr(self.current_SE, "new_encryption_ctx"):
if self.current_SE.new_encryption_ctx == eac.EAC_ID_PACE:
protocol = "PACE"
else:
protocol = "CA"
print "switching to new encryption context established in %s:" % protocol
print eac.EAC_CTX_print_private(self.current_SE.eac_ctx, 4)
eac.EAC_CTX_set_encryption_ctx(self.current_SE.eac_ctx,
self.current_SE.new_encryption_ctx)
delattr(self.current_SE, "new_encryption_ctx")
eac.EAC_increment_ssc(self.current_SE.eac_ctx)
return SAM.parse_SM_CAPDU(self, CAPDU, 1)
def EAC_CTX_set_encryption_ctx(self):
eac.EAC_CTX_set_encryption_ctx(self.ctx, eac.EAC_ID_PACE)