def _getPubKey(self, mrz_value): """ Calls the method getPubKey() from signEverything @return: The public key (DG15) """ self._bac = bac.BAC(self._iso7816) return SignEverything(self._iso7816).getPubKey(self._bac, mrz_value)
def setKseed(self, dg1): l2 = dg1["5F1F"][44:] b = bac.BAC(None) m = mrz.MRZ(l2) m.checkMRZ() kseed = binToHexRep(b.mrz_information(m)) toSend = CommandAPDU("10", "A7", "00", "00", "18", kseed, "") self._iso7816.transmit(toSend, "Set KSeed") self.log("Kseed set")
def __init__(self, iso7816): Logger.__init__(self, "SIGN EVERYTHING ATTACK") self._iso7816 = iso7816 if type(self._iso7816) != type(Iso7816(None)): raise SignEverythingException("The sublayer iso7816 is not available") self._iso7816.rstConnection() self._bac = bac.BAC(iso7816) self._openssl = OpenSSL()
def __init__(self, reader, epMrz=None): """ This object provide most of the functionnalities described in the EPassport document. - The basic acces control + secure messaging - The active authentication - The passive authentication - Reading of the various dataGroups @param reader: It can be a reader or a path to dumps @type reader: A reader object, then it will use the specified rfid reader. A string, then the simulator will read the dumps from the specified url. @param mrz: An object representing the passport MRZ. @type mrz: An MRZ object """ logger.Logger.__init__(self, "EPassport") if epMrz: self._mrz = mrz.MRZ(epMrz) if self._mrz.checkMRZ() == False: raise EPassportException("Invalid MRZ") else: self._mrz = None self._iso7816 = iso7816.Iso7816(reader) self._iso7816.register(self._logFct) self._dgReader = datagroup.DataGroupReaderFactory().create( self._iso7816) self._dgReader.register(self._logFct) self._bac = bac.BAC(self._iso7816) self._bac.register(self._logFct) self._openSSL = openssl.OpenSSL() self._openSSL.register(self._logFct) self._aa = activeauthentication.ActiveAuthentication( self._iso7816, self._openSSL) self._aa.register(self._logFct) self._pa = passiveauthentication.PassiveAuthentication(self._openSSL) self._pa.register(self._logFct) self._CSCADirectory = None self._selectPassportApp()
def performBAC(self): try: if self.mrz.buildMRZ(): self.reset() self.init() basic_access_control = bac.BAC(self._iso7816) ( KSenc, KSmac, ssc ) = basic_access_control.authenticationAndEstablishmentOfSessionKeys( mrz.MRZ(self.mrz.buildMRZ())) sm = securemessaging.SecureMessaging(KSenc, KSmac, ssc) self._iso7816.setCiphering(sm) self.writeToLog("CIPHERING SET:\n{0}".format(sm)) else: tkMessageBox.showerror("Error: BAC", "You have to set the proper MRZ first") except Exception, msg: tkMessageBox.showerror("Error: BAC", str(msg))
def genBACKeys(self): try: if self.mrz.buildMRZ(): basic_access_control = bac.BAC(self._iso7816) mrz_to_send = mrz.MRZ(self.mrz.buildMRZ()) mrz_to_send.checkMRZ() (Kenc, Kmac ) = basic_access_control.derivationOfDocumentBasicAccesKeys( mrz_to_send) Kenc = binToHexRep(Kenc) Kmac = binToHexRep(Kmac) self.writeToLog( "GENERATE THE BAC KEYS:\n Kenc: {0}\n Kmac: {1}".format( Kenc, Kmac)) self.field1Form.delete(0, END) self.field1Form.insert(0, Kenc) self.field2Form.delete(0, END) self.field2Form.insert(0, Kmac) else: tkMessageBox.showerror("Error: Generate BAC keys", "You have to set the proper MRZ first") except Exception, msg: tkMessageBox.showerror("Error: BAC", str(msg))