def authenticationAndEstablishmentOfSessionKeys(self, mrz):
"""
Execute the complete BAC process:
- Derivation of the document basic acces keys
- Mutual authentication
- Derivation of the session keys
@param mrz: The machine readable zone of the passport
@type mrz: an MRZ object
@return: A set composed of (KSenc, KSmac, ssc)
@raise MRZException: I{The mrz length is invalid}: The mrz parameter is not valid.
@raise BACException: I{Wrong parameter, mrz must be an MRZ object}: The parameter is invalid.
@raise BACException: I{The mrz has not been checked}: Call the I{checkMRZ} before this method call.
@raise BACException: I{The sublayer iso7816 is not available}: Check the object init parameter, it takes an iso7816 object
"""
if type(mrz) != type(MRZ(None)):
raise BACException("Wrong parameter, mrz must be an MRZ object")
if not mrz.checked:
mrz.checkMRZ()
if type(self._iso7816) != type(Iso7816(None)):
raise BACException("The sublayer iso7816 is not available")
try:
self.derivationOfDocumentBasicAccesKeys(mrz)
rnd_icc = self._iso7816.getChallenge()
cmd_data = self.authentication(rnd_icc)
data = self._mutualAuthentication(cmd_data)
return self.sessionKeys(data)
except Exception as msg:
raise msg
def setMRZ(self, mrz):
"""Set the MRZ
@param MRZ: MRZ used for the legitimate BAC
@type MRZ: A string of the MRZ
"""
self._mrz = MRZ(mrz)
if self._mrz.checkMRZ():
try:
self._bac.authenticationAndEstablishmentOfSessionKeys(
self._mrz)
self._iso7816.rstConnection()
return True
except BACException, msg:
raise MacTraceabilityException("Wrong MRZ")
