def __getitem__(self, tag):
"""
@param tag: A Valid tag representing a dataGroup
@type tag: A string
@return: The datagroup object representing this dataGroup
@raise DataGroupException: If the tag is not linked to any dataGroup, or if an error occurs during the parsing
@raise APDUException: If an error occurs during the APDU transmit.
Try to read the DataGroup specified by the parameter 'tag'.
If the DG is already read, the DG is directly returned,
else the DG is read then returned
If there is a Security status not satisfied error,
the mutual authentication is run.
If there is no error during the mutualAuth, the APDU is resend else,
the error is propagated: there surely is an error in the MRZ field value
Please refer to ICAO Doc9303 Part 1 Volume 2, p III-28 for the complete
DataGroup <-> Tag correspondance
or have a look to the pypassport.datagroup.converter.py file
"""
self.log("getitem " + tag)
tag = converter.toTAG(tag)
self.log("getitem converted " + tag)
if tag not in self:
try:
tag = converter.toTAG(tag)
return self._getDG(tag)
except iso7816.Iso7816Exception as exc:
if exc[1] == 105 and exc[2] == 130:
#Security status not satisfied TODO support multiple levels of secure messaging
if self.isSecureMessaging:
self.log(
"Security status not satisfied, while secure messaging. Will reset connection"
)
self.reset()
raise exc
self.log("Enabling Secure Messaging")
self.doBasicAccessControl()
return self._getDG(tag)
else:
raise datagroup.DataGroupException(str(exc))
except KeyError:
raise datagroup.DataGroupException("The data group '" +
str(tag) +
"' does not exist")
except Exception as msg:
self.log(msg)
traceback.print_exc()
else:
return super(EPassport, self).__getitem__(tag)
def _getDG(self, tag):
"""
Read the dataGroup file specified by the parameter 'tag', then try to parse it.
The dataGroup object is then stored in the object dictionnary.
@param tag: The dataGroup identifier to read (see the dataGroups.converter for all valid representations)
@type tag: A string
@return: An dataGroup object if the file is read with success.
@rtype: An DataGroupXX object
@raise DataGroupException: If a wrong DataGroup is requested
"""
try:
self.log("Reading " + converter.toDG(tag))
dgFile = self._dgReader.readDG(tag)
self.log("File " + str(dgFile))
dg = datagroup.DataGroupFactory().create(dgFile)
self.log("DG " + str(dg))
self.__setitem__(dg.tag, dg)
return dg
except IOError as msg:
self.log("Reading error: " + str(msg))
raise datagroup.DataGroupException(msg)
def doVerifyDGIntegrity(self, dgs=None):
"""
Execute the second part of the passive authentication: The verification of the dataGroups integrity.
@raise dgException: If the data groups could not be read
@raise paException: If the object is badly configured
@raise openSSLException: See the openssl documentation
"""
res = None
try:
sod = self.readSod()
if dgs == None:
dgs = self.readDataGroups()
res = self._pa.executePA(sod, dgs)
return res
except datagroup.DataGroupException as msg:
res = msg
raise datagroup.DataGroupException(msg)
except passiveauthentication.PassiveAuthenticationException as msg:
res = msg
raise passiveauthentication.PassiveAuthenticationException(msg)
except openssl.OpenSSLException as msg:
res = msg
raise openssl.OpenSSLException(msg)
except Exception as msg:
res = msg
finally:
self.log("Data Groups integrity verification: " + str(res))
def doActiveAuthentication(self, dg15=None):
"""
Execute the active authentication protocol.
@return: A boolean if the test complete.
@raise aaException: If the hash algo is not supported or if the AA is not supported.
@raise openSSLException: See the openssl documentation
@raise SimIso7816Exception: The AA is not possible with the simulator
"""
res = ""
try:
if dg15 == None:
dg15 = self["DG15"]
res = self._aa.executeAA(dg15)
return res
except datagroup.DataGroupException as msg:
res = msg
raise datagroup.DataGroupException(msg)
except openssl.OpenSSLException as msg:
res = msg
raise openssl.OpenSSLException(msg)
except Exception as msg:
res = msg
raise activeauthentication.ActiveAuthenticationException(msg)
finally:
self.log("Active Authentication: " + str(res))
def __getitem__(self, tag):
"""
@param tag: A Valid tag representing a dataGroup
@type tag: A string
@return: The datagroup object representing this dataGroup
@raise DataGroupException: If the tag is not linked to any dataGroup, or if an error occurs during the parsing
@raise APDUException: If an error occurs during the APDU transmit.
Try to read the DataGroup specified by the parameter 'tag'.
If the DG is already read, the DG is directly returned,
else the DG is read then returned
If there is a Security status not satisfied error,
the mutual authentication is run.
If there is no error during the mutualAuth, the APDU is sent again else,
the error is propagated: there surely is an error in the MRZ field value
Please refer to ICAO Doc9303 Part 1 Volume 2, p III-28 for the complete
DataGroup <-> Tag correspondance
or have a look to the pypassport.datagroup.converter.py file
"""
tag = converter.toTAG(tag)
if not self.has_key(tag):
try:
tag = converter.toTAG(tag)
return self._getDG(tag)
except iso7816.Iso7816Exception, exc:
if exc[1] == 105 and exc[2] == 130:
#Security status not satisfied
self.log("Enabling Secure Messaging")
self.doBasicAccessControl()
return self._getDG(tag)
else:
raise datagroup.DataGroupException(str(exc))
except KeyError:
raise datagroup.DataGroupException("The data group '" +
str(tag) +
"' does not exist")
def doVerifySODCertificate(self):
"""
Execute the first part of the passive authentication: The verification of the certificate validity.
@raise dgException: If the SOD could not be read
@raise paException: If the object is badly configured
@raise openSSLException: See the openssl documentation
"""
res = ""
try:
sod = self.readSod()
res = self._pa.verifySODandCDS(sod, self.CSCADirectory)
return res
except datagroup.DataGroupException, msg:
res = msg
raise datagroup.DataGroupException(msg)
