Exemplo n.º 1
0
    def external_authenticate(self, p1, p2, data):
        """
        Authenticate the terminal to the card. Check whether Terminal correctly
        encrypted the given challenge or not
        """
        if self.dst.keyref_public_key:  # TODO check if this is the correct CAR
            id_picc = eac.EAC_Comp(self.eac_ctx, eac.EAC_ID_PACE,
                                   self.my_pace_eph_pubkey)

            # FIXME auxiliary_data might be from an older run of PACE
            if hasattr(self.at, "auxiliary_data"):
                auxiliary_data = self.at.auxiliary_data
            else:
                auxiliary_data = None

            if 1 != eac.TA_STEP6_verify(self.eac_ctx, self.at.iv, id_picc,
                                        auxiliary_data, data):
                eac.print_ossl_err()
                print("Could not verify Terminal's signature")
                raise SwError(SW["ERR_CONDITIONNOTSATISFIED"])

            print("Terminal's signature verified")

            self.eac_step += 1

            return 0x9000, b""

        raise SwError(SW["ERR_CONDITIONNOTSATISFIED"])
Exemplo n.º 2
0
 def EAC_Comp(self):
     return eac.EAC_Comp(self.ctx, eac.EAC_ID_PACE, self._ephemeral_pubkey)