def _getPubKey(self, mrz_value):
"""
Calls the method getPubKey() from signEverything
@return: The public key (DG15)
"""
self._bac = bac.BAC(self._iso7816)
return SignEverything(self._iso7816).getPubKey(self._bac, mrz_value)
def setKseed(self, dg1):
l2 = dg1["5F1F"][44:]
b = bac.BAC(None)
m = mrz.MRZ(l2)
m.checkMRZ()
kseed = binToHexRep(b.mrz_information(m))
toSend = CommandAPDU("10", "A7", "00", "00", "18", kseed, "")
self._iso7816.transmit(toSend, "Set KSeed")
self.log("Kseed set")
def __init__(self, iso7816):
Logger.__init__(self, "SIGN EVERYTHING ATTACK")
self._iso7816 = iso7816
if type(self._iso7816) != type(Iso7816(None)):
raise SignEverythingException("The sublayer iso7816 is not available")
self._iso7816.rstConnection()
self._bac = bac.BAC(iso7816)
self._openssl = OpenSSL()
def __init__(self, reader, epMrz=None):
"""
This object provide most of the functionnalities described in the EPassport document.
- The basic acces control + secure messaging
- The active authentication
- The passive authentication
- Reading of the various dataGroups
@param reader: It can be a reader or a path to dumps
@type reader: A reader object, then it will use the specified rfid reader.
A string, then the simulator will read the dumps from the specified url.
@param mrz: An object representing the passport MRZ.
@type mrz: An MRZ object
"""
logger.Logger.__init__(self, "EPassport")
if epMrz:
self._mrz = mrz.MRZ(epMrz)
if self._mrz.checkMRZ() == False:
raise EPassportException("Invalid MRZ")
else:
self._mrz = None
self._iso7816 = iso7816.Iso7816(reader)
self._iso7816.register(self._logFct)
self._dgReader = datagroup.DataGroupReaderFactory().create(
self._iso7816)
self._dgReader.register(self._logFct)
self._bac = bac.BAC(self._iso7816)
self._bac.register(self._logFct)
self._openSSL = openssl.OpenSSL()
self._openSSL.register(self._logFct)
self._aa = activeauthentication.ActiveAuthentication(
self._iso7816, self._openSSL)
self._aa.register(self._logFct)
self._pa = passiveauthentication.PassiveAuthentication(self._openSSL)
self._pa.register(self._logFct)
self._CSCADirectory = None
self._selectPassportApp()
def performBAC(self):
try:
if self.mrz.buildMRZ():
self.reset()
self.init()
basic_access_control = bac.BAC(self._iso7816)
(
KSenc, KSmac, ssc
) = basic_access_control.authenticationAndEstablishmentOfSessionKeys(
mrz.MRZ(self.mrz.buildMRZ()))
sm = securemessaging.SecureMessaging(KSenc, KSmac, ssc)
self._iso7816.setCiphering(sm)
self.writeToLog("CIPHERING SET:\n{0}".format(sm))
else:
tkMessageBox.showerror("Error: BAC",
"You have to set the proper MRZ first")
except Exception, msg:
tkMessageBox.showerror("Error: BAC", str(msg))
def genBACKeys(self):
try:
if self.mrz.buildMRZ():
basic_access_control = bac.BAC(self._iso7816)
mrz_to_send = mrz.MRZ(self.mrz.buildMRZ())
mrz_to_send.checkMRZ()
(Kenc, Kmac
) = basic_access_control.derivationOfDocumentBasicAccesKeys(
mrz_to_send)
Kenc = binToHexRep(Kenc)
Kmac = binToHexRep(Kmac)
self.writeToLog(
"GENERATE THE BAC KEYS:\n Kenc: {0}\n Kmac: {1}".format(
Kenc, Kmac))
self.field1Form.delete(0, END)
self.field1Form.insert(0, Kenc)
self.field2Form.delete(0, END)
self.field2Form.insert(0, Kmac)
else:
tkMessageBox.showerror("Error: Generate BAC keys",
"You have to set the proper MRZ first")
except Exception, msg:
tkMessageBox.showerror("Error: BAC", str(msg))
