def __eac_pace_step3(self, data):
tlv_data = nPA_SE.__unpack_general_authenticate(data)
self.my_pace_eph_pubkey = eac.PACE_STEP3B_generate_ephemeral_key(
self.eac_ctx)
if not self.my_pace_eph_pubkey:
eac.print_ossl_err()
raise SwError(SW["WARN_NOINFO63"])
eph_pubkey = self.my_pace_eph_pubkey
for tag, length, value in tlv_data:
if tag == 0x83:
self.pace_opp_pub_key = value
eac.PACE_STEP3B_compute_shared_secret(self.eac_ctx,
self.pace_opp_pub_key)
else:
raise SwError(SW["ERR_INCORRECTPARAMETERS"])
self.eac_step += 1
return 0x9000, nPA_SE.__pack_general_authenticate(
[[0x84, len(eph_pubkey), eph_pubkey]])
def compute_shared_secret(self, pubkey):
self._opp_pubkey = pubkey
if (not eac.PACE_STEP3B_compute_shared_secret(self.ctx, pubkey)):
raise PACEException("Failed to compute shared secret", "Step 3B")
print("PACE step 2")
eac.PACE_STEP2_dec_nonce(pcd_ctx, secret, enc_nonce)
print("PACE step 3A")
pcd_mapping_data = eac.PACE_STEP3A_generate_mapping_data(pcd_ctx)
picc_mapping_data = eac.PACE_STEP3A_generate_mapping_data(picc_ctx)
eac.PACE_STEP3A_map_generator(pcd_ctx, picc_mapping_data)
eac.PACE_STEP3A_map_generator(picc_ctx, pcd_mapping_data)
print("PACE step 3B")
pcd_ephemeral_pubkey = eac.PACE_STEP3B_generate_ephemeral_key(pcd_ctx)
picc_ephemeral_pubkey = eac.PACE_STEP3B_generate_ephemeral_key(picc_ctx)
eac.PACE_STEP3B_compute_shared_secret(pcd_ctx, picc_ephemeral_pubkey)
eac.PACE_STEP3B_compute_shared_secret(picc_ctx, pcd_ephemeral_pubkey)
print("PACE step 3C")
eac.PACE_STEP3C_derive_keys(pcd_ctx)
eac.PACE_STEP3C_derive_keys(picc_ctx)
print("PACE step 3D")
pcd_token = eac.PACE_STEP3D_compute_authentication_token(
pcd_ctx, picc_ephemeral_pubkey)
picc_token = eac.PACE_STEP3D_compute_authentication_token(
picc_ctx, pcd_ephemeral_pubkey)
eac.PACE_STEP3D_verify_authentication_token(pcd_ctx, picc_token)
r = eac.PACE_STEP3D_verify_authentication_token(picc_ctx, pcd_token)