static int npa_init(sc_card_t * card) { int flags = SC_ALGORITHM_ECDSA_RAW; int ext_flags = 0; int r; if (!card) { r = SC_ERROR_INVALID_CARD; goto err; } card->caps |= SC_CARD_CAP_APDU_EXT | SC_CARD_CAP_RNG; /* 1520 bytes is the minimum lenght of the communication buffer in all * Chip/OS variants */ card->max_recv_size = 1520; card->max_send_size = 1520; #ifdef ENABLE_SM memset(&card->sm_ctx, 0, sizeof card->sm_ctx); #endif r = _sc_card_add_ec_alg(card, 192, flags, ext_flags, NULL); if (r != SC_SUCCESS) goto err; r = _sc_card_add_ec_alg(card, 224, flags, ext_flags, NULL); if (r != SC_SUCCESS) goto err; r = _sc_card_add_ec_alg(card, 256, flags, ext_flags, NULL); if (r != SC_SUCCESS) goto err; /* nPA does not encode the proprietary fieldSize in PrivateECKeyAttributes, * which leaves it at 0 for OpenSC, so we need to add 0x00 as supported * field_length */ r = _sc_card_add_ec_alg(card, 0, flags, ext_flags, NULL); if (r != SC_SUCCESS) goto err; #ifdef ENABLE_OPENPACE EAC_init(); #endif card->drv_data = npa_drv_data_create(); r = npa_load_options(card->ctx, card->drv_data); if (r != SC_SUCCESS) goto err; /* unlock the eSign application for reading the certificates * by the PKCS#15 layer (i.e. sc_pkcs15_bind_internal) */ if (SC_SUCCESS != npa_unlock_esign(card)) sc_log(card->ctx, "Propably not all functionality will be available.\n"); err: return r; }
int main(int argc, char *argv[]) { int fail = 1; unsigned char *cvc_data = NULL, *desc_data = NULL, *csr_data = NULL; size_t cvc_len = 0, desc_len = 0, csr_len = 0; struct gengetopt_args_info cmdline; /* Parse command line */ if (cmdline_parser (argc, argv, &cmdline) != 0) { return fail; } if (cmdline.cvc_arg) { fail = read_file(cmdline.cvc_arg, &cvc_data, &cvc_len); if (fail) { fprintf(stderr, "failed to read %s\n", cmdline.cvc_arg); goto err; } } if (cmdline.description_arg) { fail = read_file(cmdline.description_arg, &desc_data, &desc_len); if (fail) { fprintf(stderr, "failed to read %s\n", cmdline.description_arg); goto err; } } if (cmdline.csr_arg) { fail = read_file(cmdline.csr_arg, &csr_data, &csr_len); if (fail) { fprintf(stderr, "failed to read %s\n", cmdline.csr_arg); goto err; } } EAC_init(); fail = print_cvc(cvc_data, cvc_len, desc_data, desc_len, csr_data, csr_len); err: cmdline_parser_free (&cmdline); free(cvc_data); free(desc_data); EAC_cleanup(); return fail; }
int main(int argc, char *argv[]) { int r; BIO *bio = NULL; PACE_SEC *secret = NULL; EAC_CTX *picc_ctx = NULL, *pcd_ctx = NULL; BUF_MEM *enc_nonce = NULL, *pcd_mapping_data = NULL, *picc_mapping_data = NULL, *pcd_ephemeral_pubkey = NULL, *picc_ephemeral_pubkey = NULL, *pcd_token = NULL, *picc_token = NULL; EAC_init(); puts("EF.CardAccess:"); bio = BIO_new_fp(stdout, BIO_NOCLOSE|BIO_FP_TEXT); BIO_dump_indent(bio, (char *) EF_CARDACCESS, sizeof EF_CARDACCESS, 4); secret = PACE_SEC_new(PIN, strlen(PIN), PACE_PIN); puts("Secret:"); PACE_SEC_print_private(bio, secret, 4); picc_ctx = EAC_CTX_new(); pcd_ctx = EAC_CTX_new(); EAC_CTX_init_ef_cardaccess(EF_CARDACCESS, sizeof EF_CARDACCESS, pcd_ctx); EAC_CTX_init_ef_cardaccess(EF_CARDACCESS, sizeof EF_CARDACCESS, picc_ctx); puts("PACE step 1"); enc_nonce = PACE_STEP1_enc_nonce(picc_ctx, secret); puts("PACE step 2"); PACE_STEP2_dec_nonce(pcd_ctx, secret, enc_nonce); puts("PACE step 3A"); pcd_mapping_data = PACE_STEP3A_generate_mapping_data(pcd_ctx); picc_mapping_data = PACE_STEP3A_generate_mapping_data(picc_ctx); PACE_STEP3A_map_generator(pcd_ctx, picc_mapping_data); PACE_STEP3A_map_generator(picc_ctx, pcd_mapping_data); puts("PACE step 3B"); pcd_ephemeral_pubkey = PACE_STEP3B_generate_ephemeral_key(pcd_ctx); picc_ephemeral_pubkey = PACE_STEP3B_generate_ephemeral_key(picc_ctx); PACE_STEP3B_compute_shared_secret(pcd_ctx, picc_ephemeral_pubkey); PACE_STEP3B_compute_shared_secret(picc_ctx, pcd_ephemeral_pubkey); puts("PACE step 3C"); PACE_STEP3C_derive_keys(pcd_ctx); PACE_STEP3C_derive_keys(picc_ctx); puts("PACE step 3D"); pcd_token = PACE_STEP3D_compute_authentication_token(pcd_ctx, picc_ephemeral_pubkey); picc_token = PACE_STEP3D_compute_authentication_token(picc_ctx, pcd_ephemeral_pubkey); r = PACE_STEP3D_verify_authentication_token(pcd_ctx, picc_token); if (r == 1) r = PACE_STEP3D_verify_authentication_token(picc_ctx, pcd_token); puts("PICC's EAC_CTX:"); EAC_CTX_print_private(bio, picc_ctx, 4); puts("PCD's EAC_CTX:"); EAC_CTX_print_private(bio, pcd_ctx, 4); EAC_CTX_clear_free(pcd_ctx); EAC_CTX_clear_free(picc_ctx); PACE_SEC_clear_free(secret); EAC_cleanup(); EAC_CTX_clear_free(pcd_ctx); EAC_CTX_clear_free(picc_ctx); PACE_SEC_clear_free(secret); if (bio) BIO_free_all(bio); if (enc_nonce) BUF_MEM_free(enc_nonce); if (pcd_mapping_data) BUF_MEM_free(pcd_mapping_data); if (picc_mapping_data) BUF_MEM_free(picc_mapping_data); if (pcd_ephemeral_pubkey) BUF_MEM_free(pcd_ephemeral_pubkey); if (picc_ephemeral_pubkey) BUF_MEM_free(picc_ephemeral_pubkey); if (pcd_token) BUF_MEM_free(pcd_token); if (picc_token) BUF_MEM_free(picc_token); if (r != 1) return 1; return 0; }
int main(int argc, char *argv[]) { int fail = 1, i; char *cvc_filename = NULL; char *desc_filename = NULL; unsigned char *cvc_data = NULL, *desc_data = NULL; size_t cvc_len = 0, desc_len = 0; for (i=1; i<argc; i++) { if ((strcmp(argv[i], "--cvc") == 0) || (strcmp(argv[i], "-c") == 0)) { if (i++>=argc) { fprintf(stderr, "-c,--cvc requires an argument\n"); return fail; } cvc_filename = argv[i]; continue; } if ((strcmp(argv[i], "--description") == 0) || (strcmp(argv[i], "-d") == 0)) { if (i++>=argc) { fprintf(stderr, "-d,--description requires an argument\n"); return fail; } desc_filename = argv[i]; continue; } if ((strcmp(argv[i], "--help") == 0) || (strcmp(argv[i], "-h") == 0)) { printf( "%s Prints card verifiable certificate and its description\n" "\n" "Usage: %s [Options]\n" "\n" "Options:\n" " -c,--cvc file with card Verifiable certificate\n" " -d,--description file with certificate description\n" " -h,--help show this help message and exit\n" " --version print version information and exit\n" , argv[0], argv[0] ); fail = 0; goto err; } if (strcmp(argv[i], "--version") == 0) { fprintf(stderr, "%s 0.1\n" "\n" "Written by Frank Morgner and Dominik Oepen.\n" , argv[0] ); fail = 0; goto err; } fprintf(stderr, "unrecognized option \"%s\"\n", argv[i]); goto err; } if (cvc_filename) { fail = read_file(cvc_filename, &cvc_data, &cvc_len); if (fail) { fprintf(stderr, "failed to read %s\n", cvc_filename); goto err; } } if (desc_filename) { fail = read_file(desc_filename, &desc_data, &desc_len); if (fail) { fprintf(stderr, "failed to read %s\n", desc_filename); goto err; } } EAC_init(); fail = print_cvc(cvc_data, cvc_len, desc_data, desc_len); err: free(cvc_data); free(desc_data); EAC_cleanup(); return fail; }