41 #include <openssl/bn.h> 42 #include <openssl/buffer.h> 144 const BUF_MEM * enc_nonce);
227 const BUF_MEM * token);
int PACE_STEP2_dec_nonce(const EAC_CTX *ctx, const PACE_SEC *pi, const BUF_MEM *enc_nonce)
Decrypt the nonce from the other party.
int PACE_STEP3A_map_generator(const EAC_CTX *ctx, const BUF_MEM *in)
Map to the ephemeral domain parameters.
BUF_MEM * PACE_STEP3B_generate_ephemeral_key(EAC_CTX *ctx)
Generate a keypair for key agreement.
Interface for Extended Access Control.
s_type
Type of the secret.
Undefined type, if nothing else matches.
PUK is the Personal Unblocking key. This type of secret is used when the card is suspended due to too...
void PACE_SEC_clear_free(PACE_SEC *s)
Free a PACE secret.
enum s_type type
Type of the secret.
int PACE_SEC_print_private(BIO *out, const PACE_SEC *sec, int indent)
Print PACE_SEC object including private secret.
BUF_MEM * PACE_STEP1_enc_nonce(const EAC_CTX *ctx, const PACE_SEC *pi)
Generates and encrypts a nonce.
int PACE_STEP3B_compute_shared_secret(const EAC_CTX *ctx, const BUF_MEM *in)
Compute the shared secret for key agreement.
PIN is the Personal Identification Number, a secret known only to the user and not printed on the car...
PACE_SEC * PACE_SEC_new(const char *sec, size_t sec_len, enum s_type type)
Create and initialize a new PACE secret.
Context for the Extended Access Control protocol.
MRZ is the Machine Readable Zone, printed on the card, encoding the personal information of the user...
BUF_MEM * PACE_STEP3D_compute_authentication_token(const EAC_CTX *ctx, const BUF_MEM *pub)
Compute the authentication token from domain parameters and public key.
int PACE_STEP3D_verify_authentication_token(const EAC_CTX *ctx, const BUF_MEM *token)
Verifies an authentication token.
This type of secret is not defined in BSI TR-03110. We use it as a generic type, so we can use PACE i...
BUF_MEM * encoded
Encoded secret.
struct pace_sec PACE_SEC
Shared secret for PACE.
BUF_MEM * PACE_STEP3A_generate_mapping_data(const EAC_CTX *ctx)
Generate a mapping data to perform the mapping to ephemeral domain parameters.
int PACE_STEP3C_derive_keys(const EAC_CTX *ctx)
Derives encryption and authentication keys.
CAN is the Card access number printed on the card.