|
OpenPACE
|
Functions | |
| void | TA_disable_checks (EAC_CTX *ctx) |
Enables TA_FLAG_SKIP_TIMECHECK in the TA context. More... | |
| int | TA_STEP2_import_certificate (const EAC_CTX *ctx, const unsigned char *cert, size_t cert_len) |
| Imports a CV Certificate to the EAC context. More... | |
| BUF_MEM * | TA_STEP3_generate_ephemeral_key (const EAC_CTX *ctx) |
| Generates ephemeral key for CA. More... | |
| BUF_MEM * | TA_STEP4_get_nonce (const EAC_CTX *ctx) |
| Generates a nonce for the PCD. More... | |
| int | TA_STEP4_set_nonce (const EAC_CTX *ctx, const BUF_MEM *nonce) |
| Import the nonce from the PICC. More... | |
| BUF_MEM * | TA_STEP5_sign (const EAC_CTX *ctx, const BUF_MEM *my_ta_eph_pubkey, const BUF_MEM *opp_pace_eph_pubkey, const BUF_MEM *auxdata) |
| Signs data for terminal authentication. More... | |
| int | TA_STEP6_verify (const EAC_CTX *ctx, const BUF_MEM *opp_ta_comp_eph_pubkey, const BUF_MEM *my_pace_comp_eph_pubkey, const BUF_MEM *auxdata, const BUF_MEM *signature) |
| Verifies PCD's signature from TA step 5. More... | |
| void TA_disable_checks | ( | EAC_CTX * | ctx | ) |
Enables TA_FLAG_SKIP_TIMECHECK in the TA context.
| [in] | ctx | EAC context for which to disable TA checks |
| int TA_STEP2_import_certificate | ( | const EAC_CTX * | ctx, |
| const unsigned char * | cert, | ||
| size_t | cert_len | ||
| ) |
Imports a CV Certificate to the EAC context.
This function should be used to subsequently verify all certificates of a certificate chain. The signature and date of the certificate are verified using the trust anchor or the most recently imported certificate. The TA context is adjusted to use domain parameters of the imported certificate. If the chain contains a new trust anchor (i.e. a CVCA certificate), the old trust anchor is replaced when EAC is completed.
| [in,out] | ctx | EAC context |
| [in] | cert | raw Certificate to import |
| [in] | cert_len | Length of cert |
| BUF_MEM* TA_STEP3_generate_ephemeral_key | ( | const EAC_CTX * | ctx | ) |
Generates ephemeral key for CA.
| [in,out] | ctx | EAC context. The CA context of ctx is initialized for key agreement |
| BUF_MEM* TA_STEP4_get_nonce | ( | const EAC_CTX * | ctx | ) |
Generates a nonce for the PCD.
| [in,out] | ctx | EAC context. The nonce is saved in ctx |
| int TA_STEP4_set_nonce | ( | const EAC_CTX * | ctx, |
| const BUF_MEM * | nonce | ||
| ) |
Import the nonce from the PICC.
| [in,out] | ctx | EAC context. The nonce is saved in ctx |
| nonce | The nonce to be copied |
| BUF_MEM* TA_STEP5_sign | ( | const EAC_CTX * | ctx, |
| const BUF_MEM * | my_ta_eph_pubkey, | ||
| const BUF_MEM * | opp_pace_eph_pubkey, | ||
| const BUF_MEM * | auxdata | ||
| ) |
Signs data for terminal authentication.
| [in] | ctx | EAC context |
| [in] | my_ta_eph_pubkey | PCD's ephemeral public key generated in Step 3 |
| [in] | opp_pace_eph_pubkey | PICC's ephemeral public key generated in PACE Step 3b |
| [in] | auxdata | (optional) Auxiliary data from PCD |
| int TA_STEP6_verify | ( | const EAC_CTX * | ctx, |
| const BUF_MEM * | opp_ta_comp_eph_pubkey, | ||
| const BUF_MEM * | my_pace_comp_eph_pubkey, | ||
| const BUF_MEM * | auxdata, | ||
| const BUF_MEM * | signature | ||
| ) |
Verifies PCD's signature from TA step 5.
| [in] | ctx | EAC context |
| [in] | opp_ta_comp_eph_pubkey | PCD's compressed ephemeral public key generated in Step 3 |
| [in] | my_pace_comp_eph_pubkey | PICC's compressed ephemeral public key generated in PACE Step 3b |
| [in] | auxdata | (optional) Auxiliary data from PCD |
| [in] | signature | Data to verify |
1.8.17