|
OpenPACE
|
Interface for Terminal Authentication. More...
#include <eac/eac.h>Go to the source code of this file.
Macros | |
| #define | TA_FLAG_SKIP_TIMECHECK 1 |
| Skip checking effective and expiration date of cv certificates against the system's current time. | |
Functions | |
| void | TA_disable_checks (EAC_CTX *ctx) |
Enables TA_FLAG_SKIP_TIMECHECK in the TA context. More... | |
| int | TA_STEP2_import_certificate (const EAC_CTX *ctx, const unsigned char *cert, size_t cert_len) |
| Imports a CV Certificate to the EAC context. More... | |
| BUF_MEM * | TA_STEP3_generate_ephemeral_key (const EAC_CTX *ctx) |
| Generates ephemeral key for CA. More... | |
| BUF_MEM * | TA_STEP4_get_nonce (const EAC_CTX *ctx) |
| Generates a nonce for the PCD. More... | |
| int | TA_STEP4_set_nonce (const EAC_CTX *ctx, const BUF_MEM *nonce) |
| Import the nonce from the PICC. More... | |
| BUF_MEM * | TA_STEP5_sign (const EAC_CTX *ctx, const BUF_MEM *my_ta_eph_pubkey, const BUF_MEM *opp_pace_eph_pubkey, const BUF_MEM *auxdata) |
| Signs data for terminal authentication. More... | |
| int | TA_STEP6_verify (const EAC_CTX *ctx, const BUF_MEM *opp_ta_comp_eph_pubkey, const BUF_MEM *my_pace_comp_eph_pubkey, const BUF_MEM *auxdata, const BUF_MEM *signature) |
| Verifies PCD's signature from TA step 5. More... | |
Interface for Terminal Authentication.
Terminal authentication (TA) is a protocol used to check the authenticity of a Terminal communicating with an MRTD chip. It is also used to establish the effective access rights of the terminal for all further communication. TA is a challenge- response protocol in which the certificate issues a challenge which is signed by the terminal. In order to be able to prove the authenticity of the answer, the MRTD chip needs to be provided with a certificate chain, which goes back to its own trust anchor.
Definition in file ta.h.
1.8.17