gopace

package module
v0.0.0-...-60900ca Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 7, 2021 License: MIT Imports: 13 Imported by: 0

README

Go library for PACE protocol

This is native library for establishing a secure channel between the terminal and smart card using PACE protocol.

The library is still work-in-progress and uses hard-coded parameters for Estonian ID-cards. As such, it should only by used as a reference implementation. Let me know if there would be interest for using the library more generally.

License

MIT

Documentation

Overview

Package gopace allows to establish a secure channel between card and host using PACE protocol.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CMAC 

func CMAC(kmac []byte, data []byte) (mac []byte, err error)

func ComputeAuthenticationToken 

func ComputeAuthenticationToken(deroid, msx, msy []byte) []byte

func DecryptNonce 

func DecryptNonce(can []byte, encNonce []byte) (decNonce []byte, err error)

func GetAPDU 

func GetAPDU(header, data []byte, le []byte) (apdu []byte)

func GetNonce 

func GetNonce(card *PlainCard) (encNonce []byte, err error)

func MapNonce 

func MapNonce(card *PlainCard, x, y []byte) (x2, y2 []byte, err error)

func MappedBasePoint 

func MappedBasePoint(decNonce []byte, sx, sy []byte) (mx, my []byte)

func MappedECDH 

func MappedECDH(sk2 []byte, msx, msy []byte) (smsx, smsy []byte)

func MappedPublicKey 

func MappedPublicKey(sk2 []byte, mx, my []byte) (msx, msy []byte)

func MarshalECPoint 

func MarshalECPoint(x, y []byte) []byte

func MutualAuthentication 

func MutualAuthentication(card Carder, tcmac, ccmac []byte) error

func PerformKeyAgreement 

func PerformKeyAgreement(card *PlainCard, msx, msy []byte) (msx2, msy2 []byte, err error)

func ReadBinary 

func ReadBinary(card Carder) (content []byte, err error)

ReadBinary reads the content of an already chosen file.

func SelectFile 

func SelectFile(card Carder, file []byte) (err error)

SelectFile selects a file given the file identifier and a Carder.

func SessionKeys 

func SessionKeys(smsx []byte) (kenc, kmac []byte)

func SetAuthenticationTemplate 

func SetAuthenticationTemplate(card *PlainCard, pi *PersonalInfo) (err error)

func SharedPoint 

func SharedPoint(x, y, sk []byte) (sx, sy []byte)

func TerminalKeyMap 

func TerminalKeyMap(sk []byte) (x, y []byte, err error)

func UnmarshalECPoint 

func UnmarshalECPoint(m []byte) (x, y []byte)

Types

type Carder 

type Carder interface {
	Transmit(header []byte, data []byte, le []byte) (resp []byte, err error)
	TransmitAPDU(apdu []byte) (resp []byte, err error)
}

Carder abstracts communication between host and card over insecure and secure channel

type PersonalInfo 

type PersonalInfo struct {
	Protocol    asn1.RawValue
	Version     int
	ParameterID int
}

func ReadCardAccess 

func ReadCardAccess(card *PlainCard) (pi *PersonalInfo, err error)

type PersonalInfoSET 

type PersonalInfoSET []PersonalInfo

type PlainCard 

type PlainCard struct {
	// contains filtered or unexported fields
}

func Connect 

func Connect() (pcard *PlainCard, cancel func(), err error)

func (*PlainCard) Transmit 

func (pcard *PlainCard) Transmit(header []byte, data []byte, le []byte) (resp []byte, err error)

func (*PlainCard) TransmitAPDU 

func (pcard *PlainCard) TransmitAPDU(apdu []byte) (resp []byte, err error)

type SecureCard 

type SecureCard struct {
	// contains filtered or unexported fields
}

func PACE 

func PACE(card *PlainCard, can []byte) (seccard *SecureCard, err error)

func (*SecureCard) DecData 

func (sc *SecureCard) DecData(edata []byte) (data []byte, err error)

func (*SecureCard) EncData 

func (sc *SecureCard) EncData(data []byte) (enced []byte, err error)

func (*SecureCard) PadData 

func (sc *SecureCard) PadData(data []byte) (padded []byte)

func (*SecureCard) Prepare 

func (sc *SecureCard) Prepare(header, data, le []byte) (apdu []byte, err error)

func (*SecureCard) Process 

func (sc *SecureCard) Process(encresp []byte) (data []byte, sw []byte, err error)

func (*SecureCard) RemovePad 

func (sc *SecureCard) RemovePad(data []byte) (unpadded []byte)

func (*SecureCard) SSC 

func (sc *SecureCard) SSC() []byte

func (*SecureCard) Transmit 

func (sc *SecureCard) Transmit(header, data, le []byte) (resp []byte, err error)

func (*SecureCard) TransmitAPDU 

func (sc *SecureCard) TransmitAPDU(apdu []byte) (resp []byte, err error)

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.