Basic support for EAC documents (e.g. German Identification Card)

-new files armsrc/epa.[ch] for ePA (electronic "Personalausweis") related functions -Offers elementary functions (EPA_PACE_MSE_Set_AT etc.) -Also offers one new USB command: EPA_PACE_Collect_Nonce -created new command subtree in client: client/hfepa.[ch] ("hf epa") -offers "hf epa cnonces" (collect encrypted PACE nonces) -more to come
2025-08-14 18:48:13 -07:00 · 2012-08-28 21:39:50 +00:00 · 2012-08-28 21:39:50 +00:00 · 5acd09bdfb
commit 5acd09bdfb
parent b0127e65f1
11 changed files with 601 additions and 7 deletions
--- a/client/cmdhfepa.c
+++ b/client/cmdhfepa.c
@ -0,0 +1,89 @@
+//-----------------------------------------------------------------------------
+// Copyright (C) 2012 Frederik Möllers
+//
+// This code is licensed to you under the terms of the GNU GPL, version 2 or,
+// at your option, any later version. See the LICENSE.txt file for the text of
+// the license.
+//-----------------------------------------------------------------------------
+// Commands related to the German electronic Identification Card
+//-----------------------------------------------------------------------------
+
+#include "util.h"
+#include "proxusb.h"
+#include "ui.h"
+#include "cmdparser.h"
+#include "common.h"
+#include "cmdmain.h"
+
+#include "cmdhfepa.h"
+
+static int CmdHelp(const char *Cmd);
+
+// Perform (part of) the PACE protocol
+int CmdHFEPACollectPACENonces(const char *Cmd)
+{
+	// requested nonce size
+	uint8_t m = 0;
+	// requested number of Nonces
+	unsigned int n = 0;
+	
+	sscanf(Cmd, "%hhu %u", &m, &n);
+	
+	// values are expected to be > 0
+	m = m > 0 ? m : 1;
+	n = n > 0 ? n : 1;
+
+	PrintAndLog("Collecting %u %hhu-byte nonces", n, m);
+	PrintAndLog("Start: %u", time(NULL));
+	// repeat n times
+	for (unsigned int i = 0; i < n; i++) {
+		// execute PACE
+		UsbCommand c = {CMD_EPA_PACE_COLLECT_NONCE, {(int)m, 0, 0}};
+		SendCommand(&c);
+		UsbCommand *resp = WaitForResponse(CMD_ACK);
+
+		// check if command failed
+		if (resp->arg[0] != 0) {
+			PrintAndLog("Error in step %d, Return code: %d",
+			            resp->arg[0],
+						(int)resp->arg[1]);
+		} else {
+			size_t nonce_length = resp->arg[1];
+			char *nonce = (char *) malloc(2 * nonce_length + 1);
+			for(int j = 0; j < nonce_length; j++) {
+				snprintf(nonce + (2 * j), 3, "%02X", resp->d.asBytes[j]);
+			}
+			// print nonce
+			PrintAndLog("Length: %d, Nonce: %s",
+			            resp->arg[1], nonce);
+		}
+	}
+	PrintAndLog("End: %u", time(NULL));
+
+	return 1;
+}
+
+// UI-related stuff
+
+static const command_t CommandTable[] = 
+{
+  {"help",    CmdHelp,                   1, "This help"},
+  {"cnonces", CmdHFEPACollectPACENonces, 0, "<m> <n> Acquire n>0 encrypted PACE nonces of size m>0"},
+  {NULL, NULL, 0, NULL}
+};
+
+int CmdHelp(const char *Cmd)
+{
+  CmdsHelp(CommandTable);
+  return 0;
+}
+
+int CmdHFEPA(const char *Cmd)
+{
+	// flush
+	while (WaitForResponseTimeout(CMD_ACK, 500) != NULL) ;
+
+	// parse
+  CmdsParse(CommandTable, Cmd);
+  return 0;
+}