de.fraunhofer.fokus.openeid.pace.test.TerminalAuthenticationECDHTest.java Source code

Java tutorial

  1. HOME
  2. Java
  3. de.fraunhofer.fokus.openeid.pace.test.TerminalAuthenticationECDHTest.java

Introduction

Here is the source code for de.fraunhofer.fokus.openeid.pace.test.TerminalAuthenticationECDHTest.java

Source

/*******************************************************************************
 * Implementation of the protocols PACE, Terminal Authentication and Chip 
 * Authentication (client side) with respect to the according BSI standards.
 * 
 * Copyright (C) 2013  Fraunhofer-Gesellschaft
 * 
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 * 
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 * 
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 ******************************************************************************/
package de.fraunhofer.fokus.openeid.pace.test;

import junit.framework.Assert;

import org.bouncycastle.util.Arrays;
import org.junit.BeforeClass;
import org.junit.Test;

import de.fraunhofer.fokus.openeid.commands.MSE_SetDst;
import de.fraunhofer.fokus.openeid.cryptography.CryptoException;
import de.fraunhofer.fokus.openeid.cryptography.Key;
import de.fraunhofer.fokus.openeid.cryptography.KeyDerivation;
import de.fraunhofer.fokus.openeid.cryptography.mac.MAC;
import de.fraunhofer.fokus.openeid.iso7816_4.CommandAPDU;
import de.fraunhofer.fokus.openeid.iso7816_4.CommandManager;
import de.fraunhofer.fokus.openeid.iso7816_4.InvalidInterindustryClassException;
import de.fraunhofer.fokus.openeid.iso7816_4.SecuredCommandAPDU;
import de.fraunhofer.fokus.openeid.iso7816_4.Utils;
import de.fraunhofer.fokus.openeid.pace.PACEInfoProtocol;
import de.fraunhofer.fokus.openeid.pace.test.EAC2WorkedExampleData;

/**
 * The class <code>TerminalAuthenticationECDHTest</code> contains tests for the
 * class {@link <code>TerminalAuthenticationECDH</code>}
 *
 * @author "Mateusz Khalil"
 *
 */
public class TerminalAuthenticationECDHTest {

    private static Key keyENC;
    private static Key keyMAC;
    private static PACEInfoProtocol protocol = PACEInfoProtocol.ID_PACE_ECDH_GM_AES_CBC_CMAC_128;

    @BeforeClass
    public static void init() {
        // prepare pace results
        byte[] secret = EAC2WorkedExampleData.sharedSecret;
        keyENC = KeyDerivation.deriveKeyENC(secret, protocol.getKeyType());
        keyMAC = KeyDerivation.deriveKeyMAC(secret, protocol.getKeyType());
    }

    @Test
    public void testChainVerificationStep1Plain() throws CryptoException, InvalidInterindustryClassException {
        /* prepare trusted PK reference for verification */
        MSE_SetDst setTrustVerifiablePK = new MSE_SetDst(null, EAC2WorkedExampleData.CAR);
        CommandAPDU apdu = setTrustVerifiablePK.buildAPDU();
        Byte[] plainApdu = apdu.buildPacket();
        byte[] plainObjective = new byte[] { 0x00, 0x22, (byte) 0x81, (byte) 0xB6, 0x0F, (byte) 0x83, 0x0D, 0x44,
                0x45, 0x43, 0x56, 0x43, 0x41, 0x41, 0x54, 0x30, 0x30, 0x30, 0x30, 0x31 };
        Assert.assertTrue(Arrays.areEqual(Utils.convert(plainApdu), plainObjective));
    }

    @Test
    public void testChainVerificationStep1SecureMessaging()
            throws CryptoException, InvalidInterindustryClassException {
        /* prepare trusted PK reference for verification */
        MSE_SetDst apdu = new MSE_SetDst(null, EAC2WorkedExampleData.CAR);
        CommandManager manager = new CommandManager(null);
        // Life Cycle step 1: CommandAPDU construction
        CommandAPDU command = apdu.buildAPDU();

        // @see F.3. Send Sequence Counter in TR03110 / SSC is increased before a command is generated 
        int ssc = manager.increaseCounter();

        // creating secured CommandAPDU
        MAC macAlgorithm = protocol.getMACAlgorithm();
        byte[] key = keyMAC.getKey();
        SecuredCommandAPDU securedApdu = new SecuredCommandAPDU(command, keyENC, macAlgorithm, key, ssc, 16);
        command = securedApdu.getSecured();
        byte[] expectedCoded = new byte[] { 0x0C, (byte) 0x22, (byte) 0x81, (byte) 0xB6, (byte) 0x1D, (byte) 0x87,
                (byte) 0x11, (byte) 0x01, (byte) 0xBE, (byte) 0x90, 0x23, 0x7E, (byte) 0xEB, 0x4B, (byte) 0xA0,
                (byte) 0xFF, 0x25, 0x3E, (byte) 0xA2, 0x46, (byte) 0xAE, 0x31, (byte) 0xC8, (byte) 0xB8,
                (byte) 0x8E, 0x08, (byte) 0x92, (byte) 0xD2, 0x1C, 0x73, (byte) 0xA1, (byte) 0xDF, (byte) 0xE9,
                (byte) 0x99, 0x00 };
        byte[] builtCoded = Utils.convert(command.buildPacket());
        Assert.assertTrue(Arrays.areEqual(builtCoded, expectedCoded));
    }
}