All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.jmrtd.protocol.BACProtocol Maven / Gradle / Ivy

/*
 * JMRTD - A Java API for accessing machine readable travel documents.
 *
 * Copyright (C) 2006 - 2018  The JMRTD team
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
 *
 * $Id: BACProtocol.java 1800 2018-10-31 14:15:55Z martijno $
 */

package org.jmrtd.protocol;

import java.security.GeneralSecurityException;
import java.security.SecureRandom;
import java.util.Random;

import javax.crypto.SecretKey;

import org.jmrtd.APDULevelBACCapable;
import org.jmrtd.AccessKeySpec;
import org.jmrtd.BACKeySpec;
import org.jmrtd.Util;

import net.sf.scuba.smartcards.CardServiceException;

/**
 * The Basic Access Control protocol.
 *
 * @author The JMRTD team ([email protected])
 *
 * @version $Revision: 1800 $
 *
 * @since 0.5.6
 */
public class BACProtocol {

  private APDULevelBACCapable service;

  private Random random;

  private int maxTranceiveLength;

  private boolean shouldCheckMAC;

  /**
   * Constructs a BAC protocol instance.
   *
   * @param service the service to send APDUs
   * @param maxTranceiveLength the maximal tranceive length (on responses to {@code READ BINARY})
   *        to use in the resulting secure messaging channel
   * @param shouldCheckMAC whether the resulting secure messaging channel should apply strict MAC
   *        checking on response APDUs
   */
  public BACProtocol(APDULevelBACCapable service, int maxTranceiveLength, boolean shouldCheckMAC) {
    this.service = service;
    this.maxTranceiveLength = maxTranceiveLength;
    this.shouldCheckMAC = shouldCheckMAC;
    this.random = new SecureRandom();
  }

  /**
   * Performs the Basic Access Control protocol.
   *
   * @param bacKey the key based on the document number,
   *               the card holder's birth date,
   *               and the document's expiry date
   *
   * @return the BAC result
   *
   * @throws CardServiceException if authentication failed
   */
  public BACResult doBAC(AccessKeySpec bacKey) throws CardServiceException {
    try {
      byte[] keySeed = bacKey.getKey();
      SecretKey kEnc = Util.deriveKey(keySeed, Util.ENC_MODE);
      SecretKey kMac = Util.deriveKey(keySeed, Util.MAC_MODE);

      SecureMessagingWrapper wrapper = doBACStep(kEnc, kMac);
      return new BACResult(bacKey, wrapper);
    } catch (GeneralSecurityException gse) {
      throw new CardServiceException("Error during BAC", gse);
    }
  }

  /**
   * Performs the Basic Access Control protocol.
   * It does BAC using kEnc and kMac keys, usually calculated
   * from the document number, the card holder's date of birth,
   * and the card's date of expiry.
   *
   * @param kEnc the static 3DES key required for BAC
   * @param kMac the static 3DES key required for BAC
   *
   * @return the new secure messaging wrapper
   *
   * @throws CardServiceException if authentication failed
   * @throws GeneralSecurityException on security primitives related problems
   */
  public BACResult doBAC(SecretKey kEnc, SecretKey kMac) throws CardServiceException, GeneralSecurityException {
    return new BACResult(doBACStep(kEnc, kMac));
  }

  /**
   * Performs the Basic Access Control protocol.
   *
   * @param kEnc the static 3DES key required for BAC
   * @param kMac the static 3DES key required for BAC
   *
   * @return the new secure messaging wrapper
   *
   * @throws CardServiceException if authentication failed
   * @throws GeneralSecurityException on security primitives related problems
   */
  private SecureMessagingWrapper doBACStep(SecretKey kEnc, SecretKey kMac) throws CardServiceException, GeneralSecurityException {
    byte[] rndICC = service.sendGetChallenge();
    byte[] rndIFD = new byte[8];
    random.nextBytes(rndIFD);
    byte[] kIFD = new byte[16];
    random.nextBytes(kIFD);
    byte[] response = service.sendMutualAuth(rndIFD, rndICC, kIFD, kEnc, kMac);
    byte[] kICC = new byte[16];
    System.arraycopy(response, 16, kICC, 0, 16);

    byte[] keySeed = new byte[16];
    for (int i = 0; i < 16; i++) {
      keySeed[i] = (byte) ((kIFD[i] & 0xFF) ^ (kICC[i] & 0xFF));
    }
    SecretKey ksEnc = Util.deriveKey(keySeed, Util.ENC_MODE);
    SecretKey ksMac = Util.deriveKey(keySeed, Util.MAC_MODE);
    long ssc = computeSendSequenceCounter(rndICC, rndIFD);

    return new DESedeSecureMessagingWrapper(ksEnc, ksMac, maxTranceiveLength, shouldCheckMAC, ssc);
  }

  /**
   * Computes the key seed based on the given (MRZ based) BAC key.
   *
   * @param bacKey the BAC key
   *
   * @return the key seed
   *
   * @throws GeneralSecurityException on error applying the low level cryptographic primitives
   */
  public static byte[] computeKeySeedForBAC(BACKeySpec bacKey) throws GeneralSecurityException {
    String documentNumber = bacKey.getDocumentNumber();
    String dateOfBirth = bacKey.getDateOfBirth();
    String dateOfExpiry = bacKey.getDateOfExpiry();

    if (dateOfBirth == null || dateOfBirth.length() != 6) {
      throw new IllegalArgumentException("Wrong date format used for date of birth. Expected yyMMdd, found " + dateOfBirth);
    }
    if (dateOfExpiry == null || dateOfExpiry.length() != 6) {
      throw new IllegalArgumentException("Wrong date format used for date of expiry. Expected yyMMdd, found " + dateOfExpiry);
    }
    if (documentNumber == null) {
      throw new IllegalArgumentException("Wrong document number. Found " + documentNumber);
    }

    documentNumber = fixDocumentNumber(documentNumber);

    return computeKeySeedForBAC(documentNumber, dateOfBirth, dateOfExpiry);
  }

  /**
   * Computes the initial send sequence counter to use,
   * given the randoms generated by PICC and PCD.
   *
   * @param rndICC the PICC's random
   * @param rndIFD the PCD's random
   *
   * @return the initial send sequence counter to use
   */
  public static long computeSendSequenceCounter(byte[] rndICC, byte[] rndIFD) {
    if (rndICC == null || rndICC.length != 8
        || rndIFD == null || rndIFD.length != 8) {
      throw new IllegalStateException("Wrong length input");
    }
    long ssc = 0;
    for (int i = 4; i < 8; i++) {
      ssc <<= 8;
      ssc += rndICC[i] & 0x000000FF;
    }
    for (int i = 4; i < 8; i++) {
      ssc <<= 8;
      ssc += rndIFD[i] & 0x000000FF;
    }
    return ssc;
  }

  /**
   * Computes the static key seed to be used in BAC KDF,
   * based on information from the MRZ.
   *
   * @param documentNumber a string containing the document number
   * @param dateOfBirth a string containing the date of birth (YYMMDD)
   * @param dateOfExpiry a string containing the date of expiry (YYMMDD)
   *
   * @return a byte array of length 16 containing the key seed
   *
   * @throws GeneralSecurityException on security error
   */
  private static byte[] computeKeySeedForBAC(String documentNumber, String dateOfBirth, String dateOfExpiry) throws GeneralSecurityException {
    return Util.computeKeySeed(documentNumber, dateOfBirth, dateOfExpiry, "SHA-1", true);
  }

  /**
   * Returns the document number, including trailing '<' until length 9.
   *
   * @param documentNumber the original document number
   *
   * @return the documentNumber with at least length 9
   */
  private static String fixDocumentNumber(String documentNumber) {
    StringBuilder maxDocumentNumber = new StringBuilder(documentNumber == null ? "" : documentNumber.replace('<', ' ').trim().replace(' ', '<'));
    while (maxDocumentNumber.length() < 9) {
      maxDocumentNumber.append('<');
    }
    return maxDocumentNumber.toString();
  }
}




© 2015 - 2025 Weber Informatics LLC | Privacy Policy