AusweisApp2
Lade ...
Suche ...
Keine Treffer
KeyAgreement.h
gehe zur Dokumentation dieser Datei
1
7#pragma once
8
9#include "CardConnectionWorker.h"
10#include "GeneralAuthenticateResponse.h"
11#include "pace/KeyDerivationFunction.h"
12
13#include <QSharedPointer>
14
15namespace governikus
16{
17
18enum class KeyAgreementStatus
19{
20 SUCCESS,
21 RETRY_ALLOWED,
22 COMMUNICATION_ERROR,
23 FAILED,
24 PROTOCOL_ERROR
25};
26
27class KeyAgreement
28{
29 protected:
30 struct CardResult
31 {
32 CardReturnCode mReturnCode = CardReturnCode::UNDEFINED;
33 QByteArray mData = QByteArray();
34 };
35
36 private:
37 const QSharedPointer<CardConnectionWorker> mCardConnectionWorker;
38 QByteArray mEncryptionKey;
39 QByteArray mMacKey;
40 QByteArray mCarCurr, mCarPrev;
41
42
43 CardResult createTransmitResult(CardReturnCode pReturnCode,
44 StatusCode pResponseReturnCode,
45 const QByteArray& pResultData,
46 const char* pLogMessage) const;
47
54 CardResult determineNonce(const QByteArray& pPin);
55
62 virtual CardResult determineSharedSecret(const QByteArray& pNonce) = 0;
63
69 virtual QByteArray getUncompressedTerminalPublicKey() = 0;
70
75 CardResult transmitGAEncryptedNonce();
76
82 KeyAgreementStatus performMutualAuthenticate();
83
84 protected:
85 const QSharedPointer<const PaceInfo> mPaceInfo;
86 KeyDerivationFunction mKeyDerivationFunction;
87
88 KeyAgreement(const QSharedPointer<const PaceInfo>& pPaceInfo, const QSharedPointer<CardConnectionWorker>& pCardConnectionWorker);
89
95 [[nodiscard]] CardResult transmitGAMappingData(const QByteArray& pMappingData) const;
96
102 CardResult transmitGAEphemeralPublicKey(const QByteArray& pEphemeralPublicKey);
103
109 GAMutualAuthenticationResponse transmitGAMutualAuthentication(const QByteArray& pMutualAuthenticationData);
110
111 public:
117 virtual QByteArray getUncompressedCardPublicKey() = 0;
118
124 virtual QByteArray getCompressedCardPublicKey() = 0;
125
132 static QSharedPointer<KeyAgreement> create(const QSharedPointer<const PaceInfo>& pPaceInfo,
133 QSharedPointer<CardConnectionWorker> pCardConnectionWorker);
134 virtual ~KeyAgreement();
135
141 KeyAgreementStatus perform(const QByteArray& pPin);
142
148 [[nodiscard]] const QByteArray& getEncryptionKey() const;
149
155 [[nodiscard]] const QByteArray& getMacKey() const;
156
161 [[nodiscard]] const QByteArray& getCarCurr() const;
162
167 [[nodiscard]] const QByteArray& getCarPrev() const;
168};
169
170} // namespace governikus
governikus::GAMutualAuthenticationResponse
Definition: GeneralAuthenticateResponse.h:126
governikus::KeyAgreement
Definition: KeyAgreement.h:28
governikus::KeyAgreement::getEncryptionKey
const QByteArray & getEncryptionKey() const
Subsequent to the key agreement an encryption key is determined.
Definition: KeyAgreement.cpp:233
governikus::KeyAgreement::transmitGAMappingData
CardResult transmitGAMappingData(const QByteArray &pMappingData) const
Transmit the General Authenticate (Mapping Data) command to the card.
Definition: KeyAgreement.cpp:207
governikus::KeyAgreement::getCarPrev
const QByteArray & getCarPrev() const
Subsequent to the key agreement a certificate authority reference (CAR) may be determined.
Definition: KeyAgreement.cpp:245
governikus::KeyAgreement::mKeyDerivationFunction
KeyDerivationFunction mKeyDerivationFunction
Definition: KeyAgreement.h:86
governikus::KeyAgreement::transmitGAMutualAuthentication
GAMutualAuthenticationResponse transmitGAMutualAuthentication(const QByteArray &pMutualAuthenticationData)
Transmit the General Authenticate (Mutual Authentication) command to the card.
Definition: KeyAgreement.cpp:219
governikus::KeyAgreement::~KeyAgreement
virtual ~KeyAgreement()
Definition: KeyAgreement.cpp:83
governikus::KeyAgreement::perform
KeyAgreementStatus perform(const QByteArray &pPin)
Perform the key agreement.
Definition: KeyAgreement.cpp:88
governikus::KeyAgreement::getUncompressedCardPublicKey
virtual QByteArray getUncompressedCardPublicKey()=0
Returns the uncompressed card's ephemeral public key calculated during key agreement.
governikus::KeyAgreement::getCarCurr
const QByteArray & getCarCurr() const
Subsequent to the key agreement a certificate authority reference (CAR) may be determined.
Definition: KeyAgreement.cpp:239
governikus::KeyAgreement::getMacKey
const QByteArray & getMacKey() const
Subsequent to the key agreement a MAC key is determined.
Definition: KeyAgreement.cpp:251
governikus::KeyAgreement::mPaceInfo
const QSharedPointer< const PaceInfo > mPaceInfo
Definition: KeyAgreement.h:85
governikus::KeyAgreement::getCompressedCardPublicKey
virtual QByteArray getCompressedCardPublicKey()=0
Returns the compressed card's ephemeral public key calculated during key agreement.
governikus::KeyAgreement::transmitGAEphemeralPublicKey
CardResult transmitGAEphemeralPublicKey(const QByteArray &pEphemeralPublicKey)
Transmit the General Authenticate (Ephemeral Public Key) command to the card.
Definition: KeyAgreement.cpp:196
governikus::KeyAgreement::create
static QSharedPointer< KeyAgreement > create(const QSharedPointer< const PaceInfo > &pPaceInfo, QSharedPointer< CardConnectionWorker > pCardConnectionWorker)
Factory method to create an instance of KeyAgreement.
Definition: KeyAgreement.cpp:56
governikus::KeyDerivationFunction
Definition: KeyDerivationFunction.h:16
governikus
Implementation of ActivationContext for Intent based activation on Android systems.
Definition: ActivationContext.h:15
governikus::KeyAgreementStatus
KeyAgreementStatus
Definition: KeyAgreement.h:19
governikus::SUCCESS
SUCCESS
Definition: ResponseApdu.h:79
governikus::KeyAgreement::CardResult
Definition: KeyAgreement.h:31
governikus::KeyAgreement::CardResult::mData
QByteArray mData
Definition: KeyAgreement.h:33
governikus::KeyAgreement::CardResult::mReturnCode
CardReturnCode mReturnCode
Definition: KeyAgreement.h:32