@trustchex/react-native-sdk 1.409.0 → 1.464.0

package/src/Shared/EIDReader/paceInfo.ts

@@ -0,0 +1,159 @@
+/**
+ * PACE (Password Authenticated Connection Establishment) protocol info.
+ * Parses PACE OIDs to extract mapping type, cipher, digest, key agreement algorithm, and key length.
+ *
+ * Based on ICAO Doc 9303 Part 11 and BSI TR-03110.
+ */
+
+export enum MappingType {
+  GM = 'GM',
+  IM = 'IM',
+  CAM = 'CAM',
+}
+
+// PACE OID constants (BSI TR-03110 / ICAO 9303)
+export const ID_PACE = '0.4.0.127.0.7.2.2.4';
+
+export const ID_PACE_DH_GM = '0.4.0.127.0.7.2.2.4.1';
+export const ID_PACE_DH_GM_3DES_CBC_CBC = '0.4.0.127.0.7.2.2.4.1.1';
+export const ID_PACE_DH_GM_AES_CBC_CMAC_128 = '0.4.0.127.0.7.2.2.4.1.2';
+export const ID_PACE_DH_GM_AES_CBC_CMAC_192 = '0.4.0.127.0.7.2.2.4.1.3';
+export const ID_PACE_DH_GM_AES_CBC_CMAC_256 = '0.4.0.127.0.7.2.2.4.1.4';
+
+export const ID_PACE_ECDH_GM = '0.4.0.127.0.7.2.2.4.2';
+export const ID_PACE_ECDH_GM_3DES_CBC_CBC = '0.4.0.127.0.7.2.2.4.2.1';
+export const ID_PACE_ECDH_GM_AES_CBC_CMAC_128 = '0.4.0.127.0.7.2.2.4.2.2';
+export const ID_PACE_ECDH_GM_AES_CBC_CMAC_192 = '0.4.0.127.0.7.2.2.4.2.3';
+export const ID_PACE_ECDH_GM_AES_CBC_CMAC_256 = '0.4.0.127.0.7.2.2.4.2.4';
+
+export const ID_PACE_DH_IM = '0.4.0.127.0.7.2.2.4.3';
+export const ID_PACE_DH_IM_3DES_CBC_CBC = '0.4.0.127.0.7.2.2.4.3.1';
+export const ID_PACE_DH_IM_AES_CBC_CMAC_128 = '0.4.0.127.0.7.2.2.4.3.2';
+export const ID_PACE_DH_IM_AES_CBC_CMAC_192 = '0.4.0.127.0.7.2.2.4.3.3';
+export const ID_PACE_DH_IM_AES_CBC_CMAC_256 = '0.4.0.127.0.7.2.2.4.3.4';
+
+export const ID_PACE_ECDH_IM = '0.4.0.127.0.7.2.2.4.4';
+export const ID_PACE_ECDH_IM_3DES_CBC_CBC = '0.4.0.127.0.7.2.2.4.4.1';
+export const ID_PACE_ECDH_IM_AES_CBC_CMAC_128 = '0.4.0.127.0.7.2.2.4.4.2';
+export const ID_PACE_ECDH_IM_AES_CBC_CMAC_192 = '0.4.0.127.0.7.2.2.4.4.3';
+export const ID_PACE_ECDH_IM_AES_CBC_CMAC_256 = '0.4.0.127.0.7.2.2.4.4.4';
+
+export const ID_PACE_ECDH_CAM = '0.4.0.127.0.7.2.2.4.6';
+export const ID_PACE_ECDH_CAM_AES_CBC_CMAC_128 = '0.4.0.127.0.7.2.2.4.6.2';
+export const ID_PACE_ECDH_CAM_AES_CBC_CMAC_192 = '0.4.0.127.0.7.2.2.4.6.3';
+export const ID_PACE_ECDH_CAM_AES_CBC_CMAC_256 = '0.4.0.127.0.7.2.2.4.6.4';
+
+// Standard domain parameter identifiers
+export const PARAM_ID_ECP_NIST_P256_R1 = 12;
+export const PARAM_ID_ECP_BRAINPOOL_P256_R1 = 13;
+export const PARAM_ID_ECP_BRAINPOOL_P384_R1 = 16;
+export const PARAM_ID_ECP_BRAINPOOL_P512_R1 = 17;
+export const PARAM_ID_ECP_NIST_P384_R1 = 15;
+export const PARAM_ID_ECP_NIST_P521_R1 = 18;
+
+const GM_OIDS = new Set([
+  ID_PACE_DH_GM_3DES_CBC_CBC,
+  ID_PACE_DH_GM_AES_CBC_CMAC_128,
+  ID_PACE_DH_GM_AES_CBC_CMAC_192,
+  ID_PACE_DH_GM_AES_CBC_CMAC_256,
+  ID_PACE_ECDH_GM_3DES_CBC_CBC,
+  ID_PACE_ECDH_GM_AES_CBC_CMAC_128,
+  ID_PACE_ECDH_GM_AES_CBC_CMAC_192,
+  ID_PACE_ECDH_GM_AES_CBC_CMAC_256,
+]);
+
+const IM_OIDS = new Set([
+  ID_PACE_DH_IM_3DES_CBC_CBC,
+  ID_PACE_DH_IM_AES_CBC_CMAC_128,
+  ID_PACE_DH_IM_AES_CBC_CMAC_192,
+  ID_PACE_DH_IM_AES_CBC_CMAC_256,
+  ID_PACE_ECDH_IM_3DES_CBC_CBC,
+  ID_PACE_ECDH_IM_AES_CBC_CMAC_128,
+  ID_PACE_ECDH_IM_AES_CBC_CMAC_192,
+  ID_PACE_ECDH_IM_AES_CBC_CMAC_256,
+]);
+
+const CAM_OIDS = new Set([
+  ID_PACE_ECDH_CAM_AES_CBC_CMAC_128,
+  ID_PACE_ECDH_CAM_AES_CBC_CMAC_192,
+  ID_PACE_ECDH_CAM_AES_CBC_CMAC_256,
+]);
+
+const DH_OIDS = new Set([
+  ID_PACE_DH_GM_3DES_CBC_CBC,
+  ID_PACE_DH_GM_AES_CBC_CMAC_128,
+  ID_PACE_DH_GM_AES_CBC_CMAC_192,
+  ID_PACE_DH_GM_AES_CBC_CMAC_256,
+  ID_PACE_DH_IM_3DES_CBC_CBC,
+  ID_PACE_DH_IM_AES_CBC_CMAC_128,
+  ID_PACE_DH_IM_AES_CBC_CMAC_192,
+  ID_PACE_DH_IM_AES_CBC_CMAC_256,
+]);
+
+const DES_OIDS = new Set([
+  ID_PACE_DH_GM_3DES_CBC_CBC,
+  ID_PACE_DH_IM_3DES_CBC_CBC,
+  ID_PACE_ECDH_GM_3DES_CBC_CBC,
+  ID_PACE_ECDH_IM_3DES_CBC_CBC,
+]);
+
+const KEY_128_OIDS = new Set([
+  ID_PACE_DH_GM_3DES_CBC_CBC,
+  ID_PACE_DH_IM_3DES_CBC_CBC,
+  ID_PACE_ECDH_GM_3DES_CBC_CBC,
+  ID_PACE_ECDH_IM_3DES_CBC_CBC,
+  ID_PACE_DH_GM_AES_CBC_CMAC_128,
+  ID_PACE_DH_IM_AES_CBC_CMAC_128,
+  ID_PACE_ECDH_GM_AES_CBC_CMAC_128,
+  ID_PACE_ECDH_IM_AES_CBC_CMAC_128,
+  ID_PACE_ECDH_CAM_AES_CBC_CMAC_128,
+]);
+
+const KEY_192_OIDS = new Set([
+  ID_PACE_DH_GM_AES_CBC_CMAC_192,
+  ID_PACE_DH_IM_AES_CBC_CMAC_192,
+  ID_PACE_ECDH_GM_AES_CBC_CMAC_192,
+  ID_PACE_ECDH_IM_AES_CBC_CMAC_192,
+  ID_PACE_ECDH_CAM_AES_CBC_CMAC_192,
+]);
+
+const KEY_256_OIDS = new Set([
+  ID_PACE_DH_GM_AES_CBC_CMAC_256,
+  ID_PACE_DH_IM_AES_CBC_CMAC_256,
+  ID_PACE_ECDH_GM_AES_CBC_CMAC_256,
+  ID_PACE_ECDH_IM_AES_CBC_CMAC_256,
+  ID_PACE_ECDH_CAM_AES_CBC_CMAC_256,
+]);
+
+const SHA256_OIDS = new Set([...KEY_192_OIDS, ...KEY_256_OIDS]);
+
+export class PACEInfo {
+  public static toMappingType(oid: string): MappingType {
+    if (GM_OIDS.has(oid)) return MappingType.GM;
+    if (IM_OIDS.has(oid)) return MappingType.IM;
+    if (CAM_OIDS.has(oid)) return MappingType.CAM;
+    throw new Error(`Unknown PACE OID: ${oid}`);
+  }
+
+  public static toKeyAgreementAlgorithm(oid: string): 'DH' | 'ECDH' {
+    if (DH_OIDS.has(oid)) return 'DH';
+    return 'ECDH';
+  }
+
+  public static toCipherAlgorithm(oid: string): 'DESede' | 'AES' {
+    if (DES_OIDS.has(oid)) return 'DESede';
+    return 'AES';
+  }
+
+  public static toDigestAlgorithm(oid: string): 'SHA-1' | 'SHA-256' {
+    if (SHA256_OIDS.has(oid)) return 'SHA-256';
+    return 'SHA-1';
+  }
+
+  public static toKeyLength(oid: string): 128 | 192 | 256 {
+    if (KEY_128_OIDS.has(oid)) return 128;
+    if (KEY_192_OIDS.has(oid)) return 192;
+    if (KEY_256_OIDS.has(oid)) return 256;
+    throw new Error(`Unknown PACE OID: ${oid}`);
+  }
+}

package/src/Shared/EIDReader/paceKeySpec.ts

@@ -0,0 +1,56 @@
+import type { AccessKeySpec } from './accessKeySpec';
+import { EID_CONSTANTS } from './constants/eidConstants';
+
+/**
+ * A key specification for PACE authentication.
+ * Supports MRZ, CAN, PIN, and PUK key types.
+ */
+export class PACEKeySpec implements AccessKeySpec {
+  private key: string;
+  private keyReference: number;
+
+  constructor(key: string, keyReference: number) {
+    this.key = key;
+    this.keyReference = keyReference;
+  }
+
+  public getAlgorithm(): string {
+    return 'PACE';
+  }
+
+  public getKey(): string {
+    return this.key;
+  }
+
+  public getKeyReference(): number {
+    return this.keyReference;
+  }
+
+  /**
+   * Creates a PACE key from a Card Access Number (CAN).
+   */
+  public static createCANKey(can: string): PACEKeySpec {
+    return new PACEKeySpec(can, EID_CONSTANTS.CAN_PACE_KEY_REFERENCE);
+  }
+
+  /**
+   * Creates a PACE key from a PIN.
+   */
+  public static createPINKey(pin: string): PACEKeySpec {
+    return new PACEKeySpec(pin, EID_CONSTANTS.PIN_PACE_KEY_REFERENCE);
+  }
+
+  /**
+   * Creates a PACE key from a PUK.
+   */
+  public static createPUKKey(puk: string): PACEKeySpec {
+    return new PACEKeySpec(puk, EID_CONSTANTS.PUK_PACE_KEY_REFERENCE);
+  }
+
+  /**
+   * Creates an MRZ-based PACE key from BAC key seed bytes.
+   */
+  public static createMRZKey(keySeed: string): PACEKeySpec {
+    return new PACEKeySpec(keySeed, EID_CONSTANTS.MRZ_PACE_KEY_REFERENCE);
+  }
+}

package/src/Shared/EIDReader/protocol/paceAPDUSender.ts

@@ -0,0 +1,163 @@
+import type { APDULevelPACECapable } from '../apduLevelPACECapable';
+import type { APDUWrapper } from '../smartcards/apduWrapper';
+import { Buffer } from 'buffer';
+import { CardService } from '../cardService';
+import { CommandAPDU } from '../smartcards/commandAPDU';
+import { ISO7816_CLA, ISO7816_INS, ISO7816_SW } from '../smartcards/iso7816';
+import { SecureMessagingAPDUSender } from './secureMessagingAPDUSender';
+import TLVUtil from '../tlv/tlv.utils';
+
+const INS_PACE_GENERAL_AUTHENTICATE = 0x86;
+
+/**
+ * Low-level APDU sender to support the PACE protocol.
+ */
+export class PACEAPDUSender implements APDULevelPACECapable {
+  private secureMessagingSender: SecureMessagingAPDUSender;
+
+  constructor(service: CardService) {
+    this.secureMessagingSender = new SecureMessagingAPDUSender(service);
+  }
+
+  public async sendMSESetATMutualAuth(
+    wrapper: APDUWrapper | null,
+    oid: string,
+    refPublicKeyOrSecretKey: number,
+    refPrivateKeyOrForComputingSessionKey: number[] | null
+  ): Promise<void> {
+    if (oid == null) {
+      throw new Error('OID cannot be null');
+    }
+
+    const oidBytes = PACEAPDUSender.toOIDBytes(oid);
+
+    // 0x83: Reference of a public key / secret key
+    const refBytes = Array.from(
+      TLVUtil.wrapDO(0x83, [refPublicKeyOrSecretKey])
+    );
+
+    // Build data
+    const data: number[] = [...oidBytes, ...refBytes];
+
+    // 0x84: Reference of a private key / Reference for computing a session key (optional)
+    if (refPrivateKeyOrForComputingSessionKey != null) {
+      const refPrivateBytes = Array.from(
+        TLVUtil.wrapDO(0x84, refPrivateKeyOrForComputingSessionKey)
+      );
+      data.push(...refPrivateBytes);
+    }
+
+    const commandAPDU = new CommandAPDU(
+      ISO7816_CLA.ISO7816,
+      ISO7816_INS.MSE,
+      0xc1,
+      0xa4,
+      Uint8Array.from(data),
+      0,
+      data.length,
+      -1
+    );
+
+    const responseAPDU = await this.secureMessagingSender.transmit(
+      wrapper,
+      commandAPDU
+    );
+
+    const sw = responseAPDU.getSW();
+    if (sw !== ISO7816_SW.NO_ERROR) {
+      throw new Error(
+        `Sending MSE AT failed, SW = ${sw.toString(16).padStart(4, '0')}`
+      );
+    }
+  }
+
+  public async sendGeneralAuthenticate(
+    wrapper: APDUWrapper | null,
+    data: number[],
+    le: number,
+    isLast: boolean
+  ): Promise<number[]> {
+    // Wrap data in 0x7C
+    const commandData = Array.from(TLVUtil.wrapDO(0x7c, data));
+
+    const cla = isLast ? ISO7816_CLA.ISO7816 : ISO7816_CLA.COMMAND_CHAINING;
+
+    const commandAPDU = new CommandAPDU(
+      cla,
+      INS_PACE_GENERAL_AUTHENTICATE,
+      0x00,
+      0x00,
+      Uint8Array.from(commandData),
+      0,
+      commandData.length,
+      le
+    );
+
+    console.debug(
+      `[PACE APDU] >> CLA=${cla.toString(16)} INS=86 Lc=${commandData.length} Le=${le} data(first32)=${Buffer.from(commandData.slice(0, 32)).toString('hex')}`
+    );
+
+    const responseAPDU = await this.secureMessagingSender.transmit(
+      wrapper,
+      commandAPDU
+    );
+
+    const sw = responseAPDU.getSW();
+    console.debug(
+      `[PACE APDU] << SW=${sw.toString(16).padStart(4, '0')} dataLen=${responseAPDU.getData()?.length ?? 0}`
+    );
+    if (sw !== ISO7816_SW.NO_ERROR) {
+      throw new Error(
+        `Sending general authenticate failed, SW = ${sw.toString(16).padStart(4, '0')}`
+      );
+    }
+
+    const responseData = responseAPDU.getData();
+    if (responseData == null || responseData.length === 0) {
+      return [];
+    }
+
+    // Unwrap 0x7C
+    return await TLVUtil.unwrapDO(0x7c, Array.from(responseData));
+  }
+
+  /**
+   * Encodes an OID string to its ASN.1 byte representation wrapped in tag 0x80.
+   */
+  private static toOIDBytes(oid: string): number[] {
+    const components = oid.split('.').map(Number);
+    if (components.length < 2) {
+      throw new Error(`Invalid OID: ${oid}`);
+    }
+
+    // First two components encoded as (first * 40 + second)
+    const encodedComponents: number[] = [];
+    const firstByte = components[0] * 40 + components[1];
+    encodedComponents.push(firstByte);
+
+    // Remaining components use base-128 encoding
+    for (let i = 2; i < components.length; i++) {
+      const value = components[i];
+      if (value < 128) {
+        encodedComponents.push(value);
+      } else {
+        const bytes: number[] = [];
+        let v = value;
+        bytes.push(v & 0x7f);
+        v >>= 7;
+        while (v > 0) {
+          bytes.push((v & 0x7f) | 0x80);
+          v >>= 7;
+        }
+        bytes.reverse();
+        encodedComponents.push(...bytes);
+      }
+    }
+
+    // Wrap with tag 0x80 (TLV)
+    const oidContent = Uint8Array.from(encodedComponents);
+    const result: number[] = [0x80, oidContent.length, ...oidContent];
+
+    return result;
+  }
+}