Class PACE
This class implements the PACE protocol
Defined in: PACE.js.
Constructor Attributes | Constructor Name and Description |
---|---|
PACE(crypto, algo, domainparam, version)
Create a PACE protocol object
|
Method Attributes | Method Name and Description |
---|---|
Calculate the authentication token over the public key received from
the other side
|
|
decryptNonce(nonce)
Decrypt and store nonce using PACE key.
|
|
deriveKey(input, counter, the)
Derive key from input parameter, counter and optional nonce
|
|
<static> |
PACE.encodePublicKey(oid, key, withDP)
Encode an ECC public key in the format defined by the EAC 2.0 specification
|
generateEphemeralKeyPair(domainParameter)
Generate ephemeral ECC key pair.
|
|
Generate nonce and encrypt using PACE key.
|
|
Returns the ephemeral public key based on the new domain parameter
|
|
Generates and returns the mapping data for this instance
|
|
Return algorithm type
|
|
Returns true, if the mapping has been performed.
|
|
hasNonce()
Returns true, if the nonce is known.
|
|
<static> |
PACE.keyToString(the)
Describe key
|
performKeyAgreement(publicKey)
Performs the mapping operation with mapping data from the other side
|
|
performMapping(mappingData)
Performs the mapping operation with mapping data from the other side
|
|
setPACEKey(key)
Set the PACE key.
|
|
setPassword(pwd)
Set the password and derive the PACE key.
|
|
<static> |
PACE.stripLeadingZeros(value)
Strips leading zeros of a ByteString
|
toString()
Returns a human readable presentation of the current pace state.
|
|
Calculate and verify the authentication token over the public key received from
the other side
|
Class Detail
PACE(crypto, algo, domainparam, version)
Create a PACE protocol object
- Parameters:
- {Crypto} crypto
- the crypto provider
- {ByteString} algo
- the algorithm OID
- {Key} domainparam
- the key object holding ECC domain parameter
- {Number} version
- protocol version (1 or 2)
Method Detail
{ByteString}
calculateAuthenticationToken()
Calculate the authentication token over the public key received from
the other side
- Returns:
- the MAC over the authentication data
decryptNonce(nonce)
Decrypt and store nonce using PACE key.
- Parameters:
- {ByteString} nonce
- the encrypted nonce
{Key}
deriveKey(input, counter, the)
Derive key from input parameter, counter and optional nonce
- Parameters:
- {ByteString} input
- the first part of the hash input
- {Number} counter
- the counter value
- {nonce} the
- optional nonce inserted between the input and the counter
- Returns:
- the key object
<static>
{ASN1}
PACE.encodePublicKey(oid, key, withDP)
Encode an ECC public key in the format defined by the EAC 2.0 specification
- Parameters:
- {String} oid
- the object identifier to encode
- {Key} key
- the EC public key
- {Boolean} withDP
- true to encode domain parameter as well
- Returns:
- the ASN1 encoded public key object
{Key}
generateEphemeralKeyPair(domainParameter)
Generate ephemeral ECC key pair.
- Parameters:
- domainParameter
- the domain parameter for the key pair
- Returns:
- the ephemeral public key
{ByteString}
getEncryptedNonce()
Generate nonce and encrypt using PACE key.
- Returns:
- the encrypted nonce
{ByteString}
getEphemeralPublicKey()
Returns the ephemeral public key based on the new domain parameter
- Returns:
- the encoded public key
{ByteString}
getMappingData()
Generates and returns the mapping data for this instance
- Returns:
- the mapping data
{Number}
getSymmetricAlgorithm()
Return algorithm type
- Returns:
- Either Key.DES or Key.AES
{Boolean}
hasMapping()
Returns true, if the mapping has been performed.
- Returns:
- true if the mapping has been performed
{Boolean}
hasNonce()
Returns true, if the nonce is known.
- Returns:
- true if the nonce is known
<static>
{String}
PACE.keyToString(the)
Describe key
- Parameters:
- {Key} the
- key
- Returns:
- the string describing the key
performKeyAgreement(publicKey)
Performs the mapping operation with mapping data from the other side
- Parameters:
- {ByteString} publicKey
- the public key in encoded format
performMapping(mappingData)
Performs the mapping operation with mapping data from the other side
- Parameters:
- mappingData
setPACEKey(key)
Set the PACE key.
- Parameters:
- {ByteString} key
- the PACE key
- Returns:
- the PACE key.
setPassword(pwd)
Set the password and derive the PACE key.
- Parameters:
- {ByteString} pwd
- the PACE password (Hash Value for MRZ and ASCII string for others)
- Returns:
- the PACE key.
<static>
{ByteString}
PACE.stripLeadingZeros(value)
Strips leading zeros of a ByteString
- Parameters:
- {ByteString} value
- the ByteString value
- Returns:
- the stripped ByteString object, may be an empty ByteString
toString()
Returns a human readable presentation of the current pace state.
return {String} the object information
{Boolean}
verifyAuthenticationToken(the)
Calculate and verify the authentication token over the public key received from
the other side
- Parameters:
- {ByteString} the
- MAC over the authentication data
- Returns:
- true if the MAC is valid