OpenPACE Publisher's description
This project aims at an open implementation of the Password Authenticated Connection Establishment (PACE)
This project aims at an open implementation of the Password Authenticated Connection Establishment (PACE), Terminal Authentication (TA) and Chip Authentication (CA) as parts of the Extended Access Control (EAC) for Machine Readable Travel Documents (see BSI TR-03110). OpenPACE extends OpenSSL with PACE, TA, CA and with operations for the related Card Cerifiable (CV) certificates.
Successfully tested with the German electronic identity card (nPA)
PACE key agreement implemented independant from a smart card context
Includes structures and methods for parsing CV certificates
Internal structures can be initialized using a given EF.CardAccess
Offers functionality to encrypt, decryt, authenticate and pad the data of the established Secure Messaging (SM) channel
Supports all versions of BSI TR-03110
Supports integrated and generic mapping of ECDH and DH
Supports all standardized domain parameters
Supports AES with CMAC and 3DES with retail MAC
System Requirements:No special requirements.
Program Release Status: Major Update
Program Install Support: Install and Uninstall