PACE

Important

TL;DR: use --pace for authentication-only and --pace-sm for secure channel

PACE authentication and secure channel

Note

• PACE is defined in BSI TR-03110 Part 3 v2.21
• GlobalPlatformPro currently supports only id-PACE-ECDH-GM-AES-CBC-CMAC-256 with 256 and 384 bit NIST and Brainpool curves and CAN.

This is usually required when connecting to privacy-protected devices such as ID documents on the contactless interface. It depends on three inputs:

• AID of the application doing the PACE authentication
• used curve domain parameters
• Card Access Number (CAN), usually printed onto the card.

Depending on the card configuration, once the authentication has been done, communication can continue in "plaintext", or with PACE-SM secure messaging (encrypted and authenticated).

Example #1 - PACE with secure messaging

Authenticate with PACE using P-256, CAN "123456" via the application with AID A000000077010800070000FE00000100, then send an APDU of 00200001043132333400 via the PACE secure messaging channel:

gp -pace-sm A000000077010800070000FE00000100 -pace-curve secp256r1 -can 1234 -a 00200001043132333400

Important

PACE secure channel is global, established before and not related to GlobalPlatform secure channel (SCP). Thus the APDU to be sent in PACE secure channel is "plaintext APDU" (--apdu), not the GlobalPlatform SCP protected APDU (--secure-apdu)

Example #2 - PACE, authentication only

Authenticate with PACE using BrainpoolP384r1, CAN "654321" via the application with AID F0000000000001, then continue by establishing GlobalPlatform secure channel with default keys (0x40..0x4F), and listing the auto-detected ISD contents:

gp -pace F0000000000001 -pace-curve brainpoolp384r1 -can 654321 -l

Note

In theory, PACE secure channel and GlobalPlatform secure channel can be nested. In practice, this might not be allowed.

Tip

Use the --force to ignore the failure of mutual authentication step of PACE