OpenPACE Icon


Crypto library for the PACE protocol

7 Downloads (This Week)
Last Update:
Download openpace-0.8.tar.gz
Browse All Files


We moved to see you there!

This project aims at an open implementation of the Password Authenticated Connection Establishment (PACE), Terminal Authentication (TA) and Chip Authentication (CA) as parts of the Extended Access Control (EAC) for Machine Readable Travel Documents (see BSI TR-03110). OpenPACE extends OpenSSL with PACE, TA, CA and with operations for the related Card Cerifiable (CV) certificates.

OpenPACE Web Site


  • Successfully tested with the German electronic identity card (nPA)
  • PACE key agreement implemented independant from a smart card context
  • Includes structures and methods for parsing CV certificates
  • Internal structures can be initialized using a given EF.CardAccess
  • Offers functionality to encrypt, decryt, authenticate and pad the data of the established Secure Messaging (SM) channel
  • Supports all versions of BSI TR-03110
  • Supports integrated and generic mapping of ECDH and DH
  • Supports all standardized domain parameters
  • Supports AES with CMAC and 3DES with retail MAC


Additional Project Details

User Interface

Other toolkit

Programming Language



Screenshots can attract more users to your project.
Features can attract more users to your project.