How to compute MAC

[stanneraustin]

This i know already.
http://xionghuilin.com/?p=326 this explain some part of puzzel.
i posted more details at here too https://stackoverflow.com/questions/247 ... tools?rq=1
still not returning valid C-MAC for another command then EXTERNAL AUTHENTICATE

[Tolice]

This i know already.
http://xionghuilin.com/?p=326 this explain some part of puzzel.
i posted more details at here too https://stackoverflow.com/questions/247 ... tools?rq=1
still not returning valid C-MAC for another command then EXTERNAL AUTHENTICATE

For the EXTERNAL AUTHENTICATE command MAC verification, the ICV is set to zero

[stanneraustin]

Ok i have solved issue.
ICV is what we got from external auth.

1) ICV is des ecb each time we going to use with first 8 byte session MAC. used as IV on next step.
2) now if data is less then 8 byte or 8 byte skip this. des cbc first 8 byte data with first 8 byte session mac key and IV = ICV result we have new ICV used as IV on next step
3) now last des cbc last 8 byte with full session mac 16 byte + first 8 byte session mac (to get 24bit) key with IV = ICV
right 8 byte is ur final result C-MAC

Only thing complex is make 24bit key out of 16 bytes was not well documented by globalplatform.
Thanks to every one, i hope this will help others.

[whitexiao]

Ok i have solved issue.
ICV is what we got from external auth.

1) ICV is des ecb each time we going to use with first 8 byte session MAC. used as IV on next step.
2) now if data is less then 8 byte or 8 byte skip this. des cbc first 8 byte data with first 8 byte session mac key and IV = ICV result we have new ICV used as IV on next step
3) now last des cbc last 8 byte with full session mac 16 byte + first 8 byte session mac (to get 24bit) key with IV = ICV
right 8 byte is ur final result C-MAC

Only thing complex is make 24bit key out of 16 bytes was not well documented by globalplatform.
Thanks to every one, i hope this will help others.

It's really a good sharing, I'm also learning smart card. Thank you.