Sir,
how to AUTHENTICATED in secure channel.
Any help.
Regards,
Naresh.
JavacardOS will not accept order any more, please contact our partner Feitian online Store:
https://ftsafe.en.alibaba.com/index.html
https://ftsafe.en.alibaba.com/index.html
How to AUTHENTICATED in Secure channel
-
wumindejia
- Posts: 55
- Joined: Thu Sep 22, 2016 5:05 am
- Points :784
- Contact:
Re: How to AUTHENTICATED in Secure channel
You can refer to appendix D/E/F in the attachment.
You do not have the required permissions to view the files attached to this post. Please login first.
-
jennyvenus
- Posts: 24
- Joined: Sun Aug 23, 2015 11:14 pm
- Points :424
- Contact:
Re: How to AUTHENTICATED in Secure channel
Use snooper to execute this script line by line to familiarize yourself with the gp authentication process
clear
? "--------------------------------gp auth----------------------"
// send 80 50 00 00 08 8070605040302010
host_challenge = 8070605040302010
// receive 00005252A50838508CA5200200072637B433A844984F6E93030467AA + 9000
resp = 00005252A50838508CA5200200072637B433A844984F6E93030467AA
// input
maclength = 08
auth_level = 03
static_key = 40 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f
Key_diversification_data = mid( $resp, 0, 10 ) //Key diversification data
Key_information = mid( $resp, 10, 2 ) //Keyinformation
Sequence_counter = mid( $resp, 12, 2 ) //Sequencecounter
Card_challenge = mid( $resp, 14, 6 ) //Cardchallenge
Card_cryptogram = mid( $resp, 20, 8 ) //Card cryptogram
? "Keydiversification data " $Key_diversification_data
? "Keyinformation " $Key_information
? "Sequencecounter " $Sequence_counter
? "Cardchallenge " $Card_challenge
? "Cardcryptogram " $Card_cryptogram
? "S-ENC = 2 byteconstant + 2 byte sequence counter+ 12 byte 00"
SENC_plain = 01 82 $Sequence_counter 00000000 00000000 00000000
? "S-ENC " $SENC_plain
? "C-MAC = 2 byteconstant + 2 byte sequencecounter + 12 byte 00"
CMAC_plain = 01 01 $Sequence_counter 00000000 00000000 00000000
? "C-MAC " $CMAC_plain
? "C-DEK = 2 byte constant + 2 byte sequence counter+ 12 byte 00"
CDEK_plain = 01 81 $Sequence_counter 00000000 00000000 00000000
? "C-DEK " $CDEK_plain
SENC_cipher = 3des_encode_cbc( 0000000000000000, $SENC_plain, $static_key )
? "session key " $SENC_cipher
CMAC_cipher = 3des_encode_cbc( 0000000000000000, $CMAC_plain, $static_key )
? "c-mac key " $CMAC_cipher
SDEK_cipher = 3des_encode_cbc( 0000000000000000, $CDEK_plain, $static_key )
? "dek " $SDEK_cipher
? "Host Authenticate Cryptogram =sequencecounter(2Byte) + card challenge(6) + host challenge(8) +8000000000000000"
host_cryptogram = $Sequence_counter $Card_challenge $host_challenge 80000000 00000000
? "host authenticate cryptogram " $host_cryptogram
host_cryptogram_cipher = 3des_encode_cbc( 00000000, $host_cryptogram, $SENC_cipher )
? $host_cryptogram_cipher
host_cryptogramMAC = mid( $host_cryptogram_cipher, 16, 8 )
? "auth command datafield " $host_cryptogramMAC
? "auth command"
auth_command = 84 82 $auth_level 00 < $host_cryptogramMAC >
auth_command_80 = fixed80( $auth_command )
? "auth command " $auth_command
auth_command_mac = des_3des_mac( 0000000000000000, $auth_command_80, $CMAC_cipher )
? "auth command mac " $auth_command_mac
? "final auth command " $auth_command $auth_command_mac
final_command = $auth_command $auth_command_mac
result is
//[]===================================================================[]
//[] --------------------------------gp auth---------------------- []
//[]===================================================================[]
//--// send 80 50 00 00 08 8070605040302010
//host_challenge = 8070605040302010
//--// receive 00005252A50838508CA5200200072637B433A844984F6E93030467AA + 9000
//resp = 00005252A50838508CA5200200072637B433A844984F6E93030467AA
//--// input
//auth_level = 03
//static_key = 404142434445464748494A4B4C4D4E4F
//key_diversification_data = 00005252A50838508CA5
//key_information = 2002
//sequence_counter = 0007
//card_challenge = 2637B433A844
//card_cryptogram = 984F6E93030467AA
//[]==================================================================[]
//[] Keydiversification data 00005252A50838508CA5 []
//[] Keyinformation 2002 []
//[] Sequencecounter 0007 []
//[] Cardchallenge 2637B433A844 []
//[] Cardcryptogram 984F6E93030467AA []
//[] S-ENC = 2 byteconstant + 2 byte sequence counter+ 12 byte 00 []
//[]==================================================================[]
//senc_plain = 01820007000000000000000000000000
//[]=====================================================================[]
//[] S-ENC 01820007000000000000000000000000 []
//[] C-MAC = 2 byteconstant + 2 byte sequencecounter + 12 byte 00 []
//[]=====================================================================[]
//cmac_plain = 01010007000000000000000000000000
//[]=====================================================================[]
//[] C-MAC 01010007000000000000000000000000 []
//[] C-DEK = 2 byte constant + 2 byte sequence counter+ 12 byte 00 []
//[]=====================================================================[]
//cdek_plain = 01810007000000000000000000000000
//[]=====================================================================[]
//[] C-DEK 01810007000000000000000000000000 []
//[]=====================================================================[]
//senc_cipher = A2268F71917EFE0F33CC6166E1154E27
//[]=====================================================================[]
//[] session key A2268F71917EFE0F33CC6166E1154E27 []
//[]=====================================================================[]
//cmac_cipher = 7A227D376A9DBE23AB50B7DCB45B2093
//[]=====================================================================[]
//[] c-mac key 7A227D376A9DBE23AB50B7DCB45B2093 []
//[]=====================================================================[]
//sdek_cipher = F39FCFB2383B09578723B8C2E03B2729
//[]====================================================================================================================[]
//[] dek F39FCFB2383B09578723B8C2E03B2729 []
//[] Host Authenticate Cryptogram =sequencecounter(2Byte) + card challenge(6) + host challenge(8) +8000000000000000 []
//[]====================================================================================================================[]
//host_cryptogram = 00072637B433A84480706050403020108000000000000000
//[]=====================================================================================[]
//[] host authenticate cryptogram 00072637B433A84480706050403020108000000000000000 []
//[]=====================================================================================[]
//host_cryptogram_cipher = F4EE3BBC36648DC30E7C3FD8E4E9E7F5CBAB7BD6FF09FFBC
//[]======================================================[]
//[] F4EE3BBC36648DC30E7C3FD8E4E9E7F5CBAB7BD6FF09FFBC []
//[]======================================================[]
//host_cryptogrammac = CBAB7BD6FF09FFBC
//[]=========================================================[]
//[] auth command datafield CBAB7BD6FF09FFBC []
//[] auth command []
//[]=========================================================[]
//auth_command = 8482030010CBAB7BD6FF09FFBC
//auth_command_80 = 8482030010CBAB7BD6FF09FFBC800000
//[]===========================================================[]
//[] auth command 8482030010CBAB7BD6FF09FFBC []
//[]===========================================================[]
//auth_command_mac = 8A1910770BAC6865
//[]===============================================================================[]
//[] auth command mac 8A1910770BAC6865 []
//[] final auth command 8482030010CBAB7BD6FF09FFBC8A1910770BAC6865 []
//[]===============================================================================[]
//final_command = 8482030010CBAB7BD6FF09FFBC8A1910770BAC6865
clear
? "--------------------------------gp auth----------------------"
// send 80 50 00 00 08 8070605040302010
host_challenge = 8070605040302010
// receive 00005252A50838508CA5200200072637B433A844984F6E93030467AA + 9000
resp = 00005252A50838508CA5200200072637B433A844984F6E93030467AA
// input
maclength = 08
auth_level = 03
static_key = 40 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f
Key_diversification_data = mid( $resp, 0, 10 ) //Key diversification data
Key_information = mid( $resp, 10, 2 ) //Keyinformation
Sequence_counter = mid( $resp, 12, 2 ) //Sequencecounter
Card_challenge = mid( $resp, 14, 6 ) //Cardchallenge
Card_cryptogram = mid( $resp, 20, 8 ) //Card cryptogram
? "Keydiversification data " $Key_diversification_data
? "Keyinformation " $Key_information
? "Sequencecounter " $Sequence_counter
? "Cardchallenge " $Card_challenge
? "Cardcryptogram " $Card_cryptogram
? "S-ENC = 2 byteconstant + 2 byte sequence counter+ 12 byte 00"
SENC_plain = 01 82 $Sequence_counter 00000000 00000000 00000000
? "S-ENC " $SENC_plain
? "C-MAC = 2 byteconstant + 2 byte sequencecounter + 12 byte 00"
CMAC_plain = 01 01 $Sequence_counter 00000000 00000000 00000000
? "C-MAC " $CMAC_plain
? "C-DEK = 2 byte constant + 2 byte sequence counter+ 12 byte 00"
CDEK_plain = 01 81 $Sequence_counter 00000000 00000000 00000000
? "C-DEK " $CDEK_plain
SENC_cipher = 3des_encode_cbc( 0000000000000000, $SENC_plain, $static_key )
? "session key " $SENC_cipher
CMAC_cipher = 3des_encode_cbc( 0000000000000000, $CMAC_plain, $static_key )
? "c-mac key " $CMAC_cipher
SDEK_cipher = 3des_encode_cbc( 0000000000000000, $CDEK_plain, $static_key )
? "dek " $SDEK_cipher
? "Host Authenticate Cryptogram =sequencecounter(2Byte) + card challenge(6) + host challenge(8) +8000000000000000"
host_cryptogram = $Sequence_counter $Card_challenge $host_challenge 80000000 00000000
? "host authenticate cryptogram " $host_cryptogram
host_cryptogram_cipher = 3des_encode_cbc( 00000000, $host_cryptogram, $SENC_cipher )
? $host_cryptogram_cipher
host_cryptogramMAC = mid( $host_cryptogram_cipher, 16, 8 )
? "auth command datafield " $host_cryptogramMAC
? "auth command"
auth_command = 84 82 $auth_level 00 < $host_cryptogramMAC >
auth_command_80 = fixed80( $auth_command )
? "auth command " $auth_command
auth_command_mac = des_3des_mac( 0000000000000000, $auth_command_80, $CMAC_cipher )
? "auth command mac " $auth_command_mac
? "final auth command " $auth_command $auth_command_mac
final_command = $auth_command $auth_command_mac
result is
//[]===================================================================[]
//[] --------------------------------gp auth---------------------- []
//[]===================================================================[]
//--// send 80 50 00 00 08 8070605040302010
//host_challenge = 8070605040302010
//--// receive 00005252A50838508CA5200200072637B433A844984F6E93030467AA + 9000
//resp = 00005252A50838508CA5200200072637B433A844984F6E93030467AA
//--// input
//auth_level = 03
//static_key = 404142434445464748494A4B4C4D4E4F
//key_diversification_data = 00005252A50838508CA5
//key_information = 2002
//sequence_counter = 0007
//card_challenge = 2637B433A844
//card_cryptogram = 984F6E93030467AA
//[]==================================================================[]
//[] Keydiversification data 00005252A50838508CA5 []
//[] Keyinformation 2002 []
//[] Sequencecounter 0007 []
//[] Cardchallenge 2637B433A844 []
//[] Cardcryptogram 984F6E93030467AA []
//[] S-ENC = 2 byteconstant + 2 byte sequence counter+ 12 byte 00 []
//[]==================================================================[]
//senc_plain = 01820007000000000000000000000000
//[]=====================================================================[]
//[] S-ENC 01820007000000000000000000000000 []
//[] C-MAC = 2 byteconstant + 2 byte sequencecounter + 12 byte 00 []
//[]=====================================================================[]
//cmac_plain = 01010007000000000000000000000000
//[]=====================================================================[]
//[] C-MAC 01010007000000000000000000000000 []
//[] C-DEK = 2 byte constant + 2 byte sequence counter+ 12 byte 00 []
//[]=====================================================================[]
//cdek_plain = 01810007000000000000000000000000
//[]=====================================================================[]
//[] C-DEK 01810007000000000000000000000000 []
//[]=====================================================================[]
//senc_cipher = A2268F71917EFE0F33CC6166E1154E27
//[]=====================================================================[]
//[] session key A2268F71917EFE0F33CC6166E1154E27 []
//[]=====================================================================[]
//cmac_cipher = 7A227D376A9DBE23AB50B7DCB45B2093
//[]=====================================================================[]
//[] c-mac key 7A227D376A9DBE23AB50B7DCB45B2093 []
//[]=====================================================================[]
//sdek_cipher = F39FCFB2383B09578723B8C2E03B2729
//[]====================================================================================================================[]
//[] dek F39FCFB2383B09578723B8C2E03B2729 []
//[] Host Authenticate Cryptogram =sequencecounter(2Byte) + card challenge(6) + host challenge(8) +8000000000000000 []
//[]====================================================================================================================[]
//host_cryptogram = 00072637B433A84480706050403020108000000000000000
//[]=====================================================================================[]
//[] host authenticate cryptogram 00072637B433A84480706050403020108000000000000000 []
//[]=====================================================================================[]
//host_cryptogram_cipher = F4EE3BBC36648DC30E7C3FD8E4E9E7F5CBAB7BD6FF09FFBC
//[]======================================================[]
//[] F4EE3BBC36648DC30E7C3FD8E4E9E7F5CBAB7BD6FF09FFBC []
//[]======================================================[]
//host_cryptogrammac = CBAB7BD6FF09FFBC
//[]=========================================================[]
//[] auth command datafield CBAB7BD6FF09FFBC []
//[] auth command []
//[]=========================================================[]
//auth_command = 8482030010CBAB7BD6FF09FFBC
//auth_command_80 = 8482030010CBAB7BD6FF09FFBC800000
//[]===========================================================[]
//[] auth command 8482030010CBAB7BD6FF09FFBC []
//[]===========================================================[]
//auth_command_mac = 8A1910770BAC6865
//[]===============================================================================[]
//[] auth command mac 8A1910770BAC6865 []
//[] final auth command 8482030010CBAB7BD6FF09FFBC8A1910770BAC6865 []
//[]===============================================================================[]
//final_command = 8482030010CBAB7BD6FF09FFBC8A1910770BAC6865
-
jennyvenus
- Posts: 24
- Joined: Sun Aug 23, 2015 11:14 pm
- Points :424
- Contact:
Re: How to AUTHENTICATED in Secure channel
Code: Select all
clear
? "--------------------------------gp auth----------------------"
// send 80 50 00 00 08 8070605040302010
host_challenge = 8070605040302010
// receive 00005252A50838508CA5200200072637B433A844984F6E93030467AA + 9000
resp = 00005252A50838508CA5200200072637B433A844984F6E93030467AA
// input
maclength = 08
auth_level = 03
static_key = 40 41 42 43 44 45 46 47 48 49 4a 4b 4c 4d 4e 4f
Key_diversification_data = mid( $resp, 0, 10 ) //Key diversification data
Key_information = mid( $resp, 10, 2 ) //Keyinformation
Sequence_counter = mid( $resp, 12, 2 ) //Sequencecounter
Card_challenge = mid( $resp, 14, 6 ) //Cardchallenge
Card_cryptogram = mid( $resp, 20, 8 ) //Card cryptogram
? "Keydiversification data " $Key_diversification_data
? "Keyinformation " $Key_information
? "Sequencecounter " $Sequence_counter
? "Cardchallenge " $Card_challenge
? "Cardcryptogram " $Card_cryptogram
? "S-ENC = 2 byteconstant + 2 byte sequence counter+ 12 byte 00"
SENC_plain = 01 82 $Sequence_counter 00000000 00000000 00000000
? "S-ENC " $SENC_plain
? "C-MAC = 2 byteconstant + 2 byte sequencecounter + 12 byte 00"
CMAC_plain = 01 01 $Sequence_counter 00000000 00000000 00000000
? "C-MAC " $CMAC_plain
? "C-DEK = 2 byte constant + 2 byte sequence counter+ 12 byte 00"
CDEK_plain = 01 81 $Sequence_counter 00000000 00000000 00000000
? "C-DEK " $CDEK_plain
SENC_cipher = 3des_encode_cbc( 0000000000000000, $SENC_plain, $static_key )
? "session key " $SENC_cipher
CMAC_cipher = 3des_encode_cbc( 0000000000000000, $CMAC_plain, $static_key )
? "c-mac key " $CMAC_cipher
SDEK_cipher = 3des_encode_cbc( 0000000000000000, $CDEK_plain, $static_key )
? "dek " $SDEK_cipher
? "Host Authenticate Cryptogram =sequencecounter(2Byte) + card challenge(6) + host challenge(8) +8000000000000000"
host_cryptogram = $Sequence_counter $Card_challenge $host_challenge 80000000 00000000
? "host authenticate cryptogram " $host_cryptogram
host_cryptogram_cipher = 3des_encode_cbc( 00000000, $host_cryptogram, $SENC_cipher )
? $host_cryptogram_cipher
host_cryptogramMAC = mid( $host_cryptogram_cipher, 16, 8 )
? "auth command datafield " $host_cryptogramMAC
? "auth command"
auth_command = 84 82 $auth_level 00 < $host_cryptogramMAC >
auth_command_80 = fixed80( $auth_command )
? "auth command " $auth_command
auth_command_mac = des_3des_mac( 0000000000000000, $auth_command_80, $CMAC_cipher )
? "auth command mac " $auth_command_mac
? "final auth command " $auth_command $auth_command_mac
final_command = $auth_command $auth_command_mac
-----------------------------------------------------
//[]===================================================================[]
//[] --------------------------------gp auth---------------------- []
//[]===================================================================[]
//--// send 80 50 00 00 08 8070605040302010
//host_challenge = 8070605040302010
//--// receive 00005252A50838508CA5200200072637B433A844984F6E93030467AA + 9000
//resp = 00005252A50838508CA5200200072637B433A844984F6E93030467AA
//--// input
//auth_level = 03
//static_key = 404142434445464748494A4B4C4D4E4F
//key_diversification_data = 00005252A50838508CA5
//key_information = 2002
//sequence_counter = 0007
//card_challenge = 2637B433A844
//card_cryptogram = 984F6E93030467AA
//[]==================================================================[]
//[] Keydiversification data 00005252A50838508CA5 []
//[] Keyinformation 2002 []
//[] Sequencecounter 0007 []
//[] Cardchallenge 2637B433A844 []
//[] Cardcryptogram 984F6E93030467AA []
//[] S-ENC = 2 byteconstant + 2 byte sequence counter+ 12 byte 00 []
//[]==================================================================[]
//senc_plain = 01820007000000000000000000000000
//[]=====================================================================[]
//[] S-ENC 01820007000000000000000000000000 []
//[] C-MAC = 2 byteconstant + 2 byte sequencecounter + 12 byte 00 []
//[]=====================================================================[]
//cmac_plain = 01010007000000000000000000000000
//[]=====================================================================[]
//[] C-MAC 01010007000000000000000000000000 []
//[] C-DEK = 2 byte constant + 2 byte sequence counter+ 12 byte 00 []
//[]=====================================================================[]
//cdek_plain = 01810007000000000000000000000000
//[]=====================================================================[]
//[] C-DEK 01810007000000000000000000000000 []
//[]=====================================================================[]
//senc_cipher = A2268F71917EFE0F33CC6166E1154E27
//[]=====================================================================[]
//[] session key A2268F71917EFE0F33CC6166E1154E27 []
//[]=====================================================================[]
//cmac_cipher = 7A227D376A9DBE23AB50B7DCB45B2093
//[]=====================================================================[]
//[] c-mac key 7A227D376A9DBE23AB50B7DCB45B2093 []
//[]=====================================================================[]
//sdek_cipher = F39FCFB2383B09578723B8C2E03B2729
//[]====================================================================================================================[]
//[] dek F39FCFB2383B09578723B8C2E03B2729 []
//[] Host Authenticate Cryptogram =sequencecounter(2Byte) + card challenge(6) + host challenge(8) +8000000000000000 []
//[]====================================================================================================================[]
//host_cryptogram = 00072637B433A84480706050403020108000000000000000
//[]=====================================================================================[]
//[] host authenticate cryptogram 00072637B433A84480706050403020108000000000000000 []
//[]=====================================================================================[]
//host_cryptogram_cipher = F4EE3BBC36648DC30E7C3FD8E4E9E7F5CBAB7BD6FF09FFBC
//[]======================================================[]
//[] F4EE3BBC36648DC30E7C3FD8E4E9E7F5CBAB7BD6FF09FFBC []
//[]======================================================[]
//host_cryptogrammac = CBAB7BD6FF09FFBC
//[]=========================================================[]
//[] auth command datafield CBAB7BD6FF09FFBC []
//[] auth command []
//[]=========================================================[]
//auth_command = 8482030010CBAB7BD6FF09FFBC
//auth_command_80 = 8482030010CBAB7BD6FF09FFBC800000
//[]===========================================================[]
//[] auth command 8482030010CBAB7BD6FF09FFBC []
//[]===========================================================[]
//auth_command_mac = 8A1910770BAC6865
//[]===============================================================================[]
//[] auth command mac 8A1910770BAC6865 []
//[] final auth command 8482030010CBAB7BD6FF09FFBC8A1910770BAC6865 []
//[]===============================================================================[]
//final_command = 8482030010CBAB7BD6FF09FFBC8A1910770BAC6865
Who is online
Users browsing this forum: Bing [Bot] and 50 guests