JavacardOS will not accept order any more, please contact our partner Feitian online Store:
https://ftsafe.en.alibaba.com/index.html
https://ftsafe.en.alibaba.com/index.html
ARPC generation
-
- Posts: 44
- Joined: Thu Apr 06, 2017 8:01 am
- Points :460
- Contact:
ARPC generation
Hi,
Does anyone knows ARPC generation in java card?
Thanks in advance...!!
Deepansh
Does anyone knows ARPC generation in java card?
Thanks in advance...!!
Deepansh
- UNKNwYSHSA
- Posts: 630
- Joined: Thu May 21, 2015 4:05 am
- Points :3053
- Contact:
Re: ARPC generation
1. This is the tool output:
2. And we calculate ARPC using method1, EMV specification shows the details:
3. Calculate ARPC manually.
[INPUT] Session key: 7CBA97ABD6CB6E0B29A7457A7332DFC4
[INPUT] ARQC: 0C25134A77B0F6B3
[ARC PADDED] ARC: "Y3" => 5933 + 000000000000
[XOR] ARQC ^ ARC => 5516134A77B0F6B3
[OUTPUT] Encrypt with algorithm 3DES, result: 47CA7F6274A9FCB1
[RESULT] Same as the tool's result.
4 Source code to calculate ARPC with JavaCard:
5. APDU command:
[2017-06-08 10:51:15] BP-Tools - Cryptographic Calculator is ready
********************
[2017-06-08 10:51:17]
EMV Cryptography: ARPC generation finished
****************************************
ARPC Method: 1
Response Code: Y3: Unable to go online (offline approved)
Session key: 7CBA97ABD6CB6E0B29A7457A7332DFC4
Transaction Cryptogram:0C25134A77B0F6B3
----------------------------------------
ARPC generated: 47CA7F6274A9FCB1
2. And we calculate ARPC using method1, EMV specification shows the details:
8.2.1 ARPC Method 1
ARPC Method 1 for the generation of an 8-byte ARPC consists of applying the
Triple-DES algorithm as specified in Annex B1.1 to:
the 8-byte ARQC generated by the ICC as described in section 8.1
the 2-byte Authorisation Response Code (ARC)
using the 16-byte Application Cryptogram Session Key SKAC (see section 8.1) in
the following way:
1. Pad the 2-byte ARC with six zero bytes to obtain the 8-byte number
X := (ARC || '00'|| '00' || '00' || '00' || '00' || '00')
2. Compute Y: = ARQC ^ X.
3. The 8-byte ARPC is then obtained by
ARPC := DES3(SKAC)[Y]
3. Calculate ARPC manually.
[INPUT] Session key: 7CBA97ABD6CB6E0B29A7457A7332DFC4
[INPUT] ARQC: 0C25134A77B0F6B3
[ARC PADDED] ARC: "Y3" => 5933 + 000000000000
[XOR] ARQC ^ ARC => 5516134A77B0F6B3
[OUTPUT] Encrypt with algorithm 3DES, result: 47CA7F6274A9FCB1
[RESULT] Same as the tool's result.
4 Source code to calculate ARPC with JavaCard:
Code: Select all
switch (buf[ISO7816.OFFSET_INS])
{
case (byte) 0x00:
apdu.setIncomingAndReceive();
key.setKey(buf, ISO7816.OFFSET_CDATA);
break;
case (byte) 0x02:
short dataLen2 = apdu.setIncomingAndReceive();
// Note: Receive more data bytes if exists with apdu.receiveBytes().
Cipher cipher = Cipher.getInstance(Cipher.ALG_DES_ECB_NOPAD, false);
cipher.init(key, Cipher.MODE_ENCRYPT);
short resultLen2 = cipher.doFinal(buf, ISO7816.OFFSET_CDATA, dataLen2, buf, (short) 0);
apdu.setOutgoingAndSend((short) 0, resultLen2);
JCSystem.requestObjectDeletion();
break;
default:
ISOException.throwIt(ISO7816.SW_INS_NOT_SUPPORTED);
}
5. APDU command:
>> /select 112233445500
>> 00 A4 04 00 06 11 22 33 44 55 00 00
<< 90 00
>> /send 00000000107CBA97ABD6CB6E0B29A7457A7332DFC4
>> 00 00 00 00 10 7C BA 97 AB D6 CB 6E 0B 29 A7 45 7A 73 32 DF C4
<< 90 00
>> /send 00020000085516134A77B0F6B3
>> 00 02 00 00 08 55 16 13 4A 77 B0 F6 B3
<< 47 CA 7F 62 74 A9 FC B1 90 00
sense and simplicity
-
- Posts: 44
- Joined: Thu Apr 06, 2017 8:01 am
- Points :460
- Contact:
Re: ARPC generation
Thanks a lot You just saved my vacations.
You are the best.
Let me implement that
You are the best.
Let me implement that
-
- Posts: 44
- Joined: Thu Apr 06, 2017 8:01 am
- Points :460
- Contact:
Re: ARPC generation
Code: Select all
public void generateSecondAC(APDU apdu, byte[] apduBuffer) {
short dataLen = apduBuffer[OFFSET_LC];
Util.arrayCopy(apduBuffer, (short) 5, onlineARPC, (short) 0, (short) 8);
Util.arrayCopy(apduBuffer, (short) 0x0D, responseCode, (short) 0, (short) 2);
byte[] Y = new byte[8];
// XOR between ARQC and Response Code as per mentioned in ARPC method 1 EMV book 2 (8.2.1)
Y = xor(chipMAC, responseCode);
Cipher cipher = Cipher.getInstance(Cipher.ALG_DES_ECB_NOPAD, false);
cipher.init(theCrypto.sk, Cipher.MODE_ENCRYPT);
short resultLen = cipher.doFinal(Y, (short) 0, (short) (8), apduBuffer, (short) (dataLen + 10));
apdu.setOutgoingAndSend((short) (dataLen + 10), (short) (resultLen));
JCSystem.requestObjectDeletion();
}
private static byte[] padding(byte[] data) {
// int dataLen = data.length;
// int paddingSize = (8 - (dataLen + 1) % 8);
// return fillRight(data, (byte) 0x00, paddingSize);
byte[] t = new byte[ (short) (data.length - data.length % 8 + 8)];
Util.arrayCopy(data, (short) 0, t, (short) 0, (short) data.length);
for (short i = (short) data.length; i < t.length; i++)
t[i] = (byte) (i == data.length ? 0x00 : 0x00);
data = t;
return data;
}
can you check what i am missing?
- UNKNwYSHSA
- Posts: 630
- Joined: Thu May 21, 2015 4:05 am
- Points :3053
- Contact:
Re: ARPC generation
deepanshsinghal wrote:Code: Select all
public void generateSecondAC(APDU apdu, byte[] apduBuffer) {
short dataLen = apduBuffer[OFFSET_LC];
Util.arrayCopy(apduBuffer, (short) 5, onlineARPC, (short) 0, (short) 8);
Util.arrayCopy(apduBuffer, (short) 0x0D, responseCode, (short) 0, (short) 2);
byte[] Y = new byte[8];
// XOR between ARQC and Response Code as per mentioned in ARPC method 1 EMV book 2 (8.2.1)
Y = xor(chipMAC, responseCode);
Cipher cipher = Cipher.getInstance(Cipher.ALG_DES_ECB_NOPAD, false);
cipher.init(theCrypto.sk, Cipher.MODE_ENCRYPT);
short resultLen = cipher.doFinal(Y, (short) 0, (short) (8), apduBuffer, (short) (dataLen + 10));
apdu.setOutgoingAndSend((short) (dataLen + 10), (short) (resultLen));
JCSystem.requestObjectDeletion();
}
private static byte[] padding(byte[] data) {
// int dataLen = data.length;
// int paddingSize = (8 - (dataLen + 1) % 8);
// return fillRight(data, (byte) 0x00, paddingSize);
byte[] t = new byte[ (short) (data.length - data.length % 8 + 8)];
Util.arrayCopy(data, (short) 0, t, (short) 0, (short) data.length);
for (short i = (short) data.length; i < t.length; i++)
t[i] = (byte) (i == data.length ? 0x00 : 0x00);
data = t;
return data;
}
can you check what i am missing?
Let me have a look.
sense and simplicity
- UNKNwYSHSA
- Posts: 630
- Joined: Thu May 21, 2015 4:05 am
- Points :3053
- Contact:
Re: ARPC generation
deepanshsinghal wrote:Code: Select all
public void generateSecondAC(APDU apdu, byte[] apduBuffer) {
short dataLen = apduBuffer[OFFSET_LC];
Util.arrayCopy(apduBuffer, (short) 5, onlineARPC, (short) 0, (short) 8);
Util.arrayCopy(apduBuffer, (short) 0x0D, responseCode, (short) 0, (short) 2);
byte[] Y = new byte[8];
// XOR between ARQC and Response Code as per mentioned in ARPC method 1 EMV book 2 (8.2.1)
Y = xor(chipMAC, responseCode);
Cipher cipher = Cipher.getInstance(Cipher.ALG_DES_ECB_NOPAD, false);
cipher.init(theCrypto.sk, Cipher.MODE_ENCRYPT);
short resultLen = cipher.doFinal(Y, (short) 0, (short) (8), apduBuffer, (short) (dataLen + 10));
apdu.setOutgoingAndSend((short) (dataLen + 10), (short) (resultLen));
JCSystem.requestObjectDeletion();
}
private static byte[] padding(byte[] data) {
// int dataLen = data.length;
// int paddingSize = (8 - (dataLen + 1) % 8);
// return fillRight(data, (byte) 0x00, paddingSize);
byte[] t = new byte[ (short) (data.length - data.length % 8 + 8)];
Util.arrayCopy(data, (short) 0, t, (short) 0, (short) data.length);
for (short i = (short) data.length; i < t.length; i++)
t[i] = (byte) (i == data.length ? 0x00 : 0x00);
data = t;
return data;
}
can you check what i am missing?
Can you give me the APDU you sent?
sense and simplicity
-
- Posts: 44
- Joined: Thu Apr 06, 2017 8:01 am
- Points :460
- Contact:
Re: ARPC generation
UNKNwYSHSA wrote:Can you give me the APDU you sent?
Code: Select all
>> /select A0000000494F434C435051
>> 00 A4 04 00 0B A0 00 00 00 49 4F 43 4C 43 50 51 00
<< 90 00
>> /send 80AE40002B00000000031400000000000003560420008000035616080200549E74AD22000000000000000000003F0002
>> 80 AE 40 00 2B 00 00 00 00 03 14 00 00 00 00 00 00 03 56 04 20 00 80 00 03 56 16 08 02 00 54 9E 74 AD 22 00 00 00 00 00 00 00 00 00 00 3F 00 02 00
<< 2B BA 1E CD 05 17 85 5A 90 00
>> /send 80AE20000A980B4B43FF9B9F510000
>> 80 AE 20 00 0A 98 0B 4B 43 FF 9B 9F 51 00 00
<< 2D AD 26 F6 0A 7D A8 66 90 00
Here
master key: 01010101010101010101010101010101020
>> /send 80AE20000A980B4B43FF9B9F510000
in this "980B4B43FF9B9F51" is ARPC from BP-Tool
0000 is custom response code
- UNKNwYSHSA
- Posts: 630
- Joined: Thu May 21, 2015 4:05 am
- Points :3053
- Contact:
Re: ARPC generation
1 Following your code:
What is the chipMAC?
2 The response code is 2 bytes, it is hex value from "00" to "Z3", it can not be 0000. Hex value of "00" is 3030.
Code: Select all
Y = xor(chipMAC, responseCode);
What is the chipMAC?
2 The response code is 2 bytes, it is hex value from "00" to "Z3", it can not be 0000. Hex value of "00" is 3030.
sense and simplicity
-
- Posts: 44
- Joined: Thu Apr 06, 2017 8:01 am
- Points :460
- Contact:
Re: ARPC generation
UNKNwYSHSA wrote:1 Following your code:Code: Select all
Y = xor(chipMAC, responseCode);
What is the chipMAC?
2 The response code is 2 bytes, it is hex value from "00" to "Z3", it can not be 0000. Hex value of "00" is 3030.
Chipmac is ARQC that is generating earlier
- UNKNwYSHSA
- Posts: 630
- Joined: Thu May 21, 2015 4:05 am
- Points :3053
- Contact:
Re: ARPC generation
deepanshsinghal wrote:UNKNwYSHSA wrote:1 Following your code:Code: Select all
Y = xor(chipMAC, responseCode);
What is the chipMAC?
2 The response code is 2 bytes, it is hex value from "00" to "Z3", it can not be 0000. Hex value of "00" is 3030.
Chipmac is ARQC that is generating earlier
OK, Replace Response Code to 3030 and calculate again. What about the result?
sense and simplicity
Who is online
Users browsing this forum: No registered users and 19 guests