从欧洲DTCO公司卡读取数据 [英] Reading data from European DTCO company card

问题描述

我需要能够从欧洲数字行车记录仪公司卡（智能卡）读取卡和公司标识数据。这些在文档委员会监管（EC）No 1360/2002 ，但我遇到了问题。我需要能够读取的数据包含在文件 EF标识中，必须使用安全信息阅读，因此我需要发出管理安全环境 APDU命令

I need to be able to read card and company identification data from European digital tachograph company cards (smart cards). These are described within the document COMMISSION REGULATION (EC) No 1360/2002 but I have run into a problem. The data I need to be able to read is contained within the file EF Identification, which must be read with secure messaging and I therefore need to issue a Manage Secure Environment APDU command that requires a key identifier that identifies a key residing on the card.

我不知道在哪里找到这些密钥标识符或创建它们的数据（描述在该文件的附录）。我正在等待我们在欧洲的合作伙伴的反馈，但我想我会在这里问一个机会，希望有人会这样做，并能提供一些建议。

I don't know where to find these key identifiers or the data that makes them up (described in an appendix of the document). I am waiting for feedback from our partners in Europe but thought I would take a chance an ask here in the hope that someone will have done this and be able to offer some advice.

密钥标识符由设备序列号，日期，制造商代码和制造商特定类型组成。这意味着一个问题，因为我需要能够访问任何公司卡的数据，不管制造商，发行商或持有人。不知道如何获得数据来组成密钥。

The key identifier is made up of an equipment serial number, a date, a manufacturer code and a manufacturer specific type. This suggests a problem as I need to be able to access the data from any company card, regardless of manufacturer, issuer or holder. Not sure how I can get the data to compose the key.

我意识到这是相当专业的信息，但已经停滞了一个多星期，所以我非常绝望地找到一个解决方案，所以我可以继续。

I realise that this is pretty specialised information but have been stalled for over a week so am pretty desperate to find a solution so I can continue.

推荐答案

我相信你首先必须从国家CA获得证书。然后，您可以执行以下算法（从附录11第4节简化）：

I believe that you first have to obtain a certificate from a country CA. You can then perform the following algorithm (simplified from Appendix 11, section 4):

1. 选择并读取卡证书（EF_CERTIFICATE） li>
   
2. 发出管理安全环境命令以选择根CA公钥


3. 使用国家/地区CA证书颁发验证证书


4. 发出管理安全环境命令以选择国家/地区CA公钥


5. 使用您的证书颁发验证证书


6. 发出管理安全环境命令选择您的公钥


7. 发出内部验证命令。验证回复。


8. 发出获取挑战命令


9. 发出外部验证命令


10. 计算会话密钥


11. 选择文件EF_IDENTIFICATION


12. 使用安全消息传递执行读取二进制命令（您需要会话密钥来计算校验和并解密结果） / li>
    

1. Select and read the card certificate (EF_CERTIFICATE)
2. Issue a Manage Security Environment command to select the Root CA public key
3. Issue a Verify Certificate with the country CA certificate
4. Issue a Manage Security Environment command to select the country CA public key
5. Issue a Verify Certificate with your certificate
6. Issue a Manage Security Environment command to select your public key
7. Issue an Internal authenticate command. Verify response.
8. Issue a Get Challenge command
9. Issue an External authenticate command
10. Calculate the session key
11. Select File EF_IDENTIFICATION
12. Perform a Read Binary command using secure messaging (you need the session key to calculate the checksum and decrypt the result).

这篇关于从欧洲DTCO公司卡读取数据的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！