如何检查INITIALIZE UPDATE和EXTERNAL AUTHENTICATE的正确性? [英] How can I check INITIALIZE UPDATE and EXTERNAL AUTHENTICATE correctness?

查看：173 发布时间：2020/6/16 19:03:20 cryptography smartcard javacard apdu globalplatform

本文介绍了如何检查INITIALIZE UPDATE和EXTERNAL AUTHENTICATE的正确性?的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我通过opensc-tool向我的Java卡发送了80 50 00 00 08 00 00 00 00 00 00 00 00 [ INITILIZE UPDATE 命令]，并从卡中收到了00 00 11 60 01 00 8A 79 0A F9 FF 02 00 11 79 11 36 5D 71 00 A5 A5 EC 63 BB DC 05 CC [ Init Response ]作为其响应.

I sent 80 50 00 00 08 00 00 00 00 00 00 00 00 [INITILIZE UPDATE Command] via opensc-tool to my java card and received 00 00 11 60 01 00 8A 79 0A F9 FF 02 00 11 79 11 36 5D 71 00 A5 A5 EC 63 BB DC 05 CC [Init Response] as its response from the card.

如您所见:

在命令中，我作为 Host Challenge 发送00 00 00 00 00 00 00 00，并在响应中:

In the command,I send 00 00 00 00 00 00 00 00 as Host Challenge, And in the response :

00 00 11 60 01 00 8A 79 0A F9 = 主要多元化数据

FF 02 = 关键信息

00 11 79 11 36 5D 71 00 = 纸牌挑战

A5 A5 EC 63 BB DC 05 CC = 卡密码

现在，我想检查一下自己，卡密码是否正确.我该怎么办?例如，我使用3DES加密算法[使用以下密钥对此网站中的00 00 00 00 00 00 00 00进行加密.我的卡= 4041...4F]，但输出与我上面编写的卡密码不同.为什么?

Now I want to check myself,if the card cryptogram is OK or not. How I can do it? for example I encrypt 00 00 00 00 00 00 00 00 in this site under a 3DES cryptography algorithm [with keys of my card = 4041...4F], but the output is not equal with card cryptogram that I wrote above. Why?

接下来的问题是，如果我想向卡发送 EXTERNAL AUTHENTICATION 命令，其数据字段是什么(在上面的INITILIZE UPDATE之后)?

And the next question is, if I want to send EXTERNAL AUTHENTICATION command to the card, what is its data field (after the above INITILIZE UPDATE)?

更新:

这是GPJ输出:

C:\Users\ghasemi\Desktop\gpj-20120310>GPJ
C:\Users\ghasemi\Desktop\gpj-20120310>java -jar gpj.jar
Found terminals: [PC/SC terminal ACS CCID USB Reader 0]
Found card in terminal: ACS CCID USB Reader 0
ATR: 3B 68 00 00 00 73 C8 40 12 00 90 00
.
.
.
DEBUG: Command  APDU: 00 A4 04 00 08 A0 00 00 00 03 00 00 00
DEBUG: Response APDU: 6F 10 84 08 A0 00 00 00 03 00 00 00 A5 04 9F 65 01 FF 90 00
Successfully selected Security Domain OP201a A0 00 00 00 03 00 00 00

DEBUG: Command  APDU: 80 50 00 00 08 7F 41 A9 E7 19 37 83 FA
DEBUG: Response APDU: 00 00 11 60 01 00 8A 79 0A F9 FF 02 00 1B 9B 95 B9 5E 5E BC BA 51 34 84 D9 C1 B9 6E 90 00
DEBUG: Command  APDU: 84 82 00 00 10 13 3B 4E C5 2C 9E D8 24 50 71 83 3A 78 AE 75 23
DEBUG: Response APDU: 90 00
DEBUG: Command  APDU: 84 82 00 00 08 13 3B 4E C5 2C 9E D8 24
DEBUG: Response APDU: 90 00

C:\Users\ghasemi\Desktop\gpj-20120310>

所以:

Host_Challenge :: 7F41A9E7193783FA

Diversification_Data :: 0000116001008A790AF9

Key_Information :: FF02

Sequence_Counter :: 001B

Card_Challenge :: 9B95B95E5EBC

Card_Cryptogram :: BA513484D9C1B96E

Host_Cryptogram[16,24] = 13 3B 4E C5 2C 9E D8 24

现在，让我们手动创建我们的Host_Cryptogram:

Derivation_data=derivation_const_ENC|sequence_counter|0000 0000 0000 0000 0000 0000

Derivation_Data = 0182001B000000000000000000000000

k_ENC :: 404142434445464748494A4B4C4D4E4F

IV = 00 00 00 00 00 00 00 00

S_ENC = encrypt(TDES_CBC, K_ENC, IV, derivation_data)

所以:

我使用了 http://tripledes.online-domain-tools.com/其以上值的输出为:

I used http://tripledes.online-domain-tools.com/ and its output for above values was :

S_ENC = 448b0a5967ca246d058703ff0c694f15

并且:

Padding_DES = 80 00 00 00 00 00 00 00
Host_auth_data = sequence_counter | card_challenge | host_challenge | padding_DES
IV = Card_Cryptogram :: BA513484D9C1B96E
host_cryptogram = encrypt(TDES_CBC, S_ENC, IV, host_auth_data)

所以:

Host_Authentication_Data : 001B9B95B95E5EBC7F41A9E7193783FA8000000000000000

我再次使用 http://tripledes.online-domain-tools.com/

和:

Host_Cryptogram : 3587b531db71ac52392493c08cff189ce7b9061029c63b62

所以:

Host_Cryptogram[16,24] = e7b9061029c63b62

为什么这两种方式(手动和GPJ输出)会给我们两个主机密码?

推荐答案

通过发送的INITIALIZE UPDATE命令，您将获得

From the INITIALIZE UPDATE command you send, you get

host_challenge = 00 00 00 00 00 00 00 00

响应INITIALIZE UPDATE命令，您将获得

In response to the INITIALIZE UPDATE command, you get

diversification_data = 00 00 11 60 01 00 8A 79 0A F9
key_information = FF 02
sequence_counter = 00 11
card_challenge = 79 11 36 5D 71 00
card_cryptogram = A5 A5 EC 63 BB DC 05 CC

密钥信息指示SCP02(02).密钥多样化数据可以用于导出卡特定的K_ENC.假设我们有一个这样的K_ENC

The key information indicates SCP02 (02). The key diversification data may be used to derive the card-specific K_ENC. Lets assume we have a K_ENC like this

K_ENC = 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

然后我们可以像这样导出会话加密密钥

We can then derive the session encryption key like this

derivation_const_ENC = 01 82
derivation_data = derivation_const_ENC | sequence_counter |  00 00 00 00 00 00 00 00 00 00 00 00

IV = 00 00 00 00 00 00 00 00
S_ENC = encrypt(TDES_CBC, K_ENC, IV, derivation_data)

接下来，我们可以组装用于计算主机密码的身份验证数据:

Next, we can assemble the authentication data used to calculate the host cryptogram:

padding_DES = 80 00 00 00 00 00 00 00
host_auth_data = sequence_counter | card_challenge | host_challenge | padding_DES

然后我们可以使用会话加密密钥来加密身份验证数据:

Then we can use the session encryption key to encrypt the authentication data:

IV = 00 00 00 00 00 00 00 00
host_cryptogram = encrypt(TDES_CBC, S_ENC, IV, host_auth_data)

加密的身份验证数据的最后8个字节是我们将发送到卡的实际主机密码:

The last 8 bytes of the encrypted authentication data are the actual host cryptogram that we would send to the card:

EXTERNAL_AUTHENTICATE_data = host_cryptogram[16, 24]

现在我们可以汇编EXTERNAL AUTHENTICATE命令:

Now we can assemble the EXTERNAL AUTHENTICATE command:

EXTERNAL_AUTHENTICATE = 84 82 03 00 08 | EXTERNAL_AUTHENTICATE_data

然后我们可以计算该命令的S_MAC密钥(类似于上面的S_ENC)和MAC，并将其附加到命令数据中，以获得可以发送到卡的完整EXTERNAL AUTHENTICATE命令:

We can then calculate the S_MAC key (analoguous to getting the S_ENC above) and the MAC over that command and append it to the command data to get the full EXTERNAL AUTHENTICATE command that can be sent to the card:

EXTERNAL_AUTHENTICATE = 84 82 03 00 10 | EXTERNAL_AUTHENTICATE_data | MAC

更新

使用 http://tripledes.online-domain-tools.com/重现GPJ的结果

Update

Using http://tripledes.online-domain-tools.com/ to reproduce the results of GPJ

您的K_ENC是404142434445464748494A4B4C4D4E4F.联机工具不正确支持2键3DES，因此您必须先将其转换为3键形式:

Your K_ENC is 404142434445464748494A4B4C4D4E4F. The online tools does not properly support 2-key-3DES, so you have to convert the key into its 3-key form first:

K_ENC = 404142434445464748494A4B4C4D4E4F4041424344454647

使用此密钥和零IV加密派生数据(0182001B000000000000000000000000).你得到

Use this key and a zero IV to encrypt the derivation data (0182001B000000000000000000000000). You get

S_ENC = fb063cc2e17b979b10e22f82110234b4

在3键表示法中，这是

S_ENC = fb063cc2e17b979b10e22f82110234b4fb063cc2e17b979b

使用此密钥和零IV来加密主机身份验证数据(001b9b95b95e5ebc7f41a9e7193783fa8000000000000000):

Use this key and a zero IV to encrypt the host authentication data (001b9b95b95e5ebc7f41a9e7193783fa8000000000000000):

HOST_CRYPTOGRAM = 773e790c91acce3167d99f92c60e2afd133b4ec52c9ed824

这篇关于如何检查INITIALIZE UPDATE和EXTERNAL AUTHENTICATE的正确性?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！

查看全文

如何检查INITIALIZE UPDATE和EXTERNAL AUTHENTICATE的正确性? [英] How can I check INITIALIZE UPDATE and EXTERNAL AUTHENTICATE correctness?

问题描述

推荐答案

更新

Update

相关文章

其他开发最新文章

热门教程

热门工具

登录关闭

如何检查INITIALIZE UPDATE和EXTERNAL AUTHENTICATE的正确性? [英] How can I check INITIALIZE UPDATE and EXTERNAL AUTHENTICATE correctness?

问题描述

推荐答案

更新

Update

相关文章

其他开发最新文章

热门教程

热门工具

登录 关闭

登录关闭