验证卡认证密码
Verify Card Authentication Cryptogram
我在执行 Verify Card Authentication Cryptogram
时遇到问题,signature
的结果 不等于 the cryptogram sent by the card
。
select_ret: 6F108408A000000003000000A5049F6501FF9000
AID: A000000003000000
host_challenge: 1122334455667788
init_update_ret: 00000000000000000000 FF02 005CD352A259A8F2 D5DF4D69873546C3 9000
card_challenge card_cryptogram?
key_diversification_data: 00000000000000000000
key_information_data: FF02
card_challenge: 005CD352A259A8F2
card_cryptogram: D5DF4D69873546C3
enc_session: 339F1D7F5D5841EB034F5CE234557894
cmac_session: C6713F31B8DC1F8905DFECB4065CB81E
dek_session: 06E72D52EEFBD1D8DB5C230C3F2B56E9
cryptogram_data: 1122334455667788 005CD352A259A8F2 8000000000000000
host_challenge card_challenge
cryptogram_session: A9A159B6CB28156194027554A8603DDF 59A7313E1B3293B2
signature?
验证卡认证密文:
连接 8-byte host challenge
和 8-byte card challenge
导致 a 16-byte block
。使用 enc_session
签署
数据 1122334455667788 + 005CD352A259A8F2 + 8000000000000000
和 DES_MAC4_ISO9797_M1, ICV=0
我试过如下,但我得到签名(59A7313E1B3293B2
)不等于card_cryptogram(D5DF4D69873546C3
)?
我卡在了 MACEncrypt (DES_MAC4_ISO9797_M1),你觉得这个函数正确吗?谢谢。
byte[] cryptogram_iv = ToHexBytes("0000000000000000");
byte[] cryptogram_key = ToHexBytes("339F1D7F5D5841EB034F5CE234557894");
byte[] host_challenge = ToHexBytes("1122334455667788");
byte[] card_challenge = ToHexBytes("005CD352A259A8F2");
byte[] cryptogram_data = Append(host_challenge, card_challenge, ToHexBytes("8000000000000000"));
byte[] cryptogram_session = MACEncrypt(cryptogram_iv, cryptogram_key, cryptogram_data);
// cryptogram_session = A9A159B6CB28156194027554A8603DDF 59A7313E1B3293B2
//
// DES_MAC4_ISO9797_M1
private byte[] MACEncrypt(byte[] iv, byte[] key, byte[] data)
{
try
{
MACTripleDES mac = new MACTripleDES(key);
TripleDES tdes = new TripleDESCryptoServiceProvider();
tdes.Mode = CipherMode.CBC;
tdes.Padding = PaddingMode.None;
MemoryStream streamOut = new MemoryStream();
CryptoStream streamCrypto = new CryptoStream(streamOut, tdes.CreateEncryptor(key, iv), CryptoStreamMode.Write);
streamCrypto.Write(data, 0, data.Length);
streamCrypto.FlushFinalBlock();
return streamOut.ToArray();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
return new byte[0];
}
DES_MAC4_ISO9797_M1
工作正常,我的错误是在 enc_session, cmac_session, and dek_session
的 init_update
和 plain
之间使用了不同的 sequence counter
。在我匹配所有 sequence counter
后,一切正常。
我在执行 Verify Card Authentication Cryptogram
时遇到问题,signature
的结果 不等于 the cryptogram sent by the card
。
select_ret: 6F108408A000000003000000A5049F6501FF9000
AID: A000000003000000
host_challenge: 1122334455667788
init_update_ret: 00000000000000000000 FF02 005CD352A259A8F2 D5DF4D69873546C3 9000
card_challenge card_cryptogram?
key_diversification_data: 00000000000000000000
key_information_data: FF02
card_challenge: 005CD352A259A8F2
card_cryptogram: D5DF4D69873546C3
enc_session: 339F1D7F5D5841EB034F5CE234557894
cmac_session: C6713F31B8DC1F8905DFECB4065CB81E
dek_session: 06E72D52EEFBD1D8DB5C230C3F2B56E9
cryptogram_data: 1122334455667788 005CD352A259A8F2 8000000000000000
host_challenge card_challenge
cryptogram_session: A9A159B6CB28156194027554A8603DDF 59A7313E1B3293B2
signature?
验证卡认证密文:
连接 8-byte host challenge
和 8-byte card challenge
导致 a 16-byte block
。使用 enc_session
签署
数据 1122334455667788 + 005CD352A259A8F2 + 8000000000000000
和 DES_MAC4_ISO9797_M1, ICV=0
我试过如下,但我得到签名(59A7313E1B3293B2
)不等于card_cryptogram(D5DF4D69873546C3
)?
我卡在了 MACEncrypt (DES_MAC4_ISO9797_M1),你觉得这个函数正确吗?谢谢。
byte[] cryptogram_iv = ToHexBytes("0000000000000000");
byte[] cryptogram_key = ToHexBytes("339F1D7F5D5841EB034F5CE234557894");
byte[] host_challenge = ToHexBytes("1122334455667788");
byte[] card_challenge = ToHexBytes("005CD352A259A8F2");
byte[] cryptogram_data = Append(host_challenge, card_challenge, ToHexBytes("8000000000000000"));
byte[] cryptogram_session = MACEncrypt(cryptogram_iv, cryptogram_key, cryptogram_data);
// cryptogram_session = A9A159B6CB28156194027554A8603DDF 59A7313E1B3293B2
//
// DES_MAC4_ISO9797_M1
private byte[] MACEncrypt(byte[] iv, byte[] key, byte[] data)
{
try
{
MACTripleDES mac = new MACTripleDES(key);
TripleDES tdes = new TripleDESCryptoServiceProvider();
tdes.Mode = CipherMode.CBC;
tdes.Padding = PaddingMode.None;
MemoryStream streamOut = new MemoryStream();
CryptoStream streamCrypto = new CryptoStream(streamOut, tdes.CreateEncryptor(key, iv), CryptoStreamMode.Write);
streamCrypto.Write(data, 0, data.Length);
streamCrypto.FlushFinalBlock();
return streamOut.ToArray();
}
catch (Exception ex)
{
MessageBox.Show(ex.Message);
}
return new byte[0];
}
DES_MAC4_ISO9797_M1
工作正常,我的错误是在 enc_session, cmac_session, and dek_session
的 init_update
和 plain
之间使用了不同的 sequence counter
。在我匹配所有 sequence counter
后,一切正常。