Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Java Mobility Forums >> Consumer and Commerce

External Authenticate outside Java

Hello,

I'll have to implement the ext-auth in a C++ program in industrial environment.

My problem is now, that I cannot repoduce the ciphered results.

E.G.

Init-Update (JCOP Tools) produces: (Host challenge)

=> 80500000 08 5409F03DB343DDF8 00

Result is:

<= 00006251007139910372 FF02 0003 AD669A479C52 6410304679AC3323 9000

To reproduce this result (especially card cryptogram), I would now scramble the derivation data:

9A479C52 5409F03D 0003AD66 B343DDF8

Then I would cipher it using 3DES in ECB mode and the Default key 40...4F for getting the session encryption key:

My result is then:

612DC7A5FD09B466C6831BF11C5E07A4

Then I would perform a 3DES CBC using this key with the data

5409F03DB343DDF8 0003AD669A479C52 8000000000000000

So the last eight byte of the result should be the card cryptogram 6410304679AC3323

but my result is

0C4CA4CBFB580500568F33A9B16D9B04C0B8FCF5CAA0E08B

with C0B8FCF5CAA0E08B as card cryptogram (last 8 bytes)

So what I'm doing wrong ?

Thank you for your help :-)

[1135 byte] By [AD@NCa] at [2007-11-26 18:24:28]
«« DES security in javacard test
»» Migration issue from JDK 1.4.2 to JDK1.5
# 1

> Hello,

>

> I'll have to implement the ext-auth in a C++ program

> in industrial environment.

> My problem is now, that I cannot repoduce the

> ciphered results.

>

> E.G.

>

> Init-Update (JCOP Tools) produces: (Host challenge)

>

> => 80500000 08 5409F03DB343DDF8 00

>

> Result is:

>

> <= 00006251007139910372 FF02 0003 AD669A479C52

> 6410304679AC3323 9000

>

> To reproduce this result (especially card

> cryptogram), I would now scramble the derivation

> data:

>

> 9A479C52 5409F03D 0003AD66 B343DDF8

>

According to GP2.1.1, Table D-5 (SCP01) or Table E-7 (SCP02), the response to a INITIALIZE UPDATE command includes information about the used Secure Channel Protocol. Now looking at the described reponse0006251007139910372 FF02 0003 AD669A479C52

6410304679AC3323 9000

I see in the 'Key Information' = 'FF02' that the card uses SCP02.

So you have validate the card cryptogram according to SCP02, this includes the key derivation data and the creation of the session keys (Figure E-2).

You are using SCP01.

lexdabeara at 2007-7-9 5:58:32 > top of Java-index,Java Mobility Forums,Consumer and Commerce...
# 2

Thank you very much !

Changing the derivation data and encryption method according to SCP02 solved my problem.

If someone has similar problems, I also found an interesting thread "Generate Session Key"

http://forum.java.sun.com/thread.jspa?threadID=395983&start=0&tstart=0

Thanks again !

AD@NCa at 2007-7-9 5:58:32 > top of Java-index,Java Mobility Forums,Consumer and Commerce...
Java Mobility Forums
Consumer and Commerce

Java Mobility Forums New Topic

Java Mobility Forums Hot Topic

Java Mobility Forums

All Classified