Hi!
I've opened successfully a secure channel (ENC+MAC).
The first command through this channel is a GET STATUS (encrypted with MAC).
The answer to this command comes without MAC and unencrypted.
I've expected an encrypted message with a MAC.
Am I wrong?
Thanks in advance, globalplayer.
It depends what security level in a secure channel implementation you are using. The security level is indicated in the EXT-AUTH command (P1). So for P1=0x03 it means C_DECRYPTION with AUTHENTICATED and C_MAC.
What you expect is R_MAC and BEGIN/END R-MAC SESSION so the card encrypts the data as well. If your card does not support R-MAC you could implement it in your own security domain.
Hi!
> It depends what security level in a secure channel implementation you are using. The > security level is indicated in the EXT-AUTH command (P1). So for P1=0x03 it means > C_DECRYPTION with AUTHENTICATED and C_MAC.
That's what I did.
I've opened ad secure channel SCP 01 mode 05 to the cardmanager. The smartcard is a Cosmo 64.
Do I have to use SCP 02 to get an encrypted answer.
I assume that's my mistake.
Thanks.
