Beispiel #1
0
        public Scp03Session(Session session, ushort key_id, Session auth_session, ushort auth_key_id)
        {
            var host_chal = auth_session.SendCmd(new GetChallengeReq {
                key_id = auth_key_id
            });

            if (host_chal[0] != 38)
            {
                throw new IOException($"Unknown host challenge algorithm: {host_chal[0]}");
            }
            var create_req = new CreateSessionReq
            {
                key_id    = key_id,
                host_chal = host_chal.Slice(1).ToArray()
            };
            var create_resp = session.SendCmd(create_req);

            session_id = create_resp[0];
            var card_chal   = create_resp.Slice(1, 8);
            var card_crypto = create_resp.Slice(1 + 8, 8);

            var client_auth = new ClientAuthReq
            {
                key_id      = auth_key_id,
                host_chal   = host_chal.Slice(1).ToArray(),
                card_chal   = card_chal.ToArray(),
                card_crypto = card_crypto.ToArray()
            };
            var auth_resp = auth_session.SendCmd(client_auth).ToArray();

            key_enc = new KeyParameter(auth_resp, 0, 16);
            var key_mac     = new KeyParameter(auth_resp, 16, 16);
            var key_rmac    = new KeyParameter(auth_resp, 32, 16);
            var host_crypto = auth_resp.AsMemory(48, 8);

            this.session = new Scp03CMacSession(cmac, session, key_mac, key_rmac, new byte[16]);

            var auth_req = new AuthenticateSessionReq
            {
                session_id  = session_id,
                host_crypto = host_crypto
            };

            this.session.SendCmd(auth_req);
        }
Beispiel #2
0
        public Scp11Session(Scp11Context context, Session session, ushort key_id)
        {
            var pair = context.generator.GenerateKeyPair();

            var epk_oce = (ECPublicKeyParameters)pair.Public;

            var esk_oce = AgreementUtilities.GetBasicAgreement("ECDH");

            esk_oce.Init(pair.Private);

            var req = new CreateSessionReq
            {
                key_id    = key_id,
                host_chal = epk_oce.Q.GetEncoded()
            };
            var resp = session.SendCmd(req);

            session_id = resp[0];
            var epk_sd  = context.DecodePoint(resp.Slice(1, 65));
            var receipt = resp.Slice(1 + 65, 16);

            var shsee   = esk_oce.CalculateAgreement(epk_sd).ToByteArrayFixed();
            var shs_oce = context.CalculateShs(shsee, 4 * 16).ToArray();

            var receipt_key = new KeyParameter(shs_oce, 0, 16);

            key_enc = new KeyParameter(shs_oce, 16, 16);
            var key_mac  = new KeyParameter(shs_oce, 32, 16);
            var key_rmac = new KeyParameter(shs_oce, 48, 16);

            cmac.Init(receipt_key);
            cmac.BlockUpdate(epk_sd.Q.GetEncoded());
            cmac.BlockUpdate(epk_oce.Q.GetEncoded());
            var receipt_oce = new byte[16];

            cmac.DoFinal(receipt_oce, 0);

            if (!receipt.SequenceEqual(receipt_oce))
            {
                throw new IOException("The card receipt was invalid");
            }

            this.session = new Scp03CMacSession(cmac, session, key_mac, key_rmac, receipt_oce);
        }
Beispiel #3
0
        public Scp03Session(Session session, ushort key_id, KeyParameter enc_key, KeyParameter mac_key, ReadOnlyMemory <byte> host_chal)
        {
            var create_req = new CreateSessionReq
            {
                key_id    = key_id,
                host_chal = host_chal
            };
            var create_resp = session.SendCmd(create_req);

            session_id = create_resp[0];
            var card_chal   = create_resp.Slice(1, 8);
            var card_crypto = create_resp.Slice(1 + 8, 8);

            var context = new byte[host_chal.Length + card_chal.Length];

            host_chal.CopyTo(context);
            card_chal.CopyTo(context.AsSpan(host_chal.Length));

            key_enc = ComputeCryptogram(enc_key, 4, context, 0x80);
            var key_mac          = ComputeCryptogram(mac_key, 6, context, 0x80);
            var key_rmac         = ComputeCryptogram(mac_key, 7, context, 0x80);
            var card_crypto_host = ComputeCryptogram(key_mac, 0, context, 0x40).GetKey();
            var host_crypto      = ComputeCryptogram(key_mac, 1, context, 0x40).GetKey();

            if (!card_crypto.SequenceEqual(card_crypto_host))
            {
                throw new IOException("The card cryptogram was invalid");
            }

            this.session = new Scp03CMacSession(cmac, session, key_mac, key_rmac, new byte[16]);

            var auth_req = new AuthenticateSessionReq
            {
                session_id  = session_id,
                host_crypto = host_crypto
            };

            this.session.SendCmd(auth_req);
        }
Beispiel #4
0
        public Scp11Session(Session session, ushort key_id, Session auth_session, ushort auth_key_id)
        {
            var epk_oce = auth_session.SendCmd(new GetChallengeReq {
                key_id = auth_key_id
            }).ToArray();

            if (epk_oce[0] != 49)
            {
                throw new IOException($"Unknown ephemeral key algorithm: {epk_oce[0]}");
            }
            epk_oce[0] = 0x04;

            var req = new CreateSessionReq
            {
                key_id    = key_id,
                host_chal = epk_oce
            };
            var resp = session.SendCmd(req);

            session_id = resp[0];
            var epk_sd  = resp.Slice(1, 65).ToArray();
            var receipt = resp.Slice(1 + 65, 16).ToArray();

            var client_auth = new ClientAuthReq
            {
                key_id      = auth_key_id,
                host_chal   = epk_oce,
                card_chal   = epk_sd,
                card_crypto = receipt
            };
            var auth_resp = auth_session.SendCmd(client_auth).ToArray();

            key_enc = new KeyParameter(auth_resp, 0, 16);
            var key_mac  = new KeyParameter(auth_resp, 16, 16);
            var key_rmac = new KeyParameter(auth_resp, 32, 16);

            this.session = new Scp03CMacSession(cmac, session, key_mac, key_rmac, receipt);
        }