void ComputeIssuerContext()
{
var caModulusLength = new BigInteger(caPrivateKey.Modulus, 16).BitLength / 8;
var issuerPublicKey = certificateData.IssuerPrivateKey.GetPublicKey();
var issuerModulusLength = new BigInteger(issuerPublicKey.Modulus, 16).BitLength / 8;
var issuerPublicKeyCertificate = new IssuerPublicKeyCertificate
{
HashAlgorithmIndicator = certificateData.HashAlgorithmIndicator.FromHexa().First(),
IssuerIdentifier = certificateData.IssuerIdentifier.FromHexa(),
CertificateExpirationDate = certificateData.ExpirationDate.FromHexa(),
CertificateSerialNumber = certificateData.SerialNumber.FromHexa(),
PublicKeyAlgorithmIndicator = certificateData.PublicKeyAlgorithmIndicator.FromHexa().First(),
IssuerPublicKey = issuerPublicKey
};
IssuerContext = new EmvIssuerContext()
{
CaPublicKeyIndex = certificateData.CaPublicKeyIndex,
IssuerPrivateKey = certificateData.IssuerPrivateKey
};
// 90 Issuer Public Key Certificate (Nca)
IssuerContext.IssuerPublicKeyCertificate = issuerPublicKeyCertificate.GenerateCertificate(caPrivateKey.GetPrivateKey()).ToHexa();
// 92 Issuer Public Key Remainder (Ni-Nca+36)
if (issuerModulusLength > caModulusLength - 36)
{
IssuerContext.IssuerPublicKeyRemainder = issuerPublicKey.Modulus.FromHexa().Skip(caModulusLength - 36).ToArray().ToHexa();
}
// 9F32 Issuer Public Key Exponent (1 or 3)
IssuerContext.IssuerPrivateKey.PublicExponent = issuerPublicKey.Exponent.FromHexa().ToHexa();
}
public static byte[] BuildPinVerifyData(KernelDatabaseBase database, CAPublicKeyCertificate caPublicKey, byte[] pinBlock, byte[] challenge)
{
IssuerPublicKeyCertificate ipk = IssuerPublicKeyCertificate.BuildAndValidatePublicKey(database, caPublicKey.Modulus, caPublicKey.Exponent);
if (ipk == null)
{
return(null);
}
int keyLength = 0;
PublicKeyCertificate iccKey = IccPinKeyCertificate.BuildAndValidatePublicKey(database, ipk.Modulus, ipk.Exponent);
if (iccKey == null)
{
iccKey = IccPublicKeyCertificate.BuildAndValidatePublicKey(database, database.StaticDataToBeAuthenticated, ipk.Modulus, ipk.Exponent);
if (iccKey == null)
{
return(null);
}
keyLength = ((IccPublicKeyCertificate)iccKey).ICCPublicKeyLength;
}
else
{
keyLength = ((IccPinKeyCertificate)iccKey).ICCPinKeyLength;
}
int paddingLength = keyLength - 17;
byte[] padding = new byte[paddingLength];
byte[] pinData = Formatting.ConcatArrays(new byte[] { 0x7F }, pinBlock, challenge, padding);
//apply recovery function
byte[] encryptedPin = PublicKeyCertificate.DecryptRSA(pinData, iccKey.Modulus, iccKey.Exponent);
return(encryptedPin);
}
