private static bool VerifySDAD_Summaries_42(Kernel2Database database, CAPublicKeyCertificate capk, CardResponse cardResponse)
{
ICCDynamicData iccdd = VerifySAD.VerifySDAD(ICCDynamicDataType.IDS, true, database, database.StaticDataToBeAuthenticated, capk, cardResponse);
if (iccdd == null)
{
return(false);
}
AddSDADDataToDatabase(database, iccdd);
TLV ds2 = database.Get(EMVTagsEnum.DS_SUMMARY_2_DF8101_KRN2);
TLV ds3 = database.Get(EMVTagsEnum.DS_SUMMARY_3_DF8102_KRN2);
if (ds2 == null && iccdd.DSSummary2 != null)
{
ds2 = TLV.Create(EMVTagsEnum.DS_SUMMARY_2_DF8101_KRN2.Tag);
}
if (ds3 == null && iccdd.DSSummary3 != null)
{
ds3 = TLV.Create(EMVTagsEnum.DS_SUMMARY_3_DF8102_KRN2.Tag);
}
if (iccdd.DSSummary2 != null)
{
ds2.Value = iccdd.DSSummary2;
}
if (iccdd.DSSummary3 != null)
{
ds3.Value = iccdd.DSSummary3;
}
return(true);
}
private static bool VerifySDAD_9_10__4(Kernel2Database database, CAPublicKeyCertificate capk, CardResponse cardResponse)
{
ICCDynamicData iccdd = VerifySAD.VerifySDAD(ICCDynamicDataType.NO_IDS_OR_RRP, true, database, database.StaticDataToBeAuthenticated, capk, cardResponse);
if (iccdd == null)
{
return(false);
}
VerifySAD.AddSDADDataToDatabase(database, iccdd);
return(true);
}
public static bool DoDDA(KernelDatabaseBase database, KernelQ qManager, CAPublicKeyCertificate capk, TLV sdadTLV)
{
try
{
TRANSACTION_STATUS_INFORMATION_9B_KRN tsi = new TRANSACTION_STATUS_INFORMATION_9B_KRN(database);
tsi.Value.OfflineDataAuthenticationWasPerformed = true;
tsi.UpdateDB();
if (database.Get(EMVTagsEnum.CERTIFICATION_AUTHORITY_PUBLIC_KEY_INDEX_8F_KRN) == null)
{
return(false);
}
if (capk == null)
{
return(false);
}
TLV aip = database.Get(EMVTagsEnum.APPLICATION_INTERCHANGE_PROFILE_82_KRN.Tag);
int length = database.StaticDataToBeAuthenticated.Serialize().Length;
if (aip != null && database.IsNotEmpty(EMVTagsEnum.STATIC_DATA_AUTHENTICATION_SDA_TAG_LIST_9F4A_KRN3.Tag))
{
if (2048 - length >= aip.Value.Length)
{
database.StaticDataToBeAuthenticated.AddToList(database.Get(EMVTagsEnum.APPLICATION_INTERCHANGE_PROFILE_82_KRN));
}
else
{
return(false);
}
}
if (sdadTLV != null)
{
ICCDynamicData iccdd = VerifySAD.VerifySDAD(ICCDynamicDataType.DYNAMIC_NUMBER_ONLY, database, capk, sdadTLV.Value);
if (iccdd == null)
{
return(false);
}
VerifySAD.AddSDADDataToDatabase(database, iccdd);
return(true);
}
return(false);
}
catch
{
return(false);
}
}
private static bool VerifySDAD_CheckRelayData_9_10__4_1(Kernel2Database database, CAPublicKeyCertificate capk, CardResponse cardResponse)
{
ICCDynamicData iccdd = VerifySAD.VerifySDAD(ICCDynamicDataType.RRP, true, database, database.StaticDataToBeAuthenticated, capk, cardResponse);
if (iccdd == null)
{
return(false);
}
VerifySAD.AddSDADDataToDatabase(database, iccdd);
string s1 = Formatting.ByteArrayToHexString(database.Get(EMVTagsEnum.TERMINAL_RELAY_RESISTANCE_ENTROPY_DF8301_KRN2).Value);
string s2 = Formatting.ByteArrayToHexString(database.Get(EMVTagsEnum.DEVICE_RELAY_RESISTANCE_ENTROPY_DF8302_KRN2).Value);
string s3 = Formatting.ByteArrayToHexString(database.Get(EMVTagsEnum.MIN_TIME_FOR_PROCESSING_RELAY_RESISTANCE_APDU_DF8303_KRN2).Value);
string s4 = Formatting.ByteArrayToHexString(database.Get(EMVTagsEnum.MAX_TIME_FOR_PROCESSING_RELAY_RESISTANCE_APDU_DF8304_KRN2).Value);
string s5 = Formatting.ByteArrayToHexString(database.Get(EMVTagsEnum.DEVICE_ESTIMATED_TRANSMISSION_TIME_FOR_RELAY_RESISTANCE_RAPDU_DF8305_KRN2).Value);
if (s1 != Formatting.ByteArrayToHexString(iccdd.Terminal_Relay_Resistance_Entropy))
{
return(false);
}
if (s2 != Formatting.ByteArrayToHexString(iccdd.Device_Relay_Resistance_Entropy))
{
return(false);
}
if (s3 != Formatting.ByteArrayToHexString(iccdd.Min_Time_For_Processing_Relay_Resistance_APDU))
{
return(false);
}
if (s4 != Formatting.ByteArrayToHexString(iccdd.Max_Time_For_Processing_Relay_Resistance_APDU))
{
return(false);
}
if (s5 != Formatting.ByteArrayToHexString(iccdd.Device_Estimated_Transmission_Time_For_Relay_Resistance_R_APDU))
{
return(false);
}
return(true);
}
public static SignalsEnum InitiateCardActionAnalysis(KernelDatabaseBase database, KernelQ qManager, CardQ cardQManager, EMVSelectApplicationResponse emvSelectApplicationResponse)
{
APPLICATION_INTERCHANGE_PROFILE_82_KRN aip = new APPLICATION_INTERCHANGE_PROFILE_82_KRN(database);
TERMINAL_CAPABILITIES_9F33_KRN tc = new TERMINAL_CAPABILITIES_9F33_KRN(database);
TERMINAL_VERIFICATION_RESULTS_95_KRN tvr = new TERMINAL_VERIFICATION_RESULTS_95_KRN(database);
//time to get signature data for dda cards, in order to do oda after 1st gen ac
EMVGenerateACRequest request = null;
if (aip.Value.CDASupported && tc.Value.CDACapable)
{
//cda done after gen ac 1, call gen ac1 now with signature requested
request = CreateGenAC(database, true);
cardQManager.EnqueueToInput(new CardRequest(request, CardinterfaceServiceRequestEnum.ADPU));
return(SignalsEnum.WAITING_FOR_GEN_AC_1);
}
if (aip.Value.DDAsupported && tc.Value.DDACapable)
{
#region Book 3 Section 10.3
//do dda signature request, internal authenticate will do oda once it has the signature
TLV ddol = database.Get(EMVTagsEnum.DYNAMIC_DATA_AUTHENTICATION_DATA_OBJECT_LIST_DDOL_9F49_KRN);
byte[] ddolRelatedData;
if (ddol == null)
{
TLV unpred = database.Get(EMVTagsEnum.UNPREDICTABLE_NUMBER_9F37_KRN);
unpred.Val.PackValue(unpred.Val.GetLength());
ddolRelatedData = unpred.Value;
}
else
{
ddolRelatedData = CommonRoutines.PackRelatedDataTag(database, ddol);
}
EMVInternalAuthenticateRequest requestDDA = new EMVInternalAuthenticateRequest(ddolRelatedData);
cardQManager.EnqueueToInput(new CardRequest(requestDDA, CardinterfaceServiceRequestEnum.ADPU));
return(SignalsEnum.WAITING_FOR_INTERNAL_AUTHENTICATE);
#endregion
}
if (aip.Value.SDASupported && tc.Value.SDACapable)
{
string aid = emvSelectApplicationResponse.GetDFName();
string rid = aid.Substring(0, 10);
RIDEnum ridEnum = (RIDEnum)Enum.Parse(typeof(RIDEnum), rid);
CAPublicKeyCertificate capk = database.PublicKeyCertificateManager.GetCAPK(ridEnum, database.Get(EMVTagsEnum.CERTIFICATION_AUTHORITY_PUBLIC_KEY_INDEX_8F_KRN).Value[0]);
TLV ssadTLV = database.Get(EMVTagsEnum.SIGNED_STATIC_APPLICATION_DATA_93_KRN);
if (capk == null || ssadTLV == null)
{
tvr.Value.SDAFailed = true;
tvr.UpdateDB();
}
else
{
TRANSACTION_STATUS_INFORMATION_9B_KRN tsi = new TRANSACTION_STATUS_INFORMATION_9B_KRN(database);
tsi.Value.OfflineDataAuthenticationWasPerformed = true;
tsi.UpdateDB();
byte[] sdadRaw = database.Get(EMVTagsEnum.SIGNED_STATIC_APPLICATION_DATA_93_KRN).Value;
byte[] authCode = VerifySAD.VerifySSAD(ICCDynamicDataType.DYNAMIC_NUMBER_ONLY, database, capk, sdadRaw);
if (authCode == null)
{
tvr.Value.SDAFailed = true;
tvr.UpdateDB();
}
else
{
TLV dataAuthenticationCode = database.Get(EMVTagsEnum.DATA_AUTHENTICATION_CODE_9F45_KRN);
if (dataAuthenticationCode == null)
{
dataAuthenticationCode = TLV.Create(EMVTagsEnum.DATA_AUTHENTICATION_CODE_9F45_KRN.Tag, authCode);
}
else
{
dataAuthenticationCode.Value = authCode;
}
}
}
//sda done after gen ac 1, call gen ac 1 now with no signature requested
request = CreateGenAC(database, false);
cardQManager.EnqueueToInput(new CardRequest(request, CardinterfaceServiceRequestEnum.ADPU));
return(SignalsEnum.WAITING_FOR_GEN_AC_1);
}
tvr.Value.OfflineDataAuthenticationWasNotPerformed = true;
tvr.UpdateDB();
//to do: ceck this, is this correct for a card where no oda is supported
request = CreateGenAC(database, false);
cardQManager.EnqueueToInput(new CardRequest(request, CardinterfaceServiceRequestEnum.ADPU));
return(SignalsEnum.WAITING_FOR_GEN_AC_1);
}
public static bool DoOfflineAuth(KernelDatabaseBase database, KernelQ qManager, PublicKeyCertificateManager pkcm)
{
try
{
TLV sdadTLV = database.Get(EMVTagsEnum.SIGNED_DYNAMIC_APPLICATION_DATA_9F4B_KRN);
TLV ssadTLV = database.Get(EMVTagsEnum.SIGNED_STATIC_APPLICATION_DATA_93_KRN);
if (sdadTLV == null && ssadTLV == null)
{
return(false);
}
if (database.Get(EMVTagsEnum.CERTIFICATION_AUTHORITY_PUBLIC_KEY_INDEX_8F_KRN) == null)
{
return(false);
}
CAPublicKeyCertificate capk = pkcm.GetCAPK(RIDEnum.A000000003, database.Get(EMVTagsEnum.CERTIFICATION_AUTHORITY_PUBLIC_KEY_INDEX_8F_KRN).Value[0]);
if (capk == null)
{
return(false);
}
TLV aip = database.Get(EMVTagsEnum.APPLICATION_INTERCHANGE_PROFILE_82_KRN.Tag);
int length = database.StaticDataToBeAuthenticated.Serialize().Length;
if (aip != null && database.IsNotEmpty(EMVTagsEnum.STATIC_DATA_AUTHENTICATION_SDA_TAG_LIST_9F4A_KRN3.Tag))
{
if (2048 - length >= aip.Value.Length)
{
database.StaticDataToBeAuthenticated.AddToList(database.Get(EMVTagsEnum.APPLICATION_INTERCHANGE_PROFILE_82_KRN));
}
else
{
return(false);
}
}
if (sdadTLV != null)
{
TLV card = database.Get(EMVTagsEnum.CARD_AUTHENTICATION_RELATED_DATA_9F69_KRN3);
if (card == null || card.Value[0] != 0x01) //check version number of fdda
{
return(false);
}
byte[] sdadRaw = database.Get(EMVTagsEnum.SIGNED_DYNAMIC_APPLICATION_DATA_9F4B_KRN).Value;
ICCDynamicData iccdd = VerifySAD.VerifySDAD_K3(ICCDynamicDataType.DYNAMIC_NUMBER_ONLY, database, capk, sdadRaw);
if (iccdd == null)
{
return(false);
}
VerifySAD.AddSDADDataToDatabase(database, iccdd);
return(true);
}
if (ssadTLV != null)
{
byte[] sdadRaw = database.Get(EMVTagsEnum.SIGNED_STATIC_APPLICATION_DATA_93_KRN).Value;
byte[] authCode = VerifySAD.VerifySSAD(ICCDynamicDataType.DYNAMIC_NUMBER_ONLY, database, capk, sdadRaw);
if (authCode == null)
{
return(false);
}
TLV dataAuthenticationCode = database.Get(EMVTagsEnum.DATA_AUTHENTICATION_CODE_9F45_KRN);
if (dataAuthenticationCode == null)
{
dataAuthenticationCode = TLV.Create(EMVTagsEnum.DATA_AUTHENTICATION_CODE_9F45_KRN.Tag, authCode);
}
database.AddToList(dataAuthenticationCode);
return(true);
}
return(false);
}
catch
{
return(false);
}
}