private static bool VerifySDAD_Summaries_42(Kernel2Database database, CAPublicKeyCertificate capk, CardResponse cardResponse)
        {
            ICCDynamicData iccdd = VerifySAD.VerifySDAD(ICCDynamicDataType.IDS, true, database, database.StaticDataToBeAuthenticated, capk, cardResponse);

            if (iccdd == null)
            {
                return(false);
            }

            AddSDADDataToDatabase(database, iccdd);

            TLV ds2 = database.Get(EMVTagsEnum.DS_SUMMARY_2_DF8101_KRN2);
            TLV ds3 = database.Get(EMVTagsEnum.DS_SUMMARY_3_DF8102_KRN2);

            if (ds2 == null && iccdd.DSSummary2 != null)
            {
                ds2 = TLV.Create(EMVTagsEnum.DS_SUMMARY_2_DF8101_KRN2.Tag);
            }

            if (ds3 == null && iccdd.DSSummary3 != null)
            {
                ds3 = TLV.Create(EMVTagsEnum.DS_SUMMARY_3_DF8102_KRN2.Tag);
            }

            if (iccdd.DSSummary2 != null)
            {
                ds2.Value = iccdd.DSSummary2;
            }
            if (iccdd.DSSummary3 != null)
            {
                ds3.Value = iccdd.DSSummary3;
            }

            return(true);
        }
        private static bool VerifySDAD_9_10__4(Kernel2Database database, CAPublicKeyCertificate capk, CardResponse cardResponse)
        {
            ICCDynamicData iccdd = VerifySAD.VerifySDAD(ICCDynamicDataType.NO_IDS_OR_RRP, true, database, database.StaticDataToBeAuthenticated, capk, cardResponse);

            if (iccdd == null)
            {
                return(false);
            }

            VerifySAD.AddSDADDataToDatabase(database, iccdd);
            return(true);
        }
Ejemplo n.º 3
0
        public static bool DoDDA(KernelDatabaseBase database, KernelQ qManager, CAPublicKeyCertificate capk, TLV sdadTLV)
        {
            try
            {
                TRANSACTION_STATUS_INFORMATION_9B_KRN tsi = new TRANSACTION_STATUS_INFORMATION_9B_KRN(database);
                tsi.Value.OfflineDataAuthenticationWasPerformed = true;
                tsi.UpdateDB();

                if (database.Get(EMVTagsEnum.CERTIFICATION_AUTHORITY_PUBLIC_KEY_INDEX_8F_KRN) == null)
                {
                    return(false);
                }

                if (capk == null)
                {
                    return(false);
                }

                TLV aip    = database.Get(EMVTagsEnum.APPLICATION_INTERCHANGE_PROFILE_82_KRN.Tag);
                int length = database.StaticDataToBeAuthenticated.Serialize().Length;
                if (aip != null && database.IsNotEmpty(EMVTagsEnum.STATIC_DATA_AUTHENTICATION_SDA_TAG_LIST_9F4A_KRN3.Tag))
                {
                    if (2048 - length >= aip.Value.Length)
                    {
                        database.StaticDataToBeAuthenticated.AddToList(database.Get(EMVTagsEnum.APPLICATION_INTERCHANGE_PROFILE_82_KRN));
                    }
                    else
                    {
                        return(false);
                    }
                }

                if (sdadTLV != null)
                {
                    ICCDynamicData iccdd = VerifySAD.VerifySDAD(ICCDynamicDataType.DYNAMIC_NUMBER_ONLY, database, capk, sdadTLV.Value);
                    if (iccdd == null)
                    {
                        return(false);
                    }

                    VerifySAD.AddSDADDataToDatabase(database, iccdd);
                    return(true);
                }

                return(false);
            }
            catch
            {
                return(false);
            }
        }
        private static bool VerifySDAD_CheckRelayData_9_10__4_1(Kernel2Database database, CAPublicKeyCertificate capk, CardResponse cardResponse)
        {
            ICCDynamicData iccdd = VerifySAD.VerifySDAD(ICCDynamicDataType.RRP, true, database, database.StaticDataToBeAuthenticated, capk, cardResponse);

            if (iccdd == null)
            {
                return(false);
            }

            VerifySAD.AddSDADDataToDatabase(database, iccdd);

            string s1 = Formatting.ByteArrayToHexString(database.Get(EMVTagsEnum.TERMINAL_RELAY_RESISTANCE_ENTROPY_DF8301_KRN2).Value);
            string s2 = Formatting.ByteArrayToHexString(database.Get(EMVTagsEnum.DEVICE_RELAY_RESISTANCE_ENTROPY_DF8302_KRN2).Value);
            string s3 = Formatting.ByteArrayToHexString(database.Get(EMVTagsEnum.MIN_TIME_FOR_PROCESSING_RELAY_RESISTANCE_APDU_DF8303_KRN2).Value);
            string s4 = Formatting.ByteArrayToHexString(database.Get(EMVTagsEnum.MAX_TIME_FOR_PROCESSING_RELAY_RESISTANCE_APDU_DF8304_KRN2).Value);
            string s5 = Formatting.ByteArrayToHexString(database.Get(EMVTagsEnum.DEVICE_ESTIMATED_TRANSMISSION_TIME_FOR_RELAY_RESISTANCE_RAPDU_DF8305_KRN2).Value);

            if (s1 != Formatting.ByteArrayToHexString(iccdd.Terminal_Relay_Resistance_Entropy))
            {
                return(false);
            }
            if (s2 != Formatting.ByteArrayToHexString(iccdd.Device_Relay_Resistance_Entropy))
            {
                return(false);
            }
            if (s3 != Formatting.ByteArrayToHexString(iccdd.Min_Time_For_Processing_Relay_Resistance_APDU))
            {
                return(false);
            }
            if (s4 != Formatting.ByteArrayToHexString(iccdd.Max_Time_For_Processing_Relay_Resistance_APDU))
            {
                return(false);
            }
            if (s5 != Formatting.ByteArrayToHexString(iccdd.Device_Estimated_Transmission_Time_For_Relay_Resistance_R_APDU))
            {
                return(false);
            }

            return(true);
        }
Ejemplo n.º 5
0
        public static SignalsEnum InitiateCardActionAnalysis(KernelDatabaseBase database, KernelQ qManager, CardQ cardQManager, EMVSelectApplicationResponse emvSelectApplicationResponse)
        {
            APPLICATION_INTERCHANGE_PROFILE_82_KRN aip = new APPLICATION_INTERCHANGE_PROFILE_82_KRN(database);
            TERMINAL_CAPABILITIES_9F33_KRN         tc  = new TERMINAL_CAPABILITIES_9F33_KRN(database);
            TERMINAL_VERIFICATION_RESULTS_95_KRN   tvr = new TERMINAL_VERIFICATION_RESULTS_95_KRN(database);

            //time to get signature data for dda cards, in order to do oda after 1st gen ac
            EMVGenerateACRequest request = null;

            if (aip.Value.CDASupported && tc.Value.CDACapable)
            {
                //cda done after gen ac 1, call gen ac1 now with signature requested
                request = CreateGenAC(database, true);
                cardQManager.EnqueueToInput(new CardRequest(request, CardinterfaceServiceRequestEnum.ADPU));
                return(SignalsEnum.WAITING_FOR_GEN_AC_1);
            }
            if (aip.Value.DDAsupported && tc.Value.DDACapable)
            {
                #region Book 3 Section 10.3
                //do dda signature request, internal authenticate will do oda once it has the signature
                TLV    ddol = database.Get(EMVTagsEnum.DYNAMIC_DATA_AUTHENTICATION_DATA_OBJECT_LIST_DDOL_9F49_KRN);
                byte[] ddolRelatedData;
                if (ddol == null)
                {
                    TLV unpred = database.Get(EMVTagsEnum.UNPREDICTABLE_NUMBER_9F37_KRN);
                    unpred.Val.PackValue(unpred.Val.GetLength());
                    ddolRelatedData = unpred.Value;
                }
                else
                {
                    ddolRelatedData = CommonRoutines.PackRelatedDataTag(database, ddol);
                }
                EMVInternalAuthenticateRequest requestDDA = new EMVInternalAuthenticateRequest(ddolRelatedData);
                cardQManager.EnqueueToInput(new CardRequest(requestDDA, CardinterfaceServiceRequestEnum.ADPU));
                return(SignalsEnum.WAITING_FOR_INTERNAL_AUTHENTICATE);

                #endregion
            }
            if (aip.Value.SDASupported && tc.Value.SDACapable)
            {
                string  aid                 = emvSelectApplicationResponse.GetDFName();
                string  rid                 = aid.Substring(0, 10);
                RIDEnum ridEnum             = (RIDEnum)Enum.Parse(typeof(RIDEnum), rid);
                CAPublicKeyCertificate capk = database.PublicKeyCertificateManager.GetCAPK(ridEnum, database.Get(EMVTagsEnum.CERTIFICATION_AUTHORITY_PUBLIC_KEY_INDEX_8F_KRN).Value[0]);

                TLV ssadTLV = database.Get(EMVTagsEnum.SIGNED_STATIC_APPLICATION_DATA_93_KRN);
                if (capk == null || ssadTLV == null)
                {
                    tvr.Value.SDAFailed = true;
                    tvr.UpdateDB();
                }
                else
                {
                    TRANSACTION_STATUS_INFORMATION_9B_KRN tsi = new TRANSACTION_STATUS_INFORMATION_9B_KRN(database);
                    tsi.Value.OfflineDataAuthenticationWasPerformed = true;
                    tsi.UpdateDB();

                    byte[] sdadRaw  = database.Get(EMVTagsEnum.SIGNED_STATIC_APPLICATION_DATA_93_KRN).Value;
                    byte[] authCode = VerifySAD.VerifySSAD(ICCDynamicDataType.DYNAMIC_NUMBER_ONLY, database, capk, sdadRaw);
                    if (authCode == null)
                    {
                        tvr.Value.SDAFailed = true;
                        tvr.UpdateDB();
                    }
                    else
                    {
                        TLV dataAuthenticationCode = database.Get(EMVTagsEnum.DATA_AUTHENTICATION_CODE_9F45_KRN);
                        if (dataAuthenticationCode == null)
                        {
                            dataAuthenticationCode = TLV.Create(EMVTagsEnum.DATA_AUTHENTICATION_CODE_9F45_KRN.Tag, authCode);
                        }
                        else
                        {
                            dataAuthenticationCode.Value = authCode;
                        }
                    }
                }

                //sda done after gen ac 1, call gen ac 1 now with no signature requested
                request = CreateGenAC(database, false);
                cardQManager.EnqueueToInput(new CardRequest(request, CardinterfaceServiceRequestEnum.ADPU));
                return(SignalsEnum.WAITING_FOR_GEN_AC_1);
            }

            tvr.Value.OfflineDataAuthenticationWasNotPerformed = true;
            tvr.UpdateDB();
            //to do: ceck this, is this correct for a card where no oda is supported
            request = CreateGenAC(database, false);
            cardQManager.EnqueueToInput(new CardRequest(request, CardinterfaceServiceRequestEnum.ADPU));
            return(SignalsEnum.WAITING_FOR_GEN_AC_1);
        }
        public static bool DoOfflineAuth(KernelDatabaseBase database, KernelQ qManager, PublicKeyCertificateManager pkcm)
        {
            try
            {
                TLV sdadTLV = database.Get(EMVTagsEnum.SIGNED_DYNAMIC_APPLICATION_DATA_9F4B_KRN);
                TLV ssadTLV = database.Get(EMVTagsEnum.SIGNED_STATIC_APPLICATION_DATA_93_KRN);
                if (sdadTLV == null && ssadTLV == null)
                {
                    return(false);
                }

                if (database.Get(EMVTagsEnum.CERTIFICATION_AUTHORITY_PUBLIC_KEY_INDEX_8F_KRN) == null)
                {
                    return(false);
                }

                CAPublicKeyCertificate capk = pkcm.GetCAPK(RIDEnum.A000000003, database.Get(EMVTagsEnum.CERTIFICATION_AUTHORITY_PUBLIC_KEY_INDEX_8F_KRN).Value[0]);
                if (capk == null)
                {
                    return(false);
                }

                TLV aip    = database.Get(EMVTagsEnum.APPLICATION_INTERCHANGE_PROFILE_82_KRN.Tag);
                int length = database.StaticDataToBeAuthenticated.Serialize().Length;
                if (aip != null && database.IsNotEmpty(EMVTagsEnum.STATIC_DATA_AUTHENTICATION_SDA_TAG_LIST_9F4A_KRN3.Tag))
                {
                    if (2048 - length >= aip.Value.Length)
                    {
                        database.StaticDataToBeAuthenticated.AddToList(database.Get(EMVTagsEnum.APPLICATION_INTERCHANGE_PROFILE_82_KRN));
                    }
                    else
                    {
                        return(false);
                    }
                }

                if (sdadTLV != null)
                {
                    TLV card = database.Get(EMVTagsEnum.CARD_AUTHENTICATION_RELATED_DATA_9F69_KRN3);
                    if (card == null || card.Value[0] != 0x01) //check version number of fdda
                    {
                        return(false);
                    }

                    byte[]         sdadRaw = database.Get(EMVTagsEnum.SIGNED_DYNAMIC_APPLICATION_DATA_9F4B_KRN).Value;
                    ICCDynamicData iccdd   = VerifySAD.VerifySDAD_K3(ICCDynamicDataType.DYNAMIC_NUMBER_ONLY, database, capk, sdadRaw);
                    if (iccdd == null)
                    {
                        return(false);
                    }

                    VerifySAD.AddSDADDataToDatabase(database, iccdd);
                    return(true);
                }

                if (ssadTLV != null)
                {
                    byte[] sdadRaw  = database.Get(EMVTagsEnum.SIGNED_STATIC_APPLICATION_DATA_93_KRN).Value;
                    byte[] authCode = VerifySAD.VerifySSAD(ICCDynamicDataType.DYNAMIC_NUMBER_ONLY, database, capk, sdadRaw);
                    if (authCode == null)
                    {
                        return(false);
                    }
                    TLV dataAuthenticationCode = database.Get(EMVTagsEnum.DATA_AUTHENTICATION_CODE_9F45_KRN);
                    if (dataAuthenticationCode == null)
                    {
                        dataAuthenticationCode = TLV.Create(EMVTagsEnum.DATA_AUTHENTICATION_CODE_9F45_KRN.Tag, authCode);
                    }
                    database.AddToList(dataAuthenticationCode);
                    return(true);
                }

                return(false);
            }
            catch
            {
                return(false);
            }
        }