public Scp03Session(Session session, ushort key_id, Session auth_session, ushort auth_key_id)
{
var host_chal = auth_session.SendCmd(new GetChallengeReq {
key_id = auth_key_id
});
if (host_chal[0] != 38)
{
throw new IOException($"Unknown host challenge algorithm: {host_chal[0]}");
}
var create_req = new CreateSessionReq
{
key_id = key_id,
host_chal = host_chal.Slice(1).ToArray()
};
var create_resp = session.SendCmd(create_req);
session_id = create_resp[0];
var card_chal = create_resp.Slice(1, 8);
var card_crypto = create_resp.Slice(1 + 8, 8);
var client_auth = new ClientAuthReq
{
key_id = auth_key_id,
host_chal = host_chal.Slice(1).ToArray(),
card_chal = card_chal.ToArray(),
card_crypto = card_crypto.ToArray()
};
var auth_resp = auth_session.SendCmd(client_auth).ToArray();
key_enc = new KeyParameter(auth_resp, 0, 16);
var key_mac = new KeyParameter(auth_resp, 16, 16);
var key_rmac = new KeyParameter(auth_resp, 32, 16);
var host_crypto = auth_resp.AsMemory(48, 8);
this.session = new Scp03CMacSession(cmac, session, key_mac, key_rmac, new byte[16]);
var auth_req = new AuthenticateSessionReq
{
session_id = session_id,
host_crypto = host_crypto
};
this.session.SendCmd(auth_req);
}
public Scp11Session(Scp11Context context, Session session, ushort key_id)
{
var pair = context.generator.GenerateKeyPair();
var epk_oce = (ECPublicKeyParameters)pair.Public;
var esk_oce = AgreementUtilities.GetBasicAgreement("ECDH");
esk_oce.Init(pair.Private);
var req = new CreateSessionReq
{
key_id = key_id,
host_chal = epk_oce.Q.GetEncoded()
};
var resp = session.SendCmd(req);
session_id = resp[0];
var epk_sd = context.DecodePoint(resp.Slice(1, 65));
var receipt = resp.Slice(1 + 65, 16);
var shsee = esk_oce.CalculateAgreement(epk_sd).ToByteArrayFixed();
var shs_oce = context.CalculateShs(shsee, 4 * 16).ToArray();
var receipt_key = new KeyParameter(shs_oce, 0, 16);
key_enc = new KeyParameter(shs_oce, 16, 16);
var key_mac = new KeyParameter(shs_oce, 32, 16);
var key_rmac = new KeyParameter(shs_oce, 48, 16);
cmac.Init(receipt_key);
cmac.BlockUpdate(epk_sd.Q.GetEncoded());
cmac.BlockUpdate(epk_oce.Q.GetEncoded());
var receipt_oce = new byte[16];
cmac.DoFinal(receipt_oce, 0);
if (!receipt.SequenceEqual(receipt_oce))
{
throw new IOException("The card receipt was invalid");
}
this.session = new Scp03CMacSession(cmac, session, key_mac, key_rmac, receipt_oce);
}
public Scp03Session(Session session, ushort key_id, KeyParameter enc_key, KeyParameter mac_key, ReadOnlyMemory <byte> host_chal)
{
var create_req = new CreateSessionReq
{
key_id = key_id,
host_chal = host_chal
};
var create_resp = session.SendCmd(create_req);
session_id = create_resp[0];
var card_chal = create_resp.Slice(1, 8);
var card_crypto = create_resp.Slice(1 + 8, 8);
var context = new byte[host_chal.Length + card_chal.Length];
host_chal.CopyTo(context);
card_chal.CopyTo(context.AsSpan(host_chal.Length));
key_enc = ComputeCryptogram(enc_key, 4, context, 0x80);
var key_mac = ComputeCryptogram(mac_key, 6, context, 0x80);
var key_rmac = ComputeCryptogram(mac_key, 7, context, 0x80);
var card_crypto_host = ComputeCryptogram(key_mac, 0, context, 0x40).GetKey();
var host_crypto = ComputeCryptogram(key_mac, 1, context, 0x40).GetKey();
if (!card_crypto.SequenceEqual(card_crypto_host))
{
throw new IOException("The card cryptogram was invalid");
}
this.session = new Scp03CMacSession(cmac, session, key_mac, key_rmac, new byte[16]);
var auth_req = new AuthenticateSessionReq
{
session_id = session_id,
host_crypto = host_crypto
};
this.session.SendCmd(auth_req);
}
public Scp11Session(Session session, ushort key_id, Session auth_session, ushort auth_key_id)
{
var epk_oce = auth_session.SendCmd(new GetChallengeReq {
key_id = auth_key_id
}).ToArray();
if (epk_oce[0] != 49)
{
throw new IOException($"Unknown ephemeral key algorithm: {epk_oce[0]}");
}
epk_oce[0] = 0x04;
var req = new CreateSessionReq
{
key_id = key_id,
host_chal = epk_oce
};
var resp = session.SendCmd(req);
session_id = resp[0];
var epk_sd = resp.Slice(1, 65).ToArray();
var receipt = resp.Slice(1 + 65, 16).ToArray();
var client_auth = new ClientAuthReq
{
key_id = auth_key_id,
host_chal = epk_oce,
card_chal = epk_sd,
card_crypto = receipt
};
var auth_resp = auth_session.SendCmd(client_auth).ToArray();
key_enc = new KeyParameter(auth_resp, 0, 16);
var key_mac = new KeyParameter(auth_resp, 16, 16);
var key_rmac = new KeyParameter(auth_resp, 32, 16);
this.session = new Scp03CMacSession(cmac, session, key_mac, key_rmac, receipt);
}