public string GetApdu(Persistence persistence, string keyReference, string keyValue) { ValidateInput(keyReference, keyValue); _keyReference = BinaryHelper.ConvertOctetStringToBytes(keyReference); _keyValue = BinaryHelper.ConvertOctetStringToBytes(keyValue); using (var stream = new MemoryStream()) { using (var writer = new BinaryWriter(stream)) { WritePrefix(writer); writer.Write(SeProcessorCommandTag); writer.Write(GetLengthToEnd(writer)); writer.Write(ProcessCardAPITag); writer.Write(GetLengthToEnd(writer)); writer.Write(CardAPILoadKeyTag); writer.Write(GetLengthToEnd(writer)); writer.Write(IsPersistentValLength); writer.Write(LengthOfIsPersistentValue); writer.Write((byte)persistence); writer.Write(KeyReferenceTag); writer.Write((byte)_keyReference.Length); writer.Write(_keyReference); writer.Write(KeyValueTag); writer.Write((byte)_keyValue.Length); writer.Write(_keyValue); WritePostfix(writer); } return(BinaryHelper.ConvertBytesToOctetString(stream.ToArray())); } }
public string GetApdu() { byte[] data; using (var stream = new MemoryStream()) { using (var writer = new BinaryWriter(stream)) { WritePrefix(writer); writer.Write(SeProcessorCommandTag); writer.Write(GetLengthToEnd(writer)); writer.Write(GetContentElement2Tag); writer.Write(GetLengthToEnd(writer)); writer.Write(ContentElementTag); writer.Write(ContentElementValLength); writer.Write(PhysicalAccessBits); WritePostfix(writer); } data = stream.ToArray(); } return(BinaryHelper.ConvertBytesToOctetString(data)); }
public static string GetHashTag(string macKey, string dataToMac) { var hash = GetHashTag(BinaryHelper.ConvertOctetStringToBytes(macKey), BinaryHelper.ConvertOctetStringToBytes(dataToMac)); return(BinaryHelper.ConvertBytesToOctetString(hash)); }
public string GetApdu() { byte[] data; using (var stream = new MemoryStream()) { using (var writer = new BinaryWriter(stream)) { WritePrefix(writer); writer.Write(SeProcessorCommandTag); writer.Write(GetLengthToEnd(writer)); writer.Write(ProcessCardAPITag); writer.Write(GetLengthToEnd(writer)); writer.Write(CardAPIDESFireTag); writer.Write(GetLengthToEnd(writer)); writer.Write(DESFireFormatTag); writer.Write(DESFireFormatValLength); WritePostfix(writer); } data = stream.ToArray(); } return(BinaryHelper.ConvertBytesToOctetString(data)); }
public string GetApdu(string applicationNumber) { ValidateInput(applicationNumber); _applicationNumber = BinaryHelper.ConvertOctetStringToBytes(applicationNumber); byte[] data; using (var stream = new MemoryStream()) { using (var writer = new BinaryWriter(stream)) { WritePrefix(writer); writer.Write(SeProcessorCommandTag); writer.Write(GetLengthToEnd(writer)); writer.Write(ProcessCardAPITag); writer.Write(GetLengthToEnd(writer)); writer.Write(CardAPIDESFireTag); writer.Write(GetLengthToEnd(writer)); writer.Write(DESFireSelectApplicationTag); writer.Write(GetLengthToEnd(writer)); writer.Write(ApplicationNumberTag); writer.Write((byte)_applicationNumber.Length); writer.Write(_applicationNumber); WritePostfix(writer); } data = stream.ToArray(); } return(BinaryHelper.ConvertBytesToOctetString(data)); }
private string Decrypt(string key, string data, CipherMode cMode = CipherMode.ECB, PaddingMode pMode = PaddingMode.None, string iv = "00000000000000000000000000000000") { byte[] derivedData; using (var aes = new AesCryptoServiceProvider { Mode = cMode, Padding = pMode }) using (var ict = aes.CreateDecryptor(BinaryHelper.ConvertOctetStringToBytes(key), BinaryHelper.ConvertOctetStringToBytes(iv))) { byte[] dataBytes = BinaryHelper.ConvertOctetStringToBytes(data); derivedData = ict.TransformFinalBlock(dataBytes, 0, dataBytes.Length); } return(BinaryHelper.ConvertBytesToOctetString(derivedData)); }
private string Pad(string data) { string padding = string.Empty; data += "80"; int length = 32 - data.Length % 32; if (length != 0 && length != 32) { padding = BinaryHelper.ConvertBytesToOctetString(new byte[length / 2]); } return(data + padding); }
public string GetApdu(byte fileNumber, string offset, string dataToBeWritten, CommunicationMode communicationMode, CommitFlag commitFlag) { ValidateInput(offset, dataToBeWritten); _offset = BinaryHelper.ConvertOctetStringToBytes(offset); _dataToBeWritten = BinaryHelper.ConvertOctetStringToBytes(dataToBeWritten); byte[] data; using (var stream = new MemoryStream()) { using (var writer = new BinaryWriter(stream)) { WritePrefix(writer); writer.Write(SeProcessorCommandTag); writer.Write(GetLengthToEnd(writer)); writer.Write(ProcessCardAPITag); writer.Write(GetLengthToEnd(writer)); writer.Write(CardAPIDESFireTag); writer.Write(GetLengthToEnd(writer)); writer.Write(DESFireWriteDataTag); writer.Write(GetLengthToEnd(writer)); writer.Write(FileNumberTag); writer.Write(FileNumberValLength); writer.Write(fileNumber); writer.Write(OffsetTag); writer.Write((byte)_offset.Length); writer.Write(_offset); writer.Write(DataTag); writer.Write((byte)_dataToBeWritten.Length); writer.Write(_dataToBeWritten); writer.Write(ModeTag); writer.Write(ModeValLength); writer.Write((byte)communicationMode); writer.Write(CommitTag); writer.Write(CommitValLength); writer.Write((byte)commitFlag); WritePostfix(writer); } data = stream.ToArray(); } return(BinaryHelper.ConvertBytesToOctetString(data)); }
public string GetApdu(byte fileNumber, CommunicationMode communicationMode, string accessRights, string fileSize) { ValidateInput(accessRights, fileSize); _accessRights = BinaryHelper.ConvertOctetStringToBytes(accessRights); _fileSize = BinaryHelper.ConvertOctetStringToBytes(fileSize); byte[] data; using (var stream = new MemoryStream()) { using (var writer = new BinaryWriter(stream)) { WritePrefix(writer); writer.Write(SeProcessorCommandTag); writer.Write(GetLengthToEnd(writer)); writer.Write(ProcessCardAPITag); writer.Write(GetLengthToEnd(writer)); writer.Write(CardAPIDESFireTag); writer.Write(GetLengthToEnd(writer)); writer.Write(DESFireCreateStandardDataFileTag); writer.Write(GetLengthToEnd(writer)); writer.Write(FileNumberTag); writer.Write(FileNumberValLength); writer.Write(fileNumber); writer.Write(CommunicationSettingsTag); writer.Write(CommunicationSettingsValLength); writer.Write((byte)communicationMode); writer.Write(AccessRightsTag); writer.Write((byte)_accessRights.Length); writer.Write(_accessRights); writer.Write(FileSizeTag); writer.Write((byte)_fileSize.Length); writer.Write(_fileSize); WritePostfix(writer); } data = stream.ToArray(); } return(BinaryHelper.ConvertBytesToOctetString(data)); }
private void ReaderAuthentication(string hostAuthResponse) { if (_sessionStatus != SessionStatus.MutualAuthenticationPhase) { _sessionStatus = SessionStatus.NotEstablished; return; } var data = BinaryHelper.ConvertOctetStringToBytes(hostAuthResponse.Substring(0, hostAuthResponse.Length - 4)); var mac2 = data.Skip(NonceLength + NonceLength + KeyLength).Take(MacLength).ToArray(); var plain2 = AesSivCtr(BinaryHelper.ConvertOctetStringToBytes(_sessionEncryptionKey), mac2, data.Take(NonceLength + NonceLength + KeyLength).ToArray()); var mac3 = AesSivMac(BinaryHelper.ConvertOctetStringToBytes(_sessionMacKey), new byte[] { _keySlot }, plain2); if (!mac2.SequenceEqual(mac3)) { _sessionStatus = SessionStatus.NotEstablished; throw new Exception("Mac mismatch. Session Terminated."); } if (!plain2.Take(NonceLength).ToArray().SequenceEqual(BinaryHelper.ConvertOctetStringToBytes(_readerNonce))) { _sessionStatus = SessionStatus.NotEstablished; throw new Exception("Reader nonce mismatch. Session Terminated."); } if (!plain2.Skip(NonceLength).Take(NonceLength).ToArray().SequenceEqual(BinaryHelper.ConvertOctetStringToBytes(_hostNonce))) { _sessionStatus = SessionStatus.NotEstablished; throw new Exception("Host nonce mismatch. Session Terminated."); } _readerKey = BinaryHelper.ConvertBytesToOctetString(plain2.Skip(NonceLength + NonceLength) .Take(KeyLength) .ToArray()); var sessionkeys = AesSp800108(BinaryHelper.ConvertOctetStringToBytes(_hostKey + _readerKey), BinaryHelper.ConvertOctetStringToBytes(_sessionMacKey)); _sessionEncryptionKey = BinaryHelper.ConvertBytesToOctetString(sessionkeys.Take(KeyLength).ToArray()); _sessionMacKey = BinaryHelper.ConvertBytesToOctetString(sessionkeys.Skip(KeyLength).Take(KeyLength).ToArray()); _counter = new Counter(_hostNonce, _readerNonce); _sessionStatus = SessionStatus.Established; }
private void ContinueAuthentiacation(string masterKey, string clientNonce, string serverUid, string serverNonce, string serverCryptogram) { string secureChannelBaseKey = GetSecureChannelBaseKey(masterKey, serverUid); GetSessionKeys(secureChannelBaseKey, serverNonce); // Encrypt and check Server Cryptogram string expectedServerCryptogram = Encrypt(_sessionEncKey, clientNonce + serverNonce); if (!serverCryptogram.Equals(expectedServerCryptogram)) { ClearFields(); throw new Exception($"Server Cryptogram mismatch, \nExpected: {expectedServerCryptogram}, Actual: {serverCryptogram}"); } // Encrypt client Cryptogram string clientCryptogram = Encrypt(_sessionEncKey, serverNonce + clientNonce); string clientCryptogramCmac = ComputeMac(clientCryptogram); string continueAuthCommand = "FF70076B28" + $"A126A1248010{clientCryptogram}" + $"8110{clientCryptogramCmac}00"; string response = _smartCardReader.Transmit(continueAuthCommand); if (!(response.StartsWith("9D10") && response.EndsWith("9000"))) { ClearFields(); throw new Exception($"Server answer to Continue Authentication command incorrect, answer: {response}"); } // check response mac string serverRmac = response.Substring(4, 32); string rMacData = "80" + BinaryHelper.ConvertBytesToOctetString(new byte[15]); string expectedServerRmac = ComputeMac(rMacData, clientCryptogramCmac); if (!serverRmac.Equals(expectedServerRmac)) { ClearFields(); throw new Exception($"Server RMAC mismatch, \nExpected: {expectedServerRmac}, Actual: {serverRmac}"); } _rMac = serverRmac; IsSessionActive = true; }
/// <inheritdoc /> /// <summary> /// Encrypts and sends given apdu command, returns decrypted response. /// </summary> /// <param name="apdu"></param> /// <returns></returns> public string SendCommand(string apdu) { if (_sessionStatus != SessionStatus.Established) { Terminate(); throw new Exception("Attempt to Send Command via secure session, while session is not established"); } // Encrypt data _counter.Increment(); byte[] mac = AesSivMac(BinaryHelper.ConvertOctetStringToBytes(_sessionMacKey), _counter.Value, BinaryHelper.ConvertOctetStringToBytes(apdu)); byte[] enc = AesSivCtr(BinaryHelper.ConvertOctetStringToBytes(_sessionEncryptionKey), mac, BinaryHelper.ConvertOctetStringToBytes(apdu)); byte[] data = enc.Concat(mac).ToArray(); var response = _smartCardReader.Transmit("FF720200" + data.Length.ToString("X2") + BinaryHelper.ConvertBytesToOctetString(data)); // Decrypt response _counter.Increment(); if (response.Substring(response.Length - 4) != "9000") { _sessionStatus = SessionStatus.NotEstablished; Terminate(); throw new Exception($"Error {response.Substring(response.Length - 4)}\nSession Terminated."); } byte[] cryptogram = BinaryHelper.ConvertOctetStringToBytes(response.Substring(0, response.Length - 4)); byte[] dataEnc = cryptogram.Take(cryptogram.Length - MacLength).ToArray(); byte[] dataMac = cryptogram.Skip(cryptogram.Length - MacLength).Take(MacLength).ToArray(); byte[] plain = AesSivCtr(BinaryHelper.ConvertOctetStringToBytes(_sessionEncryptionKey), dataMac, dataEnc); byte[] dataMac2 = AesSivMac(BinaryHelper.ConvertOctetStringToBytes(_sessionMacKey), _counter.Value, plain); if (!dataMac.SequenceEqual(dataMac2)) { _sessionStatus = SessionStatus.NotEstablished; Terminate(); throw new Exception("Mac mismatch in decrypted response.\nSession Terminated."); } return(BinaryHelper.ConvertBytesToOctetString(plain)); }
private string InitializeAuthentication(byte keyNumber, byte versionSecCh = 0x00) { string clientNonce; using (var randomGenerator = new RNGCryptoServiceProvider()) { var tempNonce = new byte[8]; randomGenerator.GetBytes(tempNonce); clientNonce = BinaryHelper.ConvertBytesToOctetString(tempNonce); } string initAuthCommand = "FF70076B14" + $"A112A0108001{versionSecCh:X2}" + $"8101{keyNumber:X2}" + $"8208{clientNonce}00"; string response = _smartCardReader.Transmit(initAuthCommand); if (!(response.StartsWith("9D20") && response.EndsWith("9000"))) { ClearFields(); throw new Exception($"Server answer to Initialize Authentication command incorrect, answer: {response}"); } return(response.Substring(4, 64) + clientNonce); }
public string GetApdu(byte keyNumber, string keyReference) { ValidateInput(keyReference); _keyReference = BinaryHelper.ConvertOctetStringToBytes(keyReference); byte[] data; using (var stream = new MemoryStream()) { using (var writer = new BinaryWriter(stream)) { WritePrefix(writer); writer.Write(SeProcessorCommandTag); writer.Write(GetLengthToEnd(writer)); writer.Write(ProcessCardAPITag); writer.Write(GetLengthToEnd(writer)); writer.Write(CardAPIDESFireTag); writer.Write(GetLengthToEnd(writer)); writer.Write(DESFireAuthNativeTag); writer.Write(GetLengthToEnd(writer)); writer.Write(KeyNumberTag); writer.Write(KeyNumberValLength); writer.Write(keyNumber); writer.Write(KeyReferenceTag); writer.Write((byte)_keyReference.Length); writer.Write(_keyReference); WritePostfix(writer); } data = stream.ToArray(); } return(BinaryHelper.ConvertBytesToOctetString(data)); }
private string HostAuthentication() { if (_sessionStatus != SessionStatus.GetChallengePhase) { _sessionStatus = SessionStatus.NotEstablished; return(null); } using (var randomGenerator = RandomNumberGenerator.Create()) { var hostKey = new byte[KeyLength]; var hostNonce = new byte[NonceLength]; randomGenerator.GetBytes(hostKey); randomGenerator.GetBytes(hostNonce); _hostKey = BinaryHelper.ConvertBytesToOctetString(hostKey); _hostNonce = BinaryHelper.ConvertBytesToOctetString(hostNonce); } // encrypy data byte[] plain = BinaryHelper.ConvertOctetStringToBytes(_hostNonce + _readerNonce + _hostKey); var mac = AesSivMac(BinaryHelper.ConvertOctetStringToBytes(_sessionMacKey), new byte[] { _keySlot }, plain); var enc = AesSivCtr(BinaryHelper.ConvertOctetStringToBytes(_sessionEncryptionKey), mac, plain); string mutualAuthenticationApdu = "FF72010040" + BinaryHelper.ConvertBytesToOctetString(enc.Concat(mac).ToArray()); var response = _smartCardReader.Transmit(mutualAuthenticationApdu); if (response.Substring(response.Length - 4) != "9000") { _sessionStatus = SessionStatus.NotEstablished; throw new Exception($"Establish secure session failed at HostAuthenticationPhase \nSend: {mutualAuthenticationApdu}\nRecived apdu: {response}"); } _sessionStatus = SessionStatus.MutualAuthenticationPhase; return(response); }
public SEPDESFireReadDataResponse(byte[] data) { DataRaw = data; DataHexString = data != null?BinaryHelper.ConvertBytesToOctetString(data) : null; }
private string GetComplement(string data) { byte[] result = GetComplement(BinaryHelper.ConvertOctetStringToBytes(data)); return(BinaryHelper.ConvertBytesToOctetString(result)); }
public void Establish(byte[] masterKey, byte keyNumber) { string key = BinaryHelper.ConvertBytesToOctetString(masterKey); Establish(key, keyNumber); }
public void Establish(byte[] key, byte keySlot) { Establish(BinaryHelper.ConvertBytesToOctetString(key), keySlot); }
public string Transmit(string apdu) { var response = Transmit(BinaryHelper.ConvertOctetStringToBytes(apdu)).ToArray(); return(BinaryHelper.ConvertBytesToOctetString(response)); }
public string Control(ReaderControlCode controlCode, string dataBytes) { var response = Control(controlCode, BinaryHelper.ConvertOctetStringToBytes(dataBytes)).ToArray(); return(BinaryHelper.ConvertBytesToOctetString(response)); }
/// <inheritdoc /> /// <summary> /// Encrypts and sends given apdu command, returns decrypted response. /// </summary> /// <param name="apdu"></param> /// <returns></returns> public byte[] SendCommand(byte[] apdu) { return(BinaryHelper.ConvertOctetStringToBytes(SendCommand(BinaryHelper.ConvertBytesToOctetString(apdu)))); }
public string Transmit(ref IoRequest sendPci, ref IoRequest recivePci, string apdu) { var response = Transmit(ref sendPci, ref recivePci, BinaryHelper.ConvertOctetStringToBytes(apdu)).ToArray(); return(BinaryHelper.ConvertBytesToOctetString(response)); }
public byte[] SendCommand(byte[] command) { string response = SendCommand(BinaryHelper.ConvertBytesToOctetString(command)); return(BinaryHelper.ConvertOctetStringToBytes(response)); }