private void ComputeSessionKeys(JavaCardKeys keys, ByteArray terminalRandom, ByteArray cardRandom)
{
//scp01
ByteArray dataDiversifier = cardRandom.LSB(4) + terminalRandom.MSB(4) + cardRandom.MSB(4) + terminalRandom.LSB(4);
_sessionKeys = new JavaCardKeys();
_sessionKeys.AuthEncKey = dataDiversifier.EncodeAsData(keys.AuthEncKey, new ByteArray(8), PaddingMode.None, CipherMode.ECB);
_sessionKeys.SignKey = dataDiversifier.EncodeAsData(keys.SignKey, new ByteArray(8), PaddingMode.None, CipherMode.ECB);
_sessionKeys.KEKKey = keys.KEKKey;
Logger.Log("[JavaCard] Liczenie kluczy sesyjnych\n{0}:\t{1}\n{2}:\t{3}\n{4}:\t{5}", "Auth/Enc", _sessionKeys.AuthEncKey, "Mac", _sessionKeys.SignKey, "Kek", _sessionKeys.KEKKey);
}
private ByteArray GenerateExAuthMAC(ByteArray command, ByteArray terminalCryptogram)
{
ByteArray input = command.Extract(0, 5) + terminalCryptogram + new ByteArray("80 00 00");
ByteArray result = input.EncodeAsData(_sessionKeys.SignKey, new ByteArray(8), PaddingMode.None, CipherMode.CBC);
return(result.LSB(8));
}
private ByteArray MacData(ByteArray toMac)
{
AddPaddingISO9797_2(toMac);
//szyfrujemy
ByteArray macData = toMac.EncodeAsData(_sessionKeys.SignKey, _lastMAC, PaddingMode.None, CipherMode.CBC);
return(macData);
}
private ByteArray EncryptData(ByteArray toEncrypt)
{
AddPaddingISO9797_2(toEncrypt);
//szyfrowanie
ByteArray encryptedData = toEncrypt.EncodeAsData(_sessionKeys.AuthEncKey, new ByteArray(8), PaddingMode.None, CipherMode.ECB); //było CBC
return(encryptedData);
}
/// <summary>
/// Dywersyfikuje klucze CM metodą GPIC_Serial
/// </summary>
/// <param name="motherKey">Klucz matka do dywersyfikacji</param>
/// <param name="initUpdateResponse"> </param>
/// <returns>Klucze Auth, Sign, KEK</returns>
public JavaCardKeys GPICSerialDiversificate(ByteArray motherKey, ByteArray initUpdateResponse)
{
ByteArray diversificationData = initUpdateResponse.Extract(0, 2) + initUpdateResponse.Extract(4, 4);
ByteArray[] keys = new ByteArray[3];
ByteArray authEncDivData = diversificationData + new ByteArray("f0 01") + diversificationData + new ByteArray("0f 01");
keys[0] = authEncDivData.EncodeAsData(motherKey, new ByteArray(8), PaddingMode.None, CipherMode.ECB);
ByteArray sigDivData = diversificationData + new ByteArray("f0 02") + diversificationData + new ByteArray("0f 02");
keys[1] = sigDivData.EncodeAsData(motherKey, new ByteArray(8), PaddingMode.None, CipherMode.ECB);
ByteArray kekDivData = diversificationData + new ByteArray("f0 03") + diversificationData + new ByteArray("0f 03");
keys[2] = kekDivData.EncodeAsData(motherKey, new ByteArray(8), PaddingMode.None, CipherMode.ECB);
return(new JavaCardKeys(keys));
}
private void ComputeSessionKeys2(JavaCardKeys keys, ByteArray terminalRandom, ByteArray cardRandom)
{
_sessionKeys = new JavaCardKeys();
ByteArray dataDiversifierAuthEnc = new ByteArray("0182") + cardRandom.MSB(2) + new ByteArray(12);
_sessionKeys.AuthEncKey = dataDiversifierAuthEnc.EncodeAsData(keys.AuthEncKey, new ByteArray(8), PaddingMode.None, CipherMode.CBC);
ByteArray dataDiversifierSignC = new ByteArray("0101") + cardRandom.MSB(2) + new ByteArray(12);
_sessionKeys.SignKeyC = dataDiversifierSignC.EncodeAsData(keys.SignKey, new ByteArray(8), PaddingMode.None, CipherMode.CBC);
ByteArray dataDiversifierSignR = new ByteArray("0102") + cardRandom.MSB(2) + new ByteArray(12);
_sessionKeys.SignKeyR = dataDiversifierSignR.EncodeAsData(keys.SignKey, new ByteArray(8), PaddingMode.None, CipherMode.CBC);
ByteArray dataDiversifierKEK = new ByteArray("0181") + cardRandom.MSB(2) + new ByteArray(12);
_sessionKeys.KEKKey = dataDiversifierKEK.EncodeAsData(keys.KEKKey, new ByteArray(8), PaddingMode.None, CipherMode.CBC);
Logger.Log("[JavaCard] Liczenie kluczy sesyjnych\n{0}:\t{1}\n{2}:\t{3}\n{4}:\t{5}\n{6}:\t{7}", "Auth/Enc", _sessionKeys.AuthEncKey, "Mac-C", _sessionKeys.SignKeyC, "Mac-R", _sessionKeys.SignKeyR, "Kek", _sessionKeys.KEKKey);
}
