Menu
▾
▴
[Globalplatform-developers] R: [EXT] Re: Card Challenge generation on SCP93
|
From: Sette A. <ago...@te...> - 2020-12-01 09:01:04
|
Hi Karsten, I am sorry but I forgot one point which could be useful to better explain my problem: I would like to ask you, because it is not clear to us, if the card challenge is generated randomly or in a deterministic way with the AES128-CMAC. Thanks once again Kind Regards Agostino Sette Da: Sette Agostino Inviato: martedì 1 dicembre 2020 09:43 A: 'Karsten Ohme' <wid...@t-...>; glo...@li... Oggetto: R: [EXT] Re: [Globalplatform-developers] Card Challenge generation on SCP93 Hi Karsten, First of all thank you for the reply. I answer to your questions inline in your email. Kind Regards Agostino Sette Da: Karsten Ohme <wid...@t-...<mailto:wid...@t-...>> Inviato: lunedì 30 novembre 2020 23:05 A: glo...@li...<mailto:glo...@li...> Oggetto: [EXT] Re: [Globalplatform-developers] Card Challenge generation on SCP93 Hi, The test vector from the SCP03 test should be OK. [Agostino] Yes, it is. Could you describe your problem? [Agostino] I would like to understand how you obtain the card challenge, what parameters are used and if what I make to generate it is correct, in a very easy way. You are not able to replicate the result from the test with your own code? [Agostino] No, I am not able to replicate the result from the test with my own code. I try to clarify: if I use the host challenge and the card challenge derived from scp03Test.c, from that point on in the mutual authentication phase looks good. A part from host challenge, I would like to understand the card challenge generation, that's all. A step-by-step debugging of the scp03Test in e.g. Eclipse C/C++ IDE should give you all the intermediate steps so that you can compare the libraries and your result. [Agostino] I will try again but I haven't found a .project file for eclipse. Furthermore I am not using libraries at the moment. What is the goal? Implement the server side on a smart card? [Agostino] The goal is to implement both the server and the smart card side. Add support for a different programming language? [Agostino] The used programming language is C I think there are already OS projects for Java, Python and C. [Agostino] I will appreciate if you could suggest me OS projects for C. Karsten On 30/11/2020 15:21, Sette Agostino via Globalplatform-developers wrote: Hi, I am trying to develop my own SCP03 protocol and for this reason I cloned this git clone https://git.code.sf.net/p/globalplatform/git globalplatform-git as a starting point, first to understand how to proceed and then to check if what I did was correct. I verified almost everything except the Card Challenge, to be clear I would like to know how it is generated. As far a I know it should be generated as follows: Card challenge (8 bytes) (with PRNG): AES-CMAC (Key-ENC , 0x00 00 00 00 00 00 00 00 00 00 00 02 00 00 40 01 || context) "context": concat. of sequence counter (3 bytes) and AID of the application invoking the SecureChannel (5 to 16 bytes). Starting from the information on the file globalplatform/git/ci/master/tree/globalplatform/src/scp03Test.c I assumed that: 1. Key-ENC = {0xF9, 0x95, 0xD0, 0xA0, 0x69, 0x33, 0x5C, 0x7D, 0xF4, 0x2E, 0x59, 0x03, 0x17, 0xFF, 0xEA, 0x6D}; 2. Sequence counter = {0x00, 0x00, 0x15}; 3. AID = {0xA0, 0x01, 0x00, 0x01, 0x51, 0x41, 0x43, 0x4C}; The result card challenge, present on the same file into the "initializeUpdateResponse" is Card Challenge = {0xC4, 0x09, 0x32, 0xA6, 0xFE, 0xFE, 0xAE, 0xB2}; First of all, is all this correct? If yes, | context (00000000000000000000000200004001000015A00100015141434C) And the Key-ENC is (F995D0A069335C7DF42E590317FFEA6D) Where I am wrong or what I have forgot? Any help would be appreciated. Thanks in advance Kind Regards Agostino Sette _______________________________________________ Globalplatform-developers mailing list Glo...@li...<mailto:Glo...@li...> https://lists.sourceforge.net/lists/listinfo/globalplatform-developers |
