Peter Koch wrote:
Hi all!
I'm trying to do an EXTERNAL AUTHENTICATE against a CardOS 4.01 card.
Requesting the challenge is easy. But how do I calculate the response?
Here's an example that I captured with an USB-sniffer:
APDU 1: 00840000 08, Response 584eb56f6d9f13c5 9000
APDU 2: 00820081 08 cdddb92642a38d3b, Response 9000
Does anybody know how response cdddb92642a38d3b was calculated
from challenge 584eb56f6d9f13c5 using PIN 123456.
sure that a normal pin is used (or is this a DES key which
somehow needs to be enlarged to 64 bits) ?
I have already tried stuff like
echo -en '\x58\x4e\xb5\x6f\x6d\x9f\x13\xc5' |\
openssl enc -des-ede3-ofb -K 313233343536 -iv 0 |\
od -tx1
with different cyphers. Unfortunately I don't know what IV-value
must be used. Any ideas?
afaik this cannot work as the cardos m4.01a either uses public
key cryptography or a MAC calculation for EXTERNAL AUTHENTICATE.
As the response is 8 bytes long I would guess that a MAC
algorithm is used in your case (hence either a [i]MAC or a
[i]3MAC (the 'i' specifies whether ISO-padding or not is used)).
As [3]DES key is needed in this case it would be interesting how
the full key is derived ... Perhaps the application which created
the above APDUs could be helpful to answer these questions ;-)
Nils
_______________________________________________
opensc-devel mailing list
[EMAIL PROTECTED]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
