Hi Nils > sure that a normal pin is used (or is this a DES key which > somehow needs to be enlarged to 64 bits) ?
Of course a key is needed to calculate the response. I assumed that this key was caluclated from the PIN by just 0-padding it. > > I have already tried stuff like > > > > echo -en '\x58\x4e\xb5\x6f\x6d\x9f\x13\xc5' |\ > > openssl enc -des-ede3-ofb -K 313233343536 -iv 0 |\ > > od -tx1 > > > > with different cyphers. Unfortunately I don't know what IV-value > > must be used. Any ideas? > > afaik this cannot work as the cardos m4.01a either uses public > key cryptography or a MAC calculation for EXTERNAL AUTHENTICATE. > As the response is 8 bytes long I would guess that a MAC > algorithm is used in your case (hence either a [i]MAC or a > [i]3MAC (the 'i' specifies whether ISO-padding or not is used)). > As [3]DES key is needed in this case it would be interesting how > the full key is derived ... Perhaps the application which created > the above APDUs could be helpful to answer these questions ;-) Do you know of any docs that describe the [i][3]MAC Algorithm? I looked into the CardOS manual and there are some pictures only, which I don't understand. Can openssl do [i][3]MAC-calculations? Or any other software? Peter _______________________________________________ opensc-devel mailing list [email protected] http://www.opensc-project.org/mailman/listinfo/opensc-devel
