Differences
This shows you the differences between two versions of the page.
|
ac:laboratoare:09 [2024/12/15 06:13] dimitrie.valu [5. Transaction authentication (2p)] |
ac:laboratoare:09 [2024/12/15 06:42] (current) dimitrie.valu |
||
|---|---|---|---|
| Line 300: | Line 300: | ||
| 9000 = Operation successful, no more information. | 9000 = Operation successful, no more information. | ||
| </code> | </code> | ||
| + | |||
| + | **The response is concluded with 9000, meaning the operation was successful. This data will be sent to the issuer for further authentication.** | ||
| </solution> | </solution> | ||
| ==== MAC generation (Bonus) (2p) ==== | ==== MAC generation (Bonus) (2p) ==== | ||
| Line 319: | Line 321: | ||
| </note> | </note> | ||
| - | <hidden> | + | <solution -hidden> |
| - | ==== Getting data from your card ==== | + | We should allow students to select the data somewhat arbitrarily as it's not **entirely** provided in the exercises above, as per the minimum spec mentioned in EMV Book 2, page 87, section 8.1.1, table 28. |
| - | First, get pyscard from | + | <code python> |
| - | [[https://pypi.python.org/pypi/pyscard|here]]. | + | from Crypto.Cipher import DES3 |
| + | from Crypto.Util.Padding import pad | ||
| - | Then, install pyscard (check the readme). Do the following (as root): | + | master_key = bytes.fromhex("79610497EFCB67E5546EF8CEBCB05D85") |
| - | * Install pcsclite-dev: | + | aip = bytes.fromhex("1000") |
| - | <code> | + | |
| - | sudo apt-get install libpcsclite-dev | + | |
| - | </code> | + | |
| - | * Only if the above doesn't work, then install these packages: | + | |
| - | <code> | + | |
| - | #apt-get install swig libudev-dev git autoconf libtool libsystemd-dev flex | + | |
| - | </code> | + | |
| - | * Get and install Pyscard from [[https://pypi.python.org/pypi/pyscard|here]] | + | |
| - | <code> | + | |
| - | #python setup.py build_ext install | + | |
| - | </code> | + | |
| - | * Install Pyserial | + | |
| - | <code> | + | |
| - | #sudo pip install pyserial | + | |
| - | </code> | + | |
| - | If this doesn't work, then get pyserial from [[https://pypi.python.org/pypi/pyserial#downloads|here]] | + | |
| - | * Install pcsc related libs: | + | |
| - | <code> | + | |
| - | sudo apt-get install libusb-dev libusb++-0.1-4v5 libccid pcscd libpcsclite1 | + | |
| - | </code> | + | |
| - | * Only if desired, additional tools can be installed from here: | + | |
| - | <code> | + | |
| - | #apt-get install libpcsc-perl | + | |
| - | #apt-get install pcsc-tools | + | |
| - | </code> | + | |
| - | See details [[http://support.gemalto.com/fileadmin/user_upload/IAM/FAQ/How_to_install_the_PC-Link_reader_on_Linux.pdf|here]]. | + | |
| + | # concatenation of amount authorised and amount other, | ||
| + | # terminal country code, transaction currency code, | ||
| + | # transaction date, transaction type, | ||
| + | # unpredictable number, given AIP and the ATC | ||
| + | # we aren't given the terminal verification results, | ||
| + | # so I assumed that it's gonna be 5 * b'00' | ||
| + | transaction_data = bytes.fromhex( | ||
| + | "00000000000000000000000008000000000000000000000034000000000000000010000134" | ||
| + | ) # from task 5 | ||
| + | # 3DES block size is 8 bytes | ||
| + | padded_data = pad(transaction_data, 8) | ||
| - | Files for accessing card data [[https://ocw.cs.pub.ro/courses/_media/ac/laboratoare/sclink.zip|here]]. | + | # 3DES encryption |
| - | </hidden> | + | cipher = DES3.new(master_key, DES3.MODE_ECB) |
| + | mac = cipher.encrypt(padded_data) | ||
| + | |||
| + | mac = mac.hex() | ||
| + | print(mac) | ||
| + | </code> | ||
| + | </solution> | ||
