Init Update is used in authenticate and deriveKeys,
deriveKeys is slightly secret - the jcManager code. on which this is based, omits the derive routine.
So its nowhere on the internets.
The Derivation routine was passed to us in a silly kind of hush-hush way - we got sent a jpg of a torn page of the specs ...
(derived means that each card modifies the master keys using some unique cardID.
Its not actually secret, nor covered by NDA, so offer me a job and I'll bring it.
static String CMAID = "A000000003000000"; // Card Manager
public static byte[] initUpdate() // uses globals CMAID, Cardch
{
// print("\n Select Card Manager " + CMAID) ;
byte[] selectAPDU = Uti.asHex("00 A4 04 00 08 A0 00 00 00 03 00 00 00 "); // Le 00 not present
// put CMAID into Select: if CMAID never changes these2 lines redundant:
byte[] issuerDomain = Uti.asHex(CMAID);
System.arraycopy(issuerDomain,0,selectAPDU,5,8);
ResponseAPDU respa = Terminal.sendAPDU(selectAPDU, Cardch); // CardChannel
if (respa.getSW() != 0x9000)
{
print(" SW " + Uti.serrcode(respa.getSW()) ); // translate error code
return null;
}
/**
// print("\n Select Card Manager APDU response (Horrid ASN.1) " + Uti.asString(respa.getData()));
'6F' File Control Information (FCI template) Mandatory
'84' Application / file AID Mandatory
'A5' Proprietary data Mandatory
'73' Security Domain Management Data (see Appendix F for detailed coding) Optional
'9F6E' Application production life cycle data Optional
'9F65' Maximum length of data field in command message Mandatory
**/
hostChallenge = new byte[8];
Random rnd = new Random();
rnd.nextBytes(hostChallenge);
byte[] initUpdateAPDU = Uti.asHex("8050 0000 08 00000000 00000000 ");
System.arraycopy(hostChallenge, 0, initUpdateAPDU, 5, 8);
respa = Terminal.sendAPDU(initUpdateAPDU, Cardch);
if (respa.getSW() == 0x6982) // SW_SECURITY_STATUS_NOT_SATISFIED
{
print(" SW_SECURITY_STATUS_NOT_SATISFIED ");
print(" Keys incorrect?, not derived? Derived when they oughtnt be?");
return null;
}
else if(respa.getSW() != 0x9000)
{
print(" SW " + Uti.serrcode(respa.getSW()));
return null;
}
return respa.getData(); // 28 bytes
}
______________________________
Sydney Oyster/Opal 2014 $1B
Sydney's version of a universal public transport card .. will be called Opal...
The card will first be introduced on Sydney Ferries by December next year, she said.
.. following year it will be trains, the following year after that it will be buses " ..
She said the system had been bought from and would be operated by the people behind London's Oyster card, and would cost just over $1 billion. NSW Transport Minister Gladys Berejiklian says.
September 13, 2011 AP
smh
________________________________________________________
No comments:
Post a Comment