Question about implementing SCP02

[mssmedia]

Hi

I am trying to authenticate with a SCP02 card but cannot recreate all the final value needed to send back as part of the host challenge.

I used gp.exe in debug mode using the card keys and it completes all the way through with my cap file. I took those values from debug to try and recrate the encryption process.

Send: 00A40400 00
Recv: 6F108408A000000151000000A5049F6501FF [9000]

#Send Card Challenege APDU
Send: 80500000 08 A03A2545CE0CCB54 00
Recv: 00001294132163202049 FF02 0006 3A4DAFDC5E83 877E058D87E1D9C4 [9000]

KDD: 00001294132163202049
SSC: 0006
Host challenge: A03A2545CE0CCB54
Card challenge: 00063A4DAFDC5E83

Verified card cryptogram: 877E058D87E1D9C4
Calculated host cryptogram: C77FF05783002E7D

I have managed to calculate all of the values to this point and need to send the challenge response back to the card to get an authenticated session.

The response the debug sends back is:

84820100 10 C77FF05783002E7D 462CA867FE725100 00

So the first part if the calculated host cryptogram but I cannot seem to fathom out how to calculate the second block of bytes.

The GP documentation says this is retail MAC and I have found umpteen supposed algorithms that suggest they are providing this within ISO 9797-1.

I have managed to generate the session keys to the same value from the card transport keys and I am using the generated MAC session key (16 bytes) as the suggested key.

I have tried:

• just the raw host cryptogram
• prefixing with the APDU command of 80 82 01 00 08 C77FF05783002E7D
• prefix with the APDU command and suffixing with padding: 80 82 01 00 0B C77FF05783002E7D 80 00 00
• using the CLA of 84, but the docs suggest this is done after calculating the MAC
• using the BouncyCastle library in my app in a similar manner to the GP.exe but this needs a whole new level of learning to incorporate.

But I just cannot generate this value.

Essentially, I have a c# app that I need to use to load the cap file onto the card but I just cannot seem to deduce this one value.

I have tried multiple DES libraries and I just know I am doing something simple and obviously wrong but I just cannot see it.

I would be very grateful for anyone who can spot my idiocy here.

Thank you.

[martinpaljak]

re-phrased your question, as it is NOT about GlobalPlatformPro.