EMV Issuer Public Key exponent missing, but needed

Question

i am trying to implement the retrieval of EMV Issuer's Public key according to the specification EMV4.3 Book2. I have been able to decrypt the issuer's public key certificate.

I need to concatenate the Certificate Format through Issuer Public Key + Issuer Public Key Remainder (if present) and finally the Issuer Public key Exponent.

I tried reading the Issuer Public Key Exponent from the Application Data and could not find it. In my recovered data decrypted from the Public Key certificate i can see the length of the exponent=1.

When i check this site

https://www.eftlab.co.uk/index.php/site-map/knowledge-base/243-ca-public-keys

I can see e.g. VISA with Issuer's RID, RID Index, Exponent, Modulus, Key length etc.

Does that mean, each terminal should have the modulus, RID, Index and also the Exponent?. If yes where is it in the specification?.

Can anyone tell me where i need to get the exponent from. I feel like i am missing something from the Specification.

Thanks Derick

Answer 1

I found my error. I missed some important records due to a bug in my code. So i was not reading the records which contain the issuer public key remainder and Exponent. So concatenating as in EMV book 2 Chapter 5.3 point 5, was not complete as i did not have the Public Key Remainder and exponent. So calculating the SHA1 digest always gave me a wrong result.

Answer 2

I have released an EMV payment framework (https://github.com/vicente-da-silva/dcemv), what you need is implemented in the VerifySAD.cs file of the DCEMV_EMVProtocol project.

Answer 3

A simple answer to it will be to download Contact specification Book 2 ( Security and Key Management) and read sections 5 and 6 with utmost attention. You need to show what you have done so far for us to understand what you are missing.

Yes terminal need to store the CA PK with Index for all the RID it supports. Most of them you can find in the link you showed, but better to get it from the CAs itself.