abc
Reputation: 1
Using 32byte keys establish platform scp03 secure channel
I want establish a scp03 secure channel.
My static keys are of length 32bytes or 256bits
Using 32 byte keys I want to generate session keys according to scp03 protocol, when I tried implementing after generating session keys when I use the generate mac key to verify card cryptogram it is failing.
Following are steps that I have implemented:
- Initialize update
- Generate session keys. According to diversification scheme input for session-enc - 11(0's)+derivation constant(0x04-enc,0x06-mac,0x07-rmac)+00(separation indicator)+0x0100(L value bcz 32 byte key length)+0x02+hostchallange(8 bytes)+card challenge(8 bytes) -- total 32 bytes
This is how I generate enc, mac, r-mac keys
- Verify card cryptogram - I use 16byte generated mac key and applied derivation scheme. When I am verifying the card cryptogram which is 8 bytes the comparison is failing.
Can I know the proper values to generate session keys and verify card cryptogram
Upvotes: 0
Views: 129
Answers (1)
k_o_
Reputation: 6298
globalplatform for c on GitHub can do this. There might be also a test case in a file scp03Test.c
Upvotes: 0
Related Questions
- Using Boolean values in C
- Why my SIMCard returns 6985 to EXTERNAL AUTHENTICATE APDU Command?
- How does "Visa2" key diversification works in Gemalto cards and in GPP tool?
- How to create secret session keys (S-ENC, S-MAC and S-DEK) using card-challenge and card-cryptogram?
- SCP03 C-DECRYPTION process : ICV generation algorithm and mode
- AES CMAC calculation - output length for host cryptogram incorrect length
- Visa2 Key Diversification and JCOP Tools