Page 1 of 1

How can I use MAC session key without card challenge value?

Posted: Fri Dec 11, 2015 2:08 am
by Marshaldll
As GP 2.2.1 described, the pseudo random is generated as follows:

- The AID of the Application requesting to open the Secure Channel is padded according to the
padding rules defined in appendix B.4 - DES Padding;
- A MAC is calculated across the padded data as defined in appendix B.1.2.2 - Single DES Plus
Final Triple DES MAC , using the C - MAC session key and an ICV of binary zeroes;
- The six leftmost bytes of the resultant MAC constitute the card challenge.

How can I use MAC session key without card challenge value? Could anyone help me out?

Re: How can I use MAC session key without card challenge value?

Posted: Sun Dec 20, 2015 11:44 pm
by horse dream
As far as I know, MAC session keys are generated after receiving card challenge value!

Re: How can I use MAC session key without card challenge value?

Posted: Mon Dec 21, 2015 4:50 am
by UNKNwYSHSA
Specification GlobalPlatform Card Specification 2.2.1 said:
Generating the Secure Channel C-MAC session keys using the Secure Channel base key or
MAC key (S-MAC) and the session keys derivation data with a constant of '0101';

Key Derivation data is consists with:

Code: Select all

Constant(2 bytes) + Sequence Coutner(2 bytes) + '00' Padding(12 bytes)

So, this type of Card Challenge (said as Pseudo-random number) can be generated without Card Challenge.
And, other type of Card Challenge is a random. It is generated without the C-MAC session key.