Page 2 of 2
Re: How to compute MAC
Posted: Fri Jan 19, 2018 6:40 am
by stanneraustin
This i know already.
http://xionghuilin.com/?p=326 this explain some part of puzzel.
i posted more details at here too
https://stackoverflow.com/questions/247 ... tools?rq=1still not returning valid C-MAC for another command then EXTERNAL AUTHENTICATE
Re: How to compute MAC
Posted: Tue Jan 23, 2018 3:45 am
by Tolice
For the EXTERNAL AUTHENTICATE command MAC verification, the ICV is set to zero
Re: How to compute MAC
Posted: Tue Jan 23, 2018 6:33 am
by stanneraustin
Ok i have solved issue.
ICV is what we got from external auth.
1) ICV is des ecb each time we going to use with first 8 byte session MAC. used as IV on next step.
2) now if data is less then 8 byte or 8 byte skip this. des cbc first 8 byte data with first 8 byte session mac key and IV = ICV result we have new ICV used as IV on next step
3) now last des cbc last 8 byte with full session mac 16 byte + first 8 byte session mac (to get 24bit) key with IV = ICV
right 8 byte is ur final result C-MAC
Only thing complex is make 24bit key out of 16 bytes was not well documented by globalplatform.
Thanks to every one, i hope this will help others.
Re: How to compute MAC
Posted: Sun Jan 28, 2018 10:28 pm
by whitexiao
stanneraustin wrote:Ok i have solved issue.
ICV is what we got from external auth.
1) ICV is des ecb each time we going to use with first 8 byte session MAC. used as IV on next step.
2) now if data is less then 8 byte or 8 byte skip this. des cbc first 8 byte data with first 8 byte session mac key and IV = ICV result we have new ICV used as IV on next step
3) now last des cbc last 8 byte with full session mac 16 byte + first 8 byte session mac (to get 24bit) key with IV = ICV
right 8 byte is ur final result C-MAC
Only thing complex is make 24bit key out of 16 bytes was not well documented by globalplatform.
Thanks to every one, i hope this will help others.
It's really a good sharing, I'm also learning smart card. Thank you.