snooper脚本计算gp scp 01认证

// Host challenge (HC):

hc                              = 42 BE 93 29 54 7D B1 F9

 

auth_level                      = 00

init_cmd                        = 80 50 $auth_level 00 08 42 BE 93 29 54 7D B1 F9 1C

 

init_resp                       = 00 00 31 19 32 01 18 16 23 5D 01 01 8E 5F 21 90 90 8C BA 34 A1 93 A7 B1 35 91 56 47 90 00

 

// Diversification data of keys

diversification_data_of_keys    = mid( $init_resp, 0, 10 )

 

// Keys information: 01 01 (keyset=1 & version=1)

keys_information                = mid( $init_resp, 10, 2 )

 

// Card challenge (CC): 8E 5F 21 90 90 8C BA 34

cc                              = mid( $init_resp, 12, 8 )

 

// Card cryptogram: A1 93 A7 B1 35 91 56 47

card_cryptogram                 = mid( $init_resp, 20, 8 )

 

? "分析 diversification data of keys"

// 2 last bytes of AID Card Manager or AID Security Domain: 00 00

 

// IC Fabrication Date: 31 19

// IC Serial Number: 32 01 18 16

// IC Batch Identifier: 23 5D

2_last_aid                      = mid( $diversification_data_of_keys, 0, 2 )

ic_fabrication_date             = mid( $diversification_data_of_keys, 2, 2 )

ic_serial_number                = mid( $diversification_data_of_keys, 4, 4 )

ic_batch_identifier             = mid( $diversification_data_of_keys, 8, 2 )

 

 

key                             = 40 41 42 43 44 45 46 47 48 49 4A 4B 4C 4D 4E 4F

 

kdc                             = $2_last_aid $ic_serial_number f0 02 $2_last_aid $ic_serial_number 0f 02

 

kdcmac                          = 3des_encode_ecb( $kdc, $key )

if $kdcmac != B66780AA689F56C8785171DB990317DE

    ?

    pause

endif

 

kdc                             = $2_last_aid $ic_serial_number f0 01 $2_last_aid $ic_serial_number 0f01

 

kdcenc                          = 3des_encode_ecb( $kdc, $key )

if $kdcenc != 5ECF992F735B3782830335AF8D99E4F8

    ?

    pause

endif

 

cc1                             = left( $cc, 4 )

cc2                             = right( $cc, 4 )

hc1                             = left( $hc, 4 )

hc2                             = right( $hc, 4 )

 

kscmac                          = 3des_encode_ecb( $cc2 $hc1 $cc1 $hc2, $kdcmac )

if $kscmac != 42560E63B5DDD23D50F2002C360BEE7E

    ?

    pause

endif

 

kscenc                          = 3des_encode_ecb( $cc2 $hc1 $cc1 $hc2, $kdcenc )

if $kscenc != 9BDBE1C5795E78C275B0D8AF2F73DCF7

    ?

    pause

endif

 

// CardCryptogram = 3DES-CBC (HC + CC + Padding, KSCenc)

card_cryptogram                 = 3des_encode_cbc( , $hc $cc 80, $kscenc )

card_cryptogram                 = right( $card_cryptogram, 8 )

if $card_cryptogram != A193A7B135915647

    ?

    pause

endif

 

// CH = 3DES-CBC (CC + HC + Padding, KSCenc)

ch                              = 3des_encode_cbc( 00, $cc $hc 80, $kscenc )

ch                              = right( $ch, 8 )

 

auth_command                    = 84 82 $auth_level 00 10 $ch

mac                             = 3des_encode_cbc( , $auth_command 80, $kscmac )

mac                             = right( $mac, 8 )

 

 

auth_command                    = $auth_command $mac