EMV Perso Summary
Summary
Work on EMV perso scripts recently, summarize a few points include Initialize Update, External Authenticate, Store Data.
For some detail data, can refer to my another blog entry GP(Global Platform) External authentication and MAC sending APDU.
INITIALIZE UPDATE
Initialize Update is used to begin the authentication with the applet or Card Manager. Data in will be the host challenge.
| CLA | INS | P1 | P2 | Lc | Data in | Le |
|---|---|---|---|---|---|---|
| 80h | 50h | Ker Set Version | 00h | 08h | Host Challenge | 00h |
Response data is as below,
| Field | Length(bytes) |
|---|---|
| Key Diversification Data | 10 |
| Key Set Version (01-7Fh) or FFh | 1 |
| SCP ID (02h) | 1 |
| Sequence Counter | 2 |
| Card Challenge | 6 |
| Card Cryptogram | 8 |
example as below,
<< 80500000080000000000000000
>> 611C
<< 00C000001C
>> 0000507101046E6C8B70FF0200072503683B31FAB7F4E8D8857D0CB4The host challenge data and response data will be used for external authentication.
EXTERNAL AUTHENTICATE
The External Authentication command authenticates the host to the current applet and open a secure channel to communicate to card. The command will include the security level.
| Field | Content | Length |
|---|---|---|
| CLA | ‘84’ | 1 |
| INS | ‘82’ | 1 |
| P1 | Security Level(see below table) | 1 |
| CLA | ‘00’ | 1 |
| CLA | ‘10’ | 1 |
| CLA | Host Cryptogram | 8 |
| CLA | C-MAC | 8 |
Security level P1,
| b8 | b7 | b6 | b5 | b4 | b3 | b2 | b1 | Description |
|---|---|---|---|---|---|---|---|---|
| 0 | 0 | 0 | 0 | 0 | 0 | 1 | 1 | Encryption and MAC |
| 0 | 0 | 0 | 0 | 0 | 0 | 0 | 1 | MAC |
| 0 | 0 | 0 | 0 | 0 | 0 | 0 | 0 | No Security |
Session Keys
| Session Key | IC Card Key | Derivation Data |
|---|---|---|
| SKUENC | KENC | ‘0182’|| sequence counter || ‘000000000000000000000000’ |
| SKUMAC | KMAC | ‘0101’|| sequence counter || ‘000000000000000000000000’ |
| SKUDEK | KDEK | ‘0181’|| sequence counter || ‘000000000000000000000000’ |
Continue with the first example, External Authentication command,
Random Data: 0000000000000000
ENC: 404142434445464748494A4B4C4D4E4F
MAC: 404142434445464748494A4B4C4D4E4F
DEK: 404142434445464748494A4B4C4D4E4F
Session ENC: A2268F71917EFE0F33CC6166E1154E27
Session MAC: 7A227D376A9DBE23AB50B7DCB45B2093
Session DEK: F39FCFB2383B09578723B8C2E03B2729
<< 848201001080F1BB4686D30DF9A0B8829AF3E87A16
>> 9000STORE DATA
The STORE DATA command is used to personalize the EMV applications. Multiple DGI(Data Grouping Identifier) may be sent in one STORE DATA command.
STORE DATA Command Coding
| Field | Content | Length |
|---|---|---|
| CLA | ‘84’ or ‘84’ | 1 |
| INS | ‘E2’ | 1 |
| P1 | See below table | 1 |
| P2 | Sequence Number | 1 |
| Lc | Length of Command data | 1 or 3 |
| DGI1 | Identifier of first data grouping | 2 |
| Length1 | Length of first data grouping | 1 or 3 |
| Data1 | First data to be stored | var. |
| DGIn | Identifier of n’th data to be stored | 2 |
| Lengthn | Length of n’th data grouping | 1 or 3 |
| Datan | n’th data to be stored | var. |
| C-MAC | Present if CLS = ‘84’ | 0 or 8 |
Coding of P1 in STORE DATA COMMAND
| b8 | b7 | b6 | b5-b1 | Meaning |
|---|---|---|---|---|
| x | Last STORE DATA command indicator | |||
| 1 | Last STORE DATA command | |||
| 0 | Not the last STORE DATA command | |||
| x | x | Encryption indicators: | ||
| 1 | 1 | All DGI encrypted under SKUDEK , session DEK, DES ECB algorithm | ||
| 0 | 0 | No DGI is encrypted | ||
| 0 | 0 | Application dependent | ||
| 1 | 0 | RFU | ||
| xxxxx | RFU |
DGI: 8201
Length: 48
Original Data: 588C13E98E5294BE0161E432F8B0E77A208D8AAC95A7D8091099AFEC687A72A59C0CB179A327DFB044F0BFAA21D6232E0C29C99BBAD8A735B3952007F49DF43C8000000000000000
Session DEK: 33C1D105492068CD86923711B29E6475
Encrypted: 6CF8E1732DE31C85318AB1549978C5D9D67C2CDE8668A4AEBFB36D2C766874B09D968A3DE64E0CE5C53A10F56B2818F4097804BCE8C27C4F9A6993B09C86D4FCC5D7FA98C3AEB6BE
<< 80E2600D4B8201486CF8E1732DE31C85318AB1549978C5D9D67C2CDE8668A4AEBFB36D2C766874B09D968A3DE64E0CE5C53A10F56B2818F4097804BCE8C27C4F9A6993B09C86D4FCC5D7FA98C3AEB6BE
>> 9000C-MAC Command
If CLA = ‘84’, it will require to calculate the C-MAC and append to the end of the APDU command. The calculation will be using the session MAC key generated at the External Authentication step, and the IV will be using the C-MAC value generated in last C-MAC computing. Refer to my another blog entry for detail, GP(Global Platform) External authentication and MAC sending APDU.
Example:
Session MAC Key: 7A227D376A9DBE23AB50B7DCB45B2093
IV: A0B8829AF3E87A16
<< 84E60C002C06A0000000031607A00000000316500E315041592E5359532E4444463031011002C900007CC1FECDA12AA91E
>> 6101
<< 00C0000001
>> 00
>> 9000 Reference
1,Blog Entry: GP(Global Platform) External authentication and MAC sending APDU
2, EMV Card Personalization Specification
3, GlobalPlatform Card Specification Version 2.2 March 2006