Versions Compared

Old Version 5

changes.mady.by.user Alexandre Munsch

Saved on

compared with

New Version 6

changes.mady.by.user Alexandre Munsch

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The format of the partial PIN block cryptogram is:

...

E(PIN block) = IDLength||ID(Kpin-pub)||ERSA-OAEP-SHA-1(Kpin-pub, Kpin-session)||Eaes-ecb(Kpin-session, pin-block)

...

Note

The format of the PIN block cryptogram changed staring secure client v1.0.9

Object

Length (bytes)

Comments

RSA Key ID length

12

Length of the key ID (MSB)

RSA Key ID

var

RSA key ID used for the session key encryption

Encrypted KEK length

2

Length of the encrypted KEK (MSB - should be 512)

Encrypted KEK

256512

Encrypted KEK block:

  • encrypted with RSA key (RSA/ECB/OAEPWithSHA-256AndMGF1Padding)

  • cleartext contains the KEK (16 bytes) and the IV (16 bytes)

Encrypted pseudo PIN block length

2

Length of the encrypted PIN block (MSB - should be 16)

Encrypted pseudo PIN block

16

Encrypted pseudo PIN block:

  • encrypted with KEK key (AES/CBC/NoPadding)

  • cleartext contains the pseudo PIN block (see below)

HMAC Key ID length

2

Length of the HMAC key ID (MSB)

HMAC Key ID

var

HMAC key ID used for the checksum calculation

HMAC length

2

Length of the HMAC checksum (MSB - should be 32)

HMAC

32

AES-CBC-256 checksum

The pseudo PIN block is encoded in the following way:

...

0

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

0xB9

0x6F

0x4A

0x31

0x06

0x9E

0x73

0x48

0x9A

0xA7

0xD3

0x60

0xD1

0x62

0xE3

0xD4

Example

Below is an example of data received after a successful PIN entry:

Code Block
07544553544b45592cc79bfa8faf135681df750ad36f2bc347c48ba49f6a3d7d17df442f46edee2783b5f
f0b6e82d5f8be7eb47063a992f6e43f1303dc715eb1049b03a4465358485276304d3165e9bb877c864693
7813dbb396b97a3570564e818c5df82b073a950022badb8c39ecf50e1366fb0bcc8e9474bc1bedba5da3d
feb298a300c90fd5b5c7cfc0f3ca88b6239fdf120a96083a22e0ce319c628b309519d9f1eaa675dd433d0
e7e5e8dbed56fc293431f7e5f57e76e9bd6930c89e268f07996f2275e76363250b437137942c0e42a5d83
b60a56862ad67d11254f1557eaeecc583f51d88719bcad3b09b262459a5a12ab30b18b02101cb17980749
78f429eb06ad64439914b18234b1c80f9040f1649f1a2894e7

Which can be split into:

  • The key ID length:

Code Block
07

  • The key ID:

Code Block
544553544b45

  • The encrypted KEK:

Code Block
2cc79bfa8faf135681df750ad36f2bc347c48ba49f6a3d7d17df442f46edee2783b5ff0b6e82d5f8be7eb
47063a992f6e43f1303dc715eb1049b03a4465358485276304d3165e9bb877c8646937813dbb396b97a35
70564e818c5df82b073a950022badb8c39ecf50e1366fb0bcc8e9474bc1bedba5da3dfeb298a300c90fd5
b5c7cfc0f3ca88b6239fdf120a96083a22e0ce319c628b309519d9f1eaa675dd433d0e7e5e8dbed56fc29
3431f7e5f57e76e9bd6930c89e268f07996f2275e76363250b437137942c0e42a5d83b60a56862ad67d11
254f1557eaeecc583f51d88719bcad3b09b262459a5a12ab30b18b02101cb1798074978f429eb06ad6443
99

  • The encrypted pseudo PIN-block:

Code Block
14b18234b1c80f9040f1649f1a2894e7

Applying an RSA decryption (RSA/ECB/OAEPWithSHA-256AndMGF1Padding) on the “encrypted KEK” block will lead to:

  • The KEK:

Code Block
7df1d2d78e33346c316c5099d4a7857b

  • The IV:

Code Block
00000000000000000000000000000000

Applying a AES decryption (AES/CBC/NoPadding) on the “encrypted pseudo PIN-block” will provide the following pseudo PIN block data:

Code Block
4ef90b543d09a8151fcefe0058585858

...