53 static const BYTE ICV[8] = {0};
54 static const BYTE SCP03_ICV[32] = {0};
58 DWORD messageLength,
BYTE chainingValue[16],
66 BYTE keyCheckValue[3]);
73 PDWORD encryptedDataLength);
83 BYTE keyCheckValue[3]);
87 BYTE hostChallenge[8],
BYTE sessionKey[16]);
91 BYTE sequenceCounter[2],
BYTE sessionKey[16]);
95 char *passPhrase,
BYTE signature[128]);
103 BYTE cardChallenge[8],
104 BYTE hostChallenge[8],
105 BYTE cardCryptogram[8]);
109 BYTE sequenceCounter[2],
110 BYTE cardChallenge[6],
111 BYTE hostChallenge[8],
112 BYTE cardCryptogram[8]);
116 BYTE cardChallenge[8],
117 BYTE hostChallenge[8],
118 BYTE hostCryptogram[8]);
122 BYTE sequenceCounter[2],
123 BYTE cardChallenge[6],
124 BYTE hostChallenge[8],
125 BYTE hostCryptogram[8]);
129 BYTE hostChallenge[8],
BYTE sessionKey[32]);
134 BYTE sequenceCounter[3],
136 DWORD invokingAIDLength,
137 BYTE cardChallenge[8]);
142 BYTE cardChallenge[8],
143 BYTE hostChallenge[8],
144 BYTE cardCryptogram[8]);
149 BYTE cardChallenge[8],
150 BYTE hostChallenge[8],
151 BYTE hostCryptogram[8]);
161 DWORD responseDataLength,
PBYTE unwrappedResponseData,
172 DWORD *encryptionLength);
176 BYTE receipt[16],
BYTE receiptKey[32],
DWORD keyLength,
BYTE secureChannelProtocol);
184 DWORD cardUniqueDataLength,
186 PBYTE executableLoadFileAID,
DWORD executableLoadFileAIDLength,
187 PBYTE applicationAID,
DWORD applicationAIDLength,
BYTE secureChannelProtocol);
191 DWORD cardUniqueDataLength,
197 DWORD cardUniqueDataLength,
199 PBYTE executableLoadFileAID,
DWORD executableLoadFileAIDLength,
200 PBYTE securityDomainAID,
DWORD securityDomainAIDLength,
BYTE secureChannelProtocol);
OPGP_NO_API OPGP_ERROR_STATUS calculate_MAC(BYTE sessionKey[16], BYTE *message, DWORD messageLength, BYTE icv[8], BYTE mac[8])
Definition: crypto.c:980
OPGP_NO_API OPGP_ERROR_STATUS calculate_card_cryptogram_SCP02(BYTE S_ENCSessionKey[16], BYTE sequenceCounter[2], BYTE cardChallenge[6], BYTE hostChallenge[8], BYTE cardCryptogram[8])
Definition: crypto.c:579
OPGP_NO_API OPGP_ERROR_STATUS calculate_host_cryptogram_SCP01(BYTE S_ENCSessionKey[16], BYTE cardChallenge[8], BYTE hostChallenge[8], BYTE hostCryptogram[8])
Definition: crypto.c:669
OPGP_NO_API OPGP_ERROR_STATUS calculate_MAC_right_des_3des(BYTE key[16], BYTE *message, DWORD messageLength, BYTE mac[8])
Calculates a MAC using first DES and 3DES for the final round when the padding is applied.
Definition: crypto.c:2192
OPGP_NO_API OPGP_ERROR_STATUS calculate_key_check_value(GP211_SECURITY_INFO *secInfo, BYTE keyType, PBYTE keyData, DWORD keyDataLength, BYTE keyCheckValue[3])
Definition: crypto.c:1364
OPGP_NO_API OPGP_ERROR_STATUS create_session_key_SCP03(BYTE key[32], DWORD keyLength, BYTE derivationConstant, BYTE cardChallenge[8], BYTE hostChallenge[8], BYTE sessionKey[32])
Definition: crypto.c:826
OPGP_NO_API OPGP_ERROR_STATUS calculate_card_cryptogram_SCP03(BYTE S_MACSessionKey[32], DWORD keyLength, BYTE cardChallenge[8], BYTE hostChallenge[8], BYTE cardCryptogram[8])
Definition: crypto.c:610
OPGP_NO_API OPGP_ERROR_STATUS calculate_rsa_signature(PBYTE message, DWORD messageLength, OPGP_STRING PEMKeyFileName, char *passPhrase, BYTE signature[128])
Definition: crypto.c:1098
OPGP_NO_API OPGP_ERROR_STATUS read_public_rsa_key(OPGP_STRING PEMKeyFileName, char *passPhrase, BYTE rsaModulus[128], LONG *rsaExponent)
Reads a public RSA key from a file.
Definition: crypto.c:2017
OPGP_NO_API OPGP_ERROR_STATUS calculate_sha1_hash(PBYTE message, DWORD messageLength, BYTE hash[20])
Calculates a SHA-1 hash.
Definition: crypto.c:2181
OPGP_NO_API OPGP_ERROR_STATUS GP211_check_R_MAC(PBYTE apduCommand, DWORD apduCommandLength, PBYTE responseData, DWORD responseDataLength, PBYTE unwrappedResponseApdu, PDWORD unwrappedResponseApduLength, GP211_SECURITY_INFO *secInfo)
Checks the R-MAC of an APDU with the necessary security information according to secInfo.
Definition: crypto.c:1950
OPGP_NO_API OPGP_ERROR_STATUS calculate_host_cryptogram_SCP02(BYTE S_ENCSessionKey[16], BYTE sequenceCounter[2], BYTE cardChallenge[6], BYTE hostChallenge[8], BYTE hostCryptogram[8])
Definition: crypto.c:698
OPGP_NO_API OPGP_ERROR_STATUS get_random(BYTE *random, int randomLength)
Definition: crypto.c:2266
OPGP_NO_API OPGP_ERROR_STATUS unwrap_command(PBYTE apduCommand, DWORD apduCommandLength, PBYTE responseData, DWORD responseDataLength, PBYTE unwrappedResponseData, PDWORD unwrappedResponseDataLength, GP211_SECURITY_INFO *secInfo)
Unwraps a response, i.e. decrypt and check the R-MAC of a response APDU with the necessary security i...
Definition: crypto.c:1892
OPGP_NO_API OPGP_ERROR_STATUS wrap_command(PBYTE apduCommand, DWORD apduCommandLength, PBYTE wrappedApduCommand, PDWORD wrappedApduCommandLength, GP211_SECURITY_INFO *secInfo)
Wraps a command, i.e. encrypts and add the MAC to the APDU with the necessary security information ac...
Definition: crypto.c:1474
OPGP_NO_API OPGP_ERROR_STATUS create_session_key_SCP02(BYTE key[16], BYTE constant[2], BYTE sequenceCounter[2], BYTE sessionKey[16])
Definition: crypto.c:790
OPGP_NO_API OPGP_ERROR_STATUS encrypt_sensitive_data(GP211_SECURITY_INFO *secInfo, PBYTE data, DWORD dataLength, PBYTE encryptedData, PDWORD encryptedDataLength)
Definition: crypto.c:1324
OPGP_NO_API OPGP_ERROR_STATUS calculate_sha2_hash(PBYTE message, DWORD messageLength, BYTE hash[64], DWORD hashLength)
Calculates a SHA-256 hash.
Definition: crypto.c:2170
OPGP_NO_API OPGP_ERROR_STATUS calculate_CMAC_aes(BYTE sMacKey[32], DWORD keyLength, BYTE *message, DWORD messageLength, BYTE chainingValue[16], BYTE mac[16])
Creates a MAC for commands (APDUs) using CMAC AES. This is used by SCP03. The MAC for the message are...
Definition: crypto.c:164
OPGP_NO_API OPGP_ERROR_STATUS calculate_enc_ecb_two_key_triple_des(BYTE key[16], BYTE *message, DWORD messageLength, BYTE *encryption, DWORD *encryptionLength)
Definition: crypto.c:855
OPGP_NO_API OPGP_ERROR_STATUS calculate_card_cryptogram_SCP01(BYTE S_ENCSessionKey[16], BYTE cardChallenge[8], BYTE hostChallenge[8], BYTE cardCryptogram[8])
Definition: crypto.c:552
OPGP_NO_API OPGP_ERROR_STATUS validate_receipt(PBYTE validationData, DWORD validationDataLength, BYTE receipt[16], BYTE receiptKey[32], DWORD keyLength, BYTE secureChannelProtocol)
Definition: crypto.c:1244
OPGP_NO_API OPGP_ERROR_STATUS calculate_host_cryptogram_SCP03(BYTE S_MACSessionKey[32], DWORD keyLength, BYTE cardChallenge[8], BYTE hostChallenge[8], BYTE hostCryptogram[8])
Definition: crypto.c:729
OPGP_NO_API OPGP_ERROR_STATUS calculate_MAC_des_3des(BYTE _3des_key[16], BYTE *message, DWORD messageLength, BYTE initialICV[8], BYTE mac[8])
Definition: crypto.c:1161
OPGP_NO_API OPGP_ERROR_STATUS create_session_key_SCP01(BYTE key[16], BYTE cardChallenge[8], BYTE hostChallenge[8], BYTE sessionKey[16])
Definition: crypto.c:758
OPGP_NO_API OPGP_ERROR_STATUS calculate_card_challenge_SCP03(BYTE S_ENC[32], DWORD keyLength, BYTE sequenceCounter[3], PBYTE invokingAID, DWORD invokingAIDLength, BYTE cardChallenge[8])
Definition: crypto.c:640
Definition: security.h:280
Definition: security.h:203
long LONG
A long value.
Definition: types.h:53
unsigned char BYTE
A Microsoft/Muscle BYTE definition.
Definition: types.h:51
unsigned char * PBYTE
A Microsoft/Muscle LPBYTE, pointer to unsigned char.
Definition: types.h:48
unsigned long * PDWORD
A Microsoft LPDWORD/Muscle pointer to a DWORD.
Definition: types.h:50
char * OPGP_STRING
A Microsoft/Muscle LPTSTR.
Definition: types.h:46
unsigned long DWORD
A Microsoft/Muscle DWORD definition.
Definition: types.h:52