void DAPLUGCALL Daplug_computeDiversifiedKeys(Keyset keys, Keyset *div_keys, char *div){
char enc_key[GP_KEY_SIZE*2+1]="",
mac_key[GP_KEY_SIZE*2+1]="",
dek_key[GP_KEY_SIZE*2+1]="";
char div_enc_key[GP_KEY_SIZE*2+1]="",
div_mac_key[GP_KEY_SIZE*2+1]="",
div_dek_key[GP_KEY_SIZE*2+1]="";
if(strlen(div)==0 || strlen(div)!=16*2 || !isHexInput(div)){
fprintf(stderr,"\nDaplug_ComputeDiversifiedKeys(): Wrong value for diversifier !\n");
return;
}
bytesToStr(keys.key[0],GP_KEY_SIZE,enc_key);
bytesToStr(keys.key[1],GP_KEY_SIZE,mac_key);
bytesToStr(keys.key[2],GP_KEY_SIZE,dek_key);
computeDiversifiedKey(enc_key,div,div_enc_key);
computeDiversifiedKey(mac_key,div,div_mac_key);
computeDiversifiedKey(dek_key,div,div_dek_key);
strToBytes(div_enc_key,div_keys->key[0]);
strToBytes(div_mac_key,div_keys->key[1]);
strToBytes(div_dek_key,div_keys->key[2]);
}
void DAPLUGCALL Daplug_putKey(DaplugDongle *dpd, Keyset new_keys){
char putkey_apdu_str[APDU_CMD_MAXLEN*2+1]="";
//key version
char kv[1*2+1]="";
sprintf(kv,"%02X",new_keys.version);
//default mode : regular
char *mode = "81";
//the new Keyset gp keys
char enc_key[16*2+1]="",
mac_key[16*2+1]="",
dek_key[16*2+1]="";
bytesToStr(new_keys.key[0],GP_KEY_SIZE,enc_key);
bytesToStr(new_keys.key[1],GP_KEY_SIZE,mac_key);
bytesToStr(new_keys.key[2],GP_KEY_SIZE,dek_key);
//key usage
char ku[1*2+1]="";
sprintf(ku,"%02X",new_keys.usage);
//key access
char ka[2*2+1]="";
bytesToStr(new_keys.access,2,ka);
//Form the put key apdu
createPutKeyCommand(kv,mode,dpd->s_dek_key,enc_key,mac_key,dek_key,ku,ka,putkey_apdu_str);
//set to apdu cde
Apdu putkey_apdu;
setApduCmd(putkey_apdu_str,&putkey_apdu);
//exchange it
exchangeApdu(dpd,&putkey_apdu);
if(strcmp(putkey_apdu.sw_str,"9000")){
fprintf(stderr,"\nputKey(): Cannot create/modify Keyset !\n");
return;
}else{
fprintf(stderr,"\nputKey(): Keyset %02X successfully created/modified.\n",new_keys.version);
}
}
void DAPLUGCALL Daplug_setTimeOTP(DaplugDongle *dpd, int keyVersion, int keyId, char *timeSrcKey, int step, int t){
char set_time_ref_apdu_str[APDU_CMD_MAXLEN*2+1]="D0B2";
char kv_s[1*2+1]="", kid_s[1*2+1]="";
sprintf(kid_s,"%02X",keyId);
sprintf(kv_s,"%02X",keyVersion);
//Signature
char temp_in[(11+1+4)*2+1]="",
temp_out[(11+1+4)*2+1]="",
signature[8*2+1]="";
Byte nonce[11];
char nonce_s[11*2+1]="";
generateChallenge(nonce,11);
bytesToStr(nonce,11,nonce_s);
char step_s[1*2+1]="";
if(step == 0){step = HOTP_TIME_STEP;}
sprintf(step_s,"%02X",step);
char time_s[4*2+1]="";
if(t == 0){t = (int)time(NULL);}
sprintf(time_s,"%08X",t);
strcat(temp_in,nonce_s);
strcat(temp_in,step_s);
strcat(temp_in,time_s);
tripleDES_CBC(temp_in,timeSrcKey,temp_out,DES_ENCRYPT);
char *tmp = NULL;
strcpy(signature, tmp = str_sub(temp_out,16,31));
free(tmp);
tmp = NULL;
//Form the apdu
strcat(set_time_ref_apdu_str,kv_s);
strcat(set_time_ref_apdu_str,kid_s);
strcat(set_time_ref_apdu_str,"18");
strcat(set_time_ref_apdu_str,temp_in);
strcat(set_time_ref_apdu_str,signature);
//Set to apdu cde
Apdu set_time_ref_apdu;
setApduCmd(set_time_ref_apdu_str,&set_time_ref_apdu);
//exchange it
exchangeApdu(dpd,&set_time_ref_apdu);
if(strcmp(set_time_ref_apdu.sw_str,"9000")){
fprintf(stderr,"\nsetTimeOTP(): Cannot set time reference for dongle !\n");
return;
}else{
fprintf(stderr,"\nsetTimeOTP(): Dongle_info time reference set.\n");
}
}
int main()
{
FILE *rFile = fopen("Parsefile.txt", "w");
FILE *bFile = fopen("Samplefile.bin", "rb");
field fd = parseFieldStructure();
fseek (bFile, 0, SEEK_END);
long fSize = ftell (bFile);
fseek (bFile, 0, SEEK_SET);
BYTE *buffer = new BYTE[fSize];
fread(buffer, fSize, 1, bFile);
int numRec = fSize / fd.totBytes;
int fieldIdx = 0, fieldIncIdx = 0, intPosIdx = 0, strIdx = 0;
int fInt = 0;
char fStr[255];
bool typeInt = false;
XML* xml = new XML();
xml->LoadText("<data></data>");
XMLElement* root = xml->GetRootElement();
XMLElement* record[numRec];
XMLElement* fields[115 * numRec];
for (int recIdx = 0; recIdx < numRec; recIdx++) {
record[recIdx] = new XMLElement(root, "record");
root->InsertElement(recIdx, record[recIdx]);
bytesToIntger(fStr, recIdx + 1);
record[recIdx]->AddVariable("id", fStr);
for (int xmlIdx = 115 * recIdx; xmlIdx < (1 + recIdx) * 115; xmlIdx++) {
fields[xmlIdx] = new XMLElement(record[recIdx], "field");
record[recIdx]->InsertElement(xmlIdx, fields[xmlIdx]);
}
}
int xmlIdx = 0;
for (int idx = 0; idx <= fSize - 1; idx++)
{
if(idx >= fieldIncIdx) {
if(typeInt) {
bytesToIntger(fStr, fInt);
} else {
bytesToStr(fStr, strIdx);
}
if(fieldIdx > 0) {
fields[xmlIdx - 1]->AddVariable(fd.name[fieldIdx - 1], fStr);
}
else if(idx != 0) {
fields[xmlIdx - 1]->AddVariable(fd.name[114], fStr);
}
xmlIdx++;
typeInt = fd.type[fieldIdx] == 'I';
fprintf(rFile, "%s", fStr);
fprintf(rFile, "\t");
fieldIncIdx += fd.bytes[fieldIdx];
fieldIdx = fieldIdx < 114 ? fieldIdx + 1 : 0;
if (fieldIdx == 0)
fprintf(rFile, "\n");
}
if(buffer[idx] == 0xe9) {
fieldIncIdx++;
} else if(typeInt) {
fInt <<= 8;
fInt = (fInt | buffer[idx]);
} else if (buffer[idx] > 0x1f && buffer[idx] < 0x7f) {
fStr[strIdx++] = buffer[idx];
}
}
xml->Save("XMLfile.xml");
fclose(rFile);
fclose(bFile);
/* And now we can search for a attrinute
like subscriber_no in our xml-file. */
OpenXML("XMLfile.xml", "subscriber_no");
return 0;
}
void DAPLUGCALL Daplug_authenticate(DaplugDongle *dpd, Keyset keys, int mode, char *div, char *chlg){
Byte hostChallenge[8];
char counter[2*2+1] = "",
cardChallenge[6*2+1] = "",
returnedCardCryptogram[8*2+1]="",
computedCardCryptogram[8*2+1]="",
hostCryptogram[8*2+1] = "",
s_hostChallenge[8*2+1]="",
temp[APDU_CMD_MAXLEN*2+1]="";
Apdu initialize_update,
external_authenticate;
//close any sc previously opened
Daplug_deAuthenticate(dpd);
if(!strcmp(chlg,"")){
//generate host challenge
generateChallenge(hostChallenge,8);
bytesToStr(hostChallenge,8,s_hostChallenge);
}else{
if(strlen(chlg)!=8*2 || !isHexInput(chlg)){
fprintf(stderr,"\nDaplug_authenticate(): Wrong value for challenge !\n");
return;
}
strncpy(s_hostChallenge,chlg,16);
s_hostChallenge[16]='\0';
}
//Keyset version
char version[1*2+1]="";
sprintf(version,"%02X",keys.version);
//Any diversifier?
if(strlen(div) != 0){
if(strlen(div)!=16*2 || !isHexInput(div)){
fprintf(stderr,"\nDaplug_authenticate(): Wrong value for diversifier !\n");
return;
}
}
if(strlen(div) == 0){
//initialize update without diversifier
strcat(temp,"8050");
strcat(temp,version);
strcat(temp,"0008");
strcat(temp,s_hostChallenge);
setApduCmd(temp,&initialize_update);
}else{
//diversified initialize update
strcat(temp,"D050");
strcat(temp,version);
strcat(temp,"1018");
strcat(temp,s_hostChallenge);
strcat(temp,div);
setApduCmd(temp,&initialize_update);
}
//exchange
exchangeApdu(dpd,&initialize_update);
if(strcmp(initialize_update.sw_str,"9000")){
fprintf(stderr,"\nauthenticate(): initialize update error ! sw = %s\n",
initialize_update.sw_str);
return;
}
//extract data returned by the card
char *tmp = NULL;
strcpy(counter,tmp = str_sub(initialize_update.r_str, 24, 27));
free(tmp);
tmp = NULL;
strcpy(cardChallenge,tmp = str_sub(initialize_update.r_str, 28, 39));
free(tmp);
tmp = NULL;
strcpy(returnedCardCryptogram,tmp = str_sub(initialize_update.r_str, 40, 55));
free(tmp);
tmp = NULL;
//compute session keys & update dpd
char enc_key[GP_KEY_SIZE*2+1]="",
mac_key[GP_KEY_SIZE*2+1]="",
dek_key[GP_KEY_SIZE*2+1]="";
bytesToStr(keys.key[0],GP_KEY_SIZE,enc_key);
bytesToStr(keys.key[1],GP_KEY_SIZE,mac_key);
bytesToStr(keys.key[2],GP_KEY_SIZE,dek_key);
//session s-enc key
computeSessionKey(counter,"0182",enc_key,dpd->s_enc_key);
//session s-enc key
computeSessionKey(counter,"0183",enc_key,dpd->r_enc_key);
//session c-mac key
computeSessionKey(counter, "0101", mac_key, dpd->c_mac_key);
//session r-mac key
computeSessionKey(counter, "0102", mac_key, dpd->r_mac_key);
//session dek key. In case of need it will be used. (to form "put key" command for example)
computeSessionKey(counter,"0181", dek_key, dpd->s_dek_key);
//compute card cryptogram
computeCardCryptogram(s_hostChallenge,cardChallenge,counter,dpd->s_enc_key,computedCardCryptogram);
//check card cryptogram
if(!checkCardCryptogram(returnedCardCryptogram,computedCardCryptogram)){
fprintf(stderr,"\nauthenticate(): Card Cryptogram verification failed !\n");
return;
}
else{
//compute data that an external Daplug_authenticate apdu needs
computeHostCryptogram(s_hostChallenge, cardChallenge, counter, dpd->s_enc_key, hostCryptogram);
//mode
char sec_l[1*2+1]="";
sprintf(sec_l,"%02X",mode);
//external Daplug_authenticate
strcpy(temp,""),
strcat(temp,"8082");
strcat(temp,sec_l);
strcat(temp,"0008");
strcat(temp,hostCryptogram);
setApduCmd(temp,&external_authenticate);
//exchange
exchangeApdu(dpd,&external_authenticate);
if(strcmp(external_authenticate.sw_str,"9000")){
fprintf(stderr,"\nauthenticate(): external Daplug_authenticate error ! sw = %s\n",
external_authenticate.sw_str);
return;
}
}
fprintf(stderr,"\nauthenticate() : Successful authentication !\n");
//update dpd
strcpy(dpd->r_mac,dpd->c_mac);
dpd->securityLevel = mode;
dpd->session_opened = 1;
}
