INITIALIZE UPDATE: 在安全通道的显式发起期间,INITIALIZEUPDATE命令用于在卡和主机之间传送卡和会话数据。这个命令开始一个安全通道会话的发起。
CPURESET()
//选择应用区
00A40400+08+A000000333010101
0084000008(RAM+9000)
//初始化通道
80500000+08+RAM+1C
00C000001C(DATA+9000)
/*************
Key diversification data 10bytes //由卡外实体来获取卡内的静态密钥
Key information 2bytes //包含了密钥的版本号和安全通道的协议号
Card challenge 8bytes //卡内部生成的随机数
Card cryptogram 8bytes //鉴别密码
************/
KEYVERSION=COPY(DATA,21,2)
QCOUNTER=COPY(DATA,25,4)
CCHALLENGE=COPY(DATA,29,12)
CARDCHALLENGE=COPY(DATA,25,16)
MAC_RII=LAST(DATA,16) //验证MAC
//计算个人化过程密钥SPenc SPmac SPdek
CBC_3DES_EN(00000000000000000182+QCOUNTER+000000000000000000000000,Penc,SPenc)
CBC_3DES_EN(00000000000000000101+QCOUNTER+000000000000000000000000,Pmac,SPmac)
CBC_3DES_EN(00000000000000000181+QCOUNTER+000000000000000000000000,Pdek,SPdek)
//华大
{
SPenc=COPY(SPenc,1,16)
//3DES计算MAC MAC_RII==MAC_RI
SDES_MAC_1(0000000000000000+RAM+CARDCHALLENGE+8000000000000000,SPenc,MAC_RI)
SDES_MAC_1(0000000000000000+CARDCHALLENGE+RAM+8000000000000000,SPenc,MAC1)
3DES_MAC_1(0000000000000000+8442000010+MAC1+800000,SPmac,MAC2)
//通道安全认证
84420000+10+MAC1+MAC2
}
//JAVA CARD
{
//3DES计算MAC
GP_MAC(RAM+CARDCHALLENGE+8000000000000000,SPenc,MAC_RI)
GP_MAC(CARDCHALLENGE+RAM+8000000000000000,SPenc,MAC1)
3DES_MAC_1(0000000000000000+8482000010+MAC1+800000,SPmac,MAC2)
//通道安全认证
84820000+10+MAC1+MAC2
} 文/闫鑫原创