limousyf / paytools

1 stars 0 forks source link

Add 3DES encrypt/decrypt function #15

Open limousyf opened 7 years ago

limousyf commented 7 years ago

From emvbot: limousyf/emvbot#16

limousyf commented 7 years ago

VIS 1.6 appendix D

limousyf commented 7 years ago

Key derivation: To derive the Unique DEA Key A, the Application PAN and Application PAN Sequence Number shall be concatenated together in a 16-hexadecimal field. (If the Application PAN Sequence Number is not present, then it shall be zero filled.) If the length of the Application PAN followed by the Application PAN Sequence Number is not equal to 16 digits, then the following formatting rules shall be applied:  If the Application PAN plus the Application PAN Sequence Number are less than 16 digits, then right-justify the data in a 16-hexadecimal field and pad on the left with hexadecimal zeros.  If the Application PAN followed by the Application PAN Sequence Number are greater than 16 digits, then use only the right-most 16 digits. To derive the Unique DEA Key B, the Application PAN and Application PAN Sequence Number shall first be concatenated together in a 16-hexadecimal field using the formatting rules described above and then inverted. Inversion shall be performed at the bit level, where each bit with value 1b is set to 0b and each bit with value 0b is set to 1b. A PAN with an uneven number of digits is padded on the left with a zero. An 'F' is not included in the concatenation of the PAN and PAN Sequence Number. EXAMPLE: The 19 digit PAN stored on the card is '4000001234567890123F' and the PAN Sequence Number is '01'. The concatenation result is '01 23 45 67 89 01 23 01'. Note: When triple DEA encipherment is performed using the issuer’s double-length Master Derivation Key, the encipherment function shall always be performed using the first half of the issuer’s double-length key and the decipherment function shall always be performed using the second half of the issuer’s doublelength key. This convention shall apply regardless of whether the Unique DEA Key A or B is being generated. Note: What VIS calls the Master Derivation Key that is used to derive the UDK, in EMV is called the Issuer Master Key, IMK.

limousyf commented 7 years ago

EMV uses session key derivation (see EMV book 2 annex 1.3.1)

limousyf commented 7 years ago

Visa (D7.2): This method shall be used for the Application Cryptogram generation for CVN 18 ('12') and CVN '22', and for secure messaging when performed in combination with CVN '22'.

limousyf commented 7 years ago

CVN 10 does not use session key derivation

limousyf commented 7 years ago

https://github.com/brix/crypto-js