ev2

package
v0.1.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 12, 2024 License: Apache-2.0 Imports: 11 Imported by: 3

Documentation

Overview

* package with common functions to manage a Desfire TAG

projects on which it is based: 

https://github.com/LudovicRousseau/PCSC
https://github.com/ebfe/scard
https://github.com/dumacp/smartcard

/*

Index

Constants

View Source 
const (
	AllKeySetCurrentlyAID = iota
	SpecificKeySetCurrentlyAID
	NoKeySet
)

Variables

This section is empty.

Functions

func Apdu_AuthenticateEV2First 

func Apdu_AuthenticateEV2First(secondAppIndicator int, keyNumber int, pcdCap2 []byte) []byte

func Apdu_AuthenticateEV2FirstPart2 

func Apdu_AuthenticateEV2FirstPart2(data []byte) []byte

func Apdu_AuthenticateISO 

func Apdu_AuthenticateISO(secondAppIndicator int, keyNumber int) []byte

func Apdu_AuthenticateISOPart2 

func Apdu_AuthenticateISOPart2(cryptograma []byte) []byte

func VerifyResponse 

func VerifyResponse(resp []byte) error

VerifyResponse function to verify response APDU

Types

type AccessRights 

type AccessRights int
const (
	KeyID_0x00 AccessRights = iota
	KeyID_0x01
	KeyID_0x02
	KeyID_0x03
	KeyID_0x04
	KeyID_0x05
	KeyID_0x06
	KeyID_0x07
	KeyID_0x08
	KeyID_0x09
	KeyID_0x0A
	KeyID_0x0B
	KeyID_0x0C
	KeyID_0x0D
	FREE
	NO_ACCESS
)

type CommMode 

type CommMode int
const (
	PLAIN CommMode = 0
	MAC   CommMode = 1
	FULL  CommMode = 3
)

type ConfigurationOption 

type ConfigurationOption int
const (
	PICC_CONFIGURATION ConfigurationOption = iota
	DEFAULT_KEYS_UPDATE
	ATS_UPDATE
	SAK_UPDATE
	SECURE_MESSAGING_CONFIGURATION
	CAPABILITY_DATA
	VC_INSTALATION_IDENTIFIER
)

type Desfire 

type Desfire struct {
	smartcard.ICard
	// contains filtered or unexported fields
}

Desfire desfire card

func NewDesfire 

func NewDesfire(c smartcard.ICard) *Desfire

NewDesfire Create Desfire from Card

func (*Desfire) AbortTransaction 

func (d *Desfire) AbortTransaction() error

AbortTransaction abort all previous write accesses on Filetype.BackupData, FileType.Value FileType.LinearRecord and Filetype.CyclicRecord files within the selected application(s). If applicable, theTransaction MAC calculation is aborted.

func (*Desfire) AuthenticateEV2First 

func (d *Desfire) AuthenticateEV2First(secondAppIndicator SecondAppIndicator, keyNumber int, pcdCap2 []byte) ([]byte, error)

AuthenticateEV2First authentication for Keytype AES keys. After this authentication EV2 secure messaging is used. This authentication in intended to be the first in a transaction.

func (*Desfire) AuthenticateEV2FirstPart2 

func (d *Desfire) AuthenticateEV2FirstPart2(key, data []byte) ([]byte, error)

func (*Desfire) AuthenticateEV2FirstPart2_block_1 

func (d *Desfire) AuthenticateEV2FirstPart2_block_1(rndB []byte) ([]byte, error)

func (*Desfire) AuthenticateEV2FirstPart2_block_2 

func (d *Desfire) AuthenticateEV2FirstPart2_block_2(rndDc []byte) ([]byte, error)

func (*Desfire) AuthenticateEV2FirstPart2_block_3 

func (d *Desfire) AuthenticateEV2FirstPart2_block_3(lastResp []byte) ([]byte, []byte, error)

func (*Desfire) AuthenticateEV2FirstPart2_block_4 

func (d *Desfire) AuthenticateEV2FirstPart2_block_4(ksesAuthEnc, ksesAuthMac []byte) error

func (*Desfire) AuthenticateEV2NonFirst 

func (d *Desfire) AuthenticateEV2NonFirst() ([]byte, error)

func (*Desfire) AuthenticateEV2NonFirstPart2 

func (d *Desfire) AuthenticateEV2NonFirstPart2() ([]byte, error)

func (*Desfire) AuthenticateISO 

func (d *Desfire) AuthenticateISO(secondAppIndicator SecondAppIndicator, keyNumber int) ([]byte, error)

AuthenticateISO authentication as already support by DESFire EV1. Only for KeyType.2TDEA or KeyType.3TDEA keys. After this authentication EV1 backwards compatible secure messaging is used.

func (*Desfire) AuthenticateISOPart2 

func (d *Desfire) AuthenticateISOPart2(key, data []byte) ([]byte, error)

func (*Desfire) ChangeFileSettings 

func (d *Desfire) ChangeFileSettings(fileNo int, targetSecondaryApp SecondAppIndicator,
	isoFileID []byte,
	fileOption_AdditionalAccessRights_Disabled bool,
	fileOption_commMode CommMode,
	accessRights_Read AccessRights,
	accessRights_Write AccessRights,
	accessRights_ReadWrite AccessRights,
	accessRights_Change AccessRights,
	nrAddAccessRights int,
	addAccessRights []byte,
) error

ChangeFileSettings changes the access parameters of an existing file.

func (*Desfire) ChangeKey 

func (d *Desfire) ChangeKey(keyNo, keyVersion int,
	keyType KeyType, secondAppIndicator SecondAppIndicator,
	newKey, oldKey []byte) error

ChangeKey depensing on the currently selectd AID, this command update a key of the PICC or of an application AKS.

func (*Desfire) ChangeKeyEV2 

func (d *Desfire) ChangeKeyEV2(keyNo, keySetNo, keyVersion int,
	keyType KeyType, secondAppIndicator SecondAppIndicator,
	newKey, oldKey []byte) error

ChangeKey depending on the currently selectd AID, this command update a key of the PICC or of an application keyset.

func (*Desfire) ChangeKeySettings 

func (d *Desfire) ChangeKeySettings(keySetting int) error

ChangeKeySettings depending on the currently selected AID, this command changes the PICCKeySettings of the PICC or the AppKeySettings of the application.

func (*Desfire) ClearRecordFile 

func (d *Desfire) ClearRecordFile(fileNo int, targetSecondaryApp SecondAppIndicator,
) error

ClearRecordFile clear all records in a FileType.LinearRecird o FileType.CyclicRecord file.

func (*Desfire) CommitReaderID 

func (d *Desfire) CommitReaderID(
	tmri []byte,
) ([]byte, error)

CommitReaderID commit reader ID for a ongoing transacion. This will allow a backend to identified the attacking merchant in case of fraud detetcted.

func (*Desfire) CommitTransaction 

func (d *Desfire) CommitTransaction(
	return_TMC_and_TMV bool,
) ([]byte, error)

Validates all previous write accesses on Filetype.BackupData, FileType.Value FileType.LinearRecord and Filetype.CyclicRecord files within the selected application(s). If applicable, the FileType.TransactionMAC file is updated with the calculated Transaction MAC

func (*Desfire) CreateApplication 

func (d *Desfire) CreateApplication(aid []byte,
	keyTypeAKS KeyType,
	changeKey AccessRights,
	numberOfAppKeys int,

	appKeySettingChangeable,
	fileCreateDeleteWithAppMasterKey,
	fileDirAccessConfWithAppMasterKey,
	appMasterKeyChangeable,

	keySett3_Enabled bool,

	keySett3_appSpecificCapabilityDataEnable,
	keySett3_appSpecificVCkeysEnable,
	keySett3_appKeySetsEnable,

	use2byte_ISOIEC_7816_4_fileID bool,
	appKeySetsEnable_rollKey AccessRights,
	appKeySetsEnable_aksVersion, appKeySetsEnable_NoKeySets, appKeySetsEnable_maxKeySize int,
	isoFileID, isofileDFName []byte) error

CreateApplication creates new application on the PICC. The application is initialized according to the given settings. The application keys of the active key set aer initilized with the default Application key.

func (*Desfire) CreateBackupDataFile 

func (d *Desfire) CreateBackupDataFile(fileNo int, targetSecondaryApp SecondAppIndicator,
	isoFileID []byte,
	fileOption_AdditionalACL_Disabled bool,
	fileOption_commMode CommMode,
	accessRights_Read AccessRights,
	accessRights_Write AccessRights,
	accessRights_ReadWrite AccessRights,
	accessRights_Change AccessRights,
	fileSize int,
) error

CreateBackupDataFile creates files for the storage of plain unformatted user data within an existing application on the PICC, additionally supporting the feature of an integreted backup mechanism.

func (*Desfire) CreateCyclicRecorFile 

func (d *Desfire) CreateCyclicRecorFile(fileNo int, targetSecondaryApp SecondAppIndicator,
	isoFileID []byte,
	fileOption_AdditionalAccessRights_Disabled bool,
	fileOption_commMode CommMode,
	accessRights_Read AccessRights,
	accessRights_Write AccessRights,
	accessRights_ReadWrite AccessRights,
	accessRights_Change AccessRights,
	recordSize, maxNoOfRecords int,
) error

CreateCyclicRecorFile creates files for multiple storage of structural similar data, for example for logging transactions, with an existing application on the PICC. Once the file is filled completely with data records, the PICC automatically overwrites the oldest record with the lastest written one. This wrap is fully transparent for the PCD.

func (*Desfire) CreateDelegateApplication 

func (d *Desfire) CreateDelegateApplication(aid []byte,
	damSlotNo, damSlotVersion int,
	quotaLimit int,
	keyTypeAKS KeyType,
	changeKey int,
	numberOfAppKeys int,

	appKeySettingChangeable,
	fileCreateDeleteWithAppMasterKey,
	fileDirAccessConfWithAppMasterKey,
	appMasterKeyChangeable,

	keySett3_Enabled bool,

	keySett3_appSpecificCapabilityDataEnable,
	keySett3_appSpecificVCkeysEnable,
	keySett3_appKeySetsEnable,

	use2byte_ISOIEC_7816_4_fileID bool,
	appKeySetsEnable_rollKey,
	appKeySetsEnable_aksVersion, appKeySetsEnable_NoKeySets, appKeySetsEnable_maxKeySize int,
	isoFileID, isofileDFName []byte) ([]byte, error)

CreateDelegateApplication creates delegated applications on the PICC with limited memory consumption. The application is initialized according to the gievn settings. The application keys of the active key set are initialized with the provided keyID.AppDAMDefaultKey

func (*Desfire) CreateLinearRecorFile 

func (d *Desfire) CreateLinearRecorFile(fileNo int, targetSecondaryApp SecondAppIndicator,
	isoFileID []byte,
	fileOption_AdditionalAccessRights_Disabled bool,
	fileOption_commMode CommMode,
	accessRights_Read AccessRights,
	accessRights_Write AccessRights,
	accessRights_ReadWrite AccessRights,
	accessRights_Change AccessRights,
	recordSize, maxNoOfRecords int,
) error

CreateLinearRecorFile creates files for multiple storage of structural similar data, for example for loyalty programs, with an existing application on the PICC. Once the file is filled completely with data recirds, further writing on the file is not posible unless it is cleared.

func (*Desfire) CreateStdDataFile 

func (d *Desfire) CreateStdDataFile(fileNo int, targetSecondaryApp SecondAppIndicator,
	isoFileID []byte,
	fileOption_AdditionalACL_Disabled bool,
	fileOption_commMode CommMode,
	accessRights_Read AccessRights,
	accessRights_Write AccessRights,
	accessRights_ReadWrite AccessRights,
	accessRights_Change AccessRights,
	fileSize int,
) error

CreateStdDataFile creates files for the storage of plain unformatted user data within an existing application on the PICC.

func (*Desfire) CreateTransactionMACFile 

func (d *Desfire) CreateTransactionMACFile(fileNo int, targetSecondaryApp SecondAppIndicator,
	isoFileID []byte,
	fileOption_commMode CommMode,
	accessRights_Read AccessRights,
	accessRights_AppCommitReaderIDKey AccessRights,
	accessRights_Change AccessRights,
	tmKey []byte,
	tmKeyVersion int,
	tmKeyOption_keyType KeyType,
) error

CreateTransactionMACFile creates Transaction MAC File enables the Transaction MAC feature for targeted application.

func (*Desfire) CreateValueFile 

func (d *Desfire) CreateValueFile(fileNo int, targetSecondaryApp SecondAppIndicator,
	isoFileID []byte,
	fileOption_AdditionalACL_Disabled bool,
	fileOption_commMode CommMode,
	accessRights_Read AccessRights,
	accessRights_Write AccessRights,
	accessRights_ReadWrite AccessRights,
	accessRights_Change AccessRights,
	lowerLimit, upperLimit, value int,
	limitedCreditEnabled bool,
	freeAccesstoGetValue bool,
) error

CreateValueFile creates files for the storage and manipulation of 32bot signed values withon an existing application on the PICC.

func (*Desfire) Credit 

func (d *Desfire) Credit(fileNo int, targetSecondaryApp SecondAppIndicator,
	value uint,
	commMode CommMode,
) error

Credit increases a value stored in a FileType.Value file.

func (*Desfire) Debit 

func (d *Desfire) Debit(fileNo int, targetSecondaryApp SecondAppIndicator,
	value uint,
	commMode CommMode,
) error

Debit decreases a value stored in a FileType.Value file.

func (*Desfire) DeleteApplication 

func (d *Desfire) DeleteApplication(aid []byte) error

Permanently deactivates applications on the PICC. The AID is released.

func (*Desfire) DeleteFile 

func (d *Desfire) DeleteFile(fileNo int,
	targetSecondaryApp SecondAppIndicator,
) error

DeleteFile permanently deactivates a file within the file directory of the currently selected application.

func (*Desfire) FinalizeKeySet 

func (d *Desfire) FinalizeKeySet(keySetNo, keySetVersion int,
	secondAppIndicator SecondAppIndicator) error

FinalizeKeySet the currently selected application, finalize the key set with specific number.

func (*Desfire) Format 

func (d *Desfire) Format() error

Format At PICC level, all applications and files are deleted. At application level (only for delegated applications), all files are deleted. The deleted memory is released and can be reused.

func (*Desfire) FreeMem 

func (d *Desfire) FreeMem() ([]byte, error)

Returns the free memory avalaible on the card

func (*Desfire) GetApplicationsID 

func (d *Desfire) GetApplicationsID() ([]byte, error)

GetApplicationsID returns the application IDentifiers of all active application

func (*Desfire) GetCardUID 

func (d *Desfire) GetCardUID() ([]byte, error)

GetCardUID resturn the UID

func (*Desfire) GetDFNames 

func (d *Desfire) GetDFNames() ([][]byte, error)

GetVersion returns the Application IDentifiers together with a File ID and (optionally) a DF Name of all active applications with ISO/IEC 7816-4 support.

func (*Desfire) GetDeletedInfo 

func (d *Desfire) GetDeletedInfo(damSlotNo int) ([]byte, error)

GetDeletedInfo returns the DAMSlotVersion and QoutaLimit of a target DAM Slot on the card.

func (*Desfire) GetFileIDs 

func (d *Desfire) GetFileIDs() ([]byte, error)

GetFileIDs returns the File IDentifiers of all active files within the current selected application.

func (*Desfire) GetFileSettings 

func (d *Desfire) GetFileSettings(fileNo int,
	targetSecondaryApp SecondAppIndicator,
) ([]byte, error)

GetFileSettings get information on the properties of a specific file.

func (*Desfire) GetISOFileIDs 

func (d *Desfire) GetISOFileIDs(fileNo int,
	targetSecondaryApp SecondAppIndicator,
) ([]byte, error)

GetISOFileIDs get back the ISO File IDs.

func (*Desfire) GetKeySettings 

func (d *Desfire) GetKeySettings() ([]byte, error)

GetKeySettings depending on the selected AID, this command retrieves the PICCKeySettings of the PICC or the AppKeySettings of the (primary) application. In addition it returns the number of keys which are configured for the selected application an if applicable the AppKeySettings.

func (*Desfire) GetKeyVersion 

func (d *Desfire) GetKeyVersion(keyNo, keySetNo int, keySetOption KeySetOptionVersion,
	secondAppIndicator SecondAppIndicator) ([]byte, error)

GetKeyVersion depending on the currently selected AID and given key number parameter, return key version of the key targeted or return all key set versions of the selected application. (not KeySetNo: keySetOption = 2, specific KeySet in currently AID = , all KeySet in currently AID = 0)

func (*Desfire) GetModeEV added in v0.1.2 

func (d *Desfire) GetModeEV() EVmode

func (*Desfire) GetValue 

func (d *Desfire) GetValue(fileNo int, targetSecondaryApp SecondAppIndicator,
	commMode CommMode,
) ([]byte, error)

GetValue reads the currently stored from FileType.Value file.

func (*Desfire) GetVersion 

func (d *Desfire) GetVersion() ([][]byte, error)

GetVersion returns manufacturing related data of the PICC. First part HW related information as specified in CardVersioinList Table.

func (*Desfire) InitializeKeySet 

func (d *Desfire) InitializeKeySet(keySetNo int, keySetType KeyType,
	secondAppIndicator SecondAppIndicator) ([]byte, error)

InitializeKeySet depending on the currently selected application, initialize the key set with specific index.

func (*Desfire) LimitedCredit 

func (d *Desfire) LimitedCredit(fileNo int, targetSecondaryApp SecondAppIndicator,
	value uint,
	commMode CommMode,
) ([]byte, error)

LimitedCredit allows a limited increase of a value stored in a FileType.Value file without having full Cmd.Credit permissions to the file.

func (*Desfire) ReadData 

func (d *Desfire) ReadData(fileNo int, targetSecondaryApp SecondAppIndicator,
	offset int,
	length int,
	commMode CommMode,
) ([]byte, error)

ReadData reads data from File Type StandardData, FileType.BcakupData or FileType.TransactionMAC files.

func (*Desfire) ReadRecords 

func (d *Desfire) ReadRecords(fileNo int, targetSecondaryApp SecondAppIndicator,
	recNo int,
	recCount int,
	sizeRecord int,
	commMode CommMode,
) ([][]byte, error)

ReadRecords reads out a set of complete records from FileType.LinearRecord or FileType.CyclicRecord File.

func (*Desfire) RollKeySet 

func (d *Desfire) RollKeySet(keySetNo int, secondAppIndicator SecondAppIndicator) error

RollKeySet the currently selected application, roll to the key set with specific number.

func (*Desfire) SelectApplication 

func (d *Desfire) SelectApplication(aid1, aid2 []byte) error

SelectApplication select 1 or 2 applications or the PICC level specified by their application identifier.

func (*Desfire) SetConfiguration 

func (d *Desfire) SetConfiguration(option ConfigurationOption, data []byte) error

SetConfiguration Configures the card an pre personalizes the card with a key, defines if the UID or the random ID is sent back during communication setup and configures the ATS string.

func (*Desfire) UpdateRecord 

func (d *Desfire) UpdateRecord(fileNo int, targetSecondaryApp SecondAppIndicator,
	recNo int,
	offset int,
	dataRecord []byte,
	commMode CommMode,
) error

UpdateRecord update data of an existing record a FileType.LinearRecord or FileType.CyclicRecord file.

func (*Desfire) WriteData 

func (d *Desfire) WriteData(fileNo int, targetSecondaryApp SecondAppIndicator,
	offset int,
	datafile []byte,
	commMode CommMode,
) error

WriteData write data to File Type StandardData and FileType.BcakupData files.

func (*Desfire) WriteRecord 

func (d *Desfire) WriteRecord(fileNo int, targetSecondaryApp SecondAppIndicator,
	offset int,
	dataRecord []byte,
	commMode CommMode,
) error

WriteRecord write data to record a FileType.LinearRecord or FileType.CyclicRecord.

type EVmode 

type EVmode int
const (
	D40 EVmode = iota
	EV1
	EV2
)

type IDesfire 

type IDesfire interface {
	AuthenticateEV2First(targetKey SecondAppIndicator, keyNumber int, pcdCap2 []byte) ([]byte, error)
	AuthenticateEV2FirstPart2(key, response []byte) ([]byte, error)
	AuthenticateEV2NonFirst() ([]byte, error)
	AuthenticateEV2NonFirstPart2() ([]byte, error)
	GetApplicationsID() ([]byte, error)
	SelectApplication(aid1, aid2 []byte) error
	AuthenticateISO(targetKey SecondAppIndicator, keyNumber int) ([]byte, error)
	AuthenticateISOPart2(key, response []byte) ([]byte, error)
	// ChangeKey depensing on the currently selectd AID, this command
	// update a key of the PICC or of an application AKS.
	ChangeKey(keyNo, keyVersion int,
		keyType KeyType, secondAppIndicator SecondAppIndicator,
		newKey, oldKey []byte) error
	ChangeKeyEV2(keyNo, keySetNo, keyVersion int,
		keyType KeyType, secondAppIndicator SecondAppIndicator,
		newKey, oldKey []byte) error
	GetCardUID() ([]byte, error)
}

type KeySetOptionVersion 

type KeySetOptionVersion int

type KeyType 

type KeyType int
const (
	TDEA2 KeyType = iota
	TDEA3
	AES
)

func (KeyType) Int 

func (k KeyType) Int() int

type SecondAppIndicator 

type SecondAppIndicator int
const (
	TargetPrimaryApp SecondAppIndicator = iota
	TargetSecondaryApp
)

func (SecondAppIndicator) Int 

func (k SecondAppIndicator) Int() int

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.