我在CDOL1中面临数据验证代码的问题。 AIP不支持SDA,ICC在70或77模板中的任何一个模板中都没有标签93来执行SDA。 但是,CDOl1具有数据验证代码作为其应提交给生成应用程序密码的字段。如何在此方案中获取数据身份验证代码?
AIP:3800
字节1
b1(CDA supoprted) : 0
b2(RFU) : 0
b3(Issuer authentication is supported) : 0
b4(Terminal risk management is to be performed) : 1
b5(Cardholder verification is supported) : 1
b6(DDA supported) : 1
b7(SDA supported) : 0
b8(RFU) : 0
Byte 2
b1(RFU) : 0
b2(RFU) : 0
b3(RFU) : 0
b4(RFU) : 0
b5(RFU) : 0
b6(RFU) : 0
b7(RFU) : 0
b8(RFU) : 0
CDOL1
Card Risk Management Data Object List 1: 9f02069f03069f1a0295055f2a029a039c019f37049f35019f45029f4c089f3403
Amount_Authorized_Numeric: 06
Amount_Other_Numeric: 06
Terminal_Country_Code: 02
Terminal_Verification_Results: 05
Transaction_Currency_Code: 02
Transaction_Date: 03
Transaction_Type: 01
Unpredictable_Number: 04
Terminal_Type: 01
Data_Authentication_Code: 02
ICC_Dynamic_Number: 08
Cardholder_Verification_Method_CVM_Results: 03
生成AC1 命令:80AE80002B0000000001000000000000500840008004700008401706062122CA329C2400000A34ECCF04F6667E1f000000
response :6985
卡的请求和响应流程
申请选择
要求:00A4040007a000000004101000
APDU响应 6f308407a0000000041010a525500a4d4153544552434152448701015f2d02656e9f1101019f120a4d4153544552434152449000
[获取处理选项]
要求:80A8000002830000
回复:770e82023800940808010100100104019000
[内部认证]
要求:00880000049D69CB8500
响应:7781849f4b8180370c16af6bb1eb04cc2bbe6ad5d0612a76ebad966eb708a9a72814eced6807d64d6ec5ae4070290db34d2bb5272d99af30412bf1102e73c3a88eec4f94cdeb9c4e74e7fcf67c51607071eddf6557d698aab99072818cf9536217b8a453d70483e6736345b87bc11babf84835d44436fff5e0c7cf3a36455208a6a9172483d39f9000
[阅读记录]
要求:00B2010c00
回应:704b5713BBBBBBBBBBBBBBBBd20102011901042100000f5f200eBBBBBBBBBBBBBBBBBBBBBBBBBBB9F080200025f300202019f1f183139303130303030303030303030303432313030303030309000
[阅读记录] 要求:00B2011400
响应:70818c9f420208405f25031608015f24032010315a08BBBBBBBBBBBBBBBB5f3401019f0702ff008c219f02069f03069f1a0295055f2a029a039c019f37049f35019f45029f4c089f34038d0c910a8a0295059f37049f4c088e14000000000000000042011e034203440341031f009f0d05bc50bc00009f0e0500000000009f0f05bc70bc98005f280208409f4a01829000
[阅读记录]
要求:00B2021400
响应:7081ba8f01059081b0a908db21d6fb4127c1773ee444304e93a7aae7ff224ee9a57d2a42ba56f1eeca490953548442780185defa3324a812e78c4f7221a27aa25cb9deb3db1947f6dc9b6e124d26695a4ef4fa6ff1046e2011927a1fc05a3277601df806afb717b875c48e3bba5ac7a225aefe4869d9cc8b558f3d3dd6cbf783623cd13e450cebba2143cb037bad35800492a0afb7da0460dac23a827adb29350cab8ee139705e1756aece0b9eaeb0989d9960b4afa04168269f3201039000
[阅读记录]
要求:00B2031400
回复:702692245f92199f70c9a0648cb24f544d63cd640a5fa96234bcfbf245a123d2c7ff6035bedc99b99000
[阅读记录]
要求:00B2041400
响应:7081be9f4681b02c2ddf76f11a5f546f4d32b09a96f7c5fb5a586b946e37d038131a940537cf5bccb1f47a0c4c843e3e5a195bdd53f89cb9ebbaa6d8de316cfe7242a18ad0b79a88ece305146fe9ddeb810da109aff4f2f3c29cc011b67c2abf94c914face03f021fa7142687f1c9c39927a8eea6f53a5b47162e2f70e00c9af775be17fb144319810dd765ee377728eb2d19109af84acf47152cc144124b274158eee08d55766e2d44ffdcc5c2e4fe99199d8d34fd5bd9f4701039f49039f37049000
[ApplicationTransactionCounter]
要求:80CA9F3600
回应:6a88
[LastOnlineATCRegister]
要求:80CA9F1300
回应:6a88
[PINTryCounter]
要求:80CA9F1700
回复:9f1701039000
[的LogFormat]
要求:80CA9F4F00
回复:9f4f119f27019f02065f2a029a039f36029f52069000
[离线数据验证]
CA PK模数: b8048abc30c90d976336543e3fd7091c8fe4800df820ed55e7e94813ed00555b573feca3d84af6131a651d66cff4284fb13b635edd0ee40176d8bf04b7fd1c7bacf9ac7327dfaa8aa72d10db3b8e70b2ddd811cb4196525ea386acc33c0d9d4575916469c4e4f53e8e1c912cc618cb22dde7c3568e90022e6bba770202e4522a2dd623d180e215bd1d1507fe3dc90ca310d27b3efccd8f83de3052cad1e48938c68d095aac91b5f37e28bb49ec7ed597
发行人的公钥证书: a908db21d6fb4127c1773ee444304e93a7aae7ff224ee9a57d2a42ba56f1eeca490953548442780185defa3324a812e78c4f7221a27aa25cb9deb3db1947f6dc9b6e124d26695a4ef4fa6ff1046e2011927a1fc05a3277601df806afb717b875c48e3bba5ac7a225aefe4869d9cc8b558f3d3dd6cbf783623cd13e450cebba2143cb037bad35800492a0afb7da0460dac23a827adb29350cab8ee139705e1756aece0b9eaeb0989d9960b4afa0416826
恢复的数据: 6A02xxxxxxFF122200A3AE0101B001C0426845C5E84328A7DEA291AF32EBA038691945CC3833400DDBEED0943F3D8B93229AD01DA7C577015AC79AF67F07676F2CCA96C469C07CB0F3D4AFAE61445009CA8135329E4D698E2C3331AD5B067F2CC2E34C890A45247841B720F6A467672DAE6E299E8CD064B1880EF7EC3B50C325425E078A053CFFC8763C1A696429A198B479FC075FC8C1162F64050FAF7748B3F45271637E55249AF5C1D2B435E39FBC
数据标题:6A
数据格式:02
发行人标识符:xxxxxxFF
证书有效期:1222
证书编号:00A3AE
哈希算法指标:01
颁发者公钥算法指标:01
发行人公钥长度:B0
发行人公钥指数长度:01
发卡行公钥:C0426845C5E84328A7DEA291AF32EBA038691945CC3833400DDBEED0943F3D8B93229AD01DA7C577015AC79AF67F07676F2CCA96C469C07CB0F3D4AFAE61445009CA8135329E4D698E2C3331AD5B067F2CC2E34C890A45247841B720F6A467672DAE6E299E8CD064B1880EF7EC3B50C325425E078A053CFFC8763C1A696429A198B479FC075FC8C1162F6405
哈希结果:0FAF7748B3F45271637E55249AF5C1D2B435E39F
数据预告片:BC
恢复数据验证:
步骤1:具有相同大小的CA PK模块和颁发者公钥证书:通过
第2步:恢复数据预告片检查:通过
步骤3:恢复的数据头检查(0x6A):通过
步骤4:证书格式检查(0x02):通过
步骤5:哈希输入数据:02545210FF122200A3AE0101B001C0426845C5E84328A7DEA291AF32EBA038691945CC3833400DDBEED0943F3D8B93229AD01DA7C577015AC79AF67F07676F2CCA96C469C07CB0F3D4AFAE61445009CA8135329E4D698E2C3331AD5B067F2CC2E34C890A45247841B720F6A467672DAE6E299E8CD064B1880EF7EC3B50C325425E078A053CFFC8763C1A696429A198B479FC075FC8C1162F64055f92199f70c9a0648cb24f544d63cd640a5fa96234bcfbf245a123d2c7ff6035bedc99b903
第6步:哈希结果:0FAF7748B3F45271637E55249AF5C1D2B435E39F
第7步:哈希结果比较:通过
步骤8:颁发者标识符检查:通过
步骤9:证书到期日期检查:通过
步骤10:RID撤销检查:已跳过
步骤11:PK算法指示符检查:通过
步骤12:发卡行公钥模:C0426845C5E84328A7DEA291AF32EBA038691945CC3833400DDBEED0943F3D8B93229AD01DA7C577015AC79AF67F07676F2CCA96C469C07CB0F3D4AFAE61445009CA8135329E4D698E2C3331AD5B067F2CC2E34C890A45247841B720F6A467672DAE6E299E8CD064B1880EF7EC3B50C325425E078A053CFFC8763C1A696429A198B479FC075FC8C1162F64055f92199f70c9a0648cb24f544d63cd640a5fa96234bcfbf245a123d2c7ff6035bedc99b9
发行人PK模数:: C0426845C5E84328A7DEA291AF32EBA038691945CC3833400DDBEED0943F3D8B93229AD01DA7C577015AC79AF67F07676F2CCA96C469C07CB0F3D4AFAE61445009CA8135329E4D698E2C3331AD5B067F2CC2E34C890A45247841B720F6A467672DAE6E299E8CD064B1880EF7EC3B50C325425E078A053CFFC8763C1A696429A198B479FC075FC8C1162F64055f92199f70c9a0648cb24f544d63cd640a5fa96234bcfbf245a123d2c7ff6035bedc99b9
ICC的公钥证书:: 2c2ddf76f11a5f546f4d32b09a96f7c5fb5a586b946e37d038131a940537cf5bccb1f47a0c4c843e3e5a195bdd53f89cb9ebbaa6d8de316cfe7242a18ad0b79a88ece305146fe9ddeb810da109aff4f2f3c29cc011b67c2abf94c914face03f021fa7142687f1c9c39927a8eea6f53a5b47162e2f70e00c9af775be17fb144319810dd765ee377728eb2d19109af84acf47152cc144124b274158eee08d55766e2d44ffdcc5c2e4fe99199d8d34fd5bd
恢复的数据: 6A04BBBBBBBBBBBBBBBBFFFF102016080901018001B808719C2BE072F4A98F2E8A7485EBEA7DA2BBCE8ECD288B39AEE371E4ACEC4D1D181A92117C46AE85F44FDA8CE2D42C6A0D868893AD7929A9F2463004063A75A146EF65AEA8F254B4297831FF411C23B22859B411B31E71A778F09CD1035B3619F19D72F334629CBB49246A623B005840A2393D26FD7F88FAA7B9D463A8831FBBBBBBBBBBBB216E43FF2D57A8BC98F4ECE45776BDBADB680B1FBC
数据标题:6A
数据格式:04
申请PAN:xxxxxxxxxxxxxxxxFFFF
证书失效日期:1020
证书编号:160809
哈希算法指标:01
ICC公钥算法指标:01
ICC公钥长度:80
ICC公钥指数长度:01
IC卡公钥:B808719C2BE072F4A98F2E8A7485EBEA7DA2BBCE8ECD288B39AEE371E4ACEC4D1D181A92117C46AE85F44FDA8CE2D42C6A0D868893AD7929A9F2463004063A75A146EF65AEA8F254B4297831FF411C23B22859B411B31E71A778F09CD1035B3619F19D72F334629CBB49246A623B005840A2393D26FD7F88FAA7B9D463A8831FBBBBBBBBBBBB
哈希结果:216E43FF2D57A8BC98F4ECE45776BDBADB680B1F
数据预告片:BC
ICC恢复数据验证: 第1步:发行人的PK模数和具有相同规模的ICC公钥证书:通过
第2步:恢复数据预告片检查:通过
步骤3:恢复的数据头检查(0x6A):通过
步骤4:证书格式检查(0x04):通过
步骤5:哈希输入数据:04BBBBBBBBBBBBBBBBFFFF102016080901018001B808719C2BE072F4A98F2E8A7485EBEA7DA2BBCE8ECD288B39AEE371E4ACEC4D1D181A92117C46AE85F44FDA8CE2D42C6A0D868893AD7929A9F2463004063A75A146EF65AEA8F254B4297831FF411C23B22859B411B31E71A778F09CD1035B3619F19D72F334629CBB49246A623B005840A2393D26FD7F88FAA7B9D463A8831FBBBBBBBBBBBB039f420208405f25031608015f24032010315a08BBBBBBBBBBBBBBBB5f3401019f0702ff008c219f02069f03069f1a0295055f2a029a039c019f37049f35019f45029f4c089f34038d0c910a8a0295059f37049f4c088e14000000000000000042011e034203440341031f009f0d05bc50bc00009f0e0500000000009f0f05bc70bc98005f280208409f4a01823800
步骤6:哈希结果:216E43FF2D57A8BC98F4ECE45776BDBADB680B1F
第7步:哈希结果比较:通过
步骤8:颁发者标识符检查:通过
步骤9:证书到期日期检查:通过
步骤10:ICC PK算法指示符检查:通过
步骤11:IC卡公钥模量:b808719c2be072f4a98f2e8a7485ebea7da2bbce8ecd288b39aee371e4acec4d1d181a92117c46ae85f44fda8ce2d42c6a0d868893ad7929a9f2463004063a75a146ef65aea8f254b4297831ff411c23b22859b411b31e71a778f09cd1035b3619f19d72f334629cbb49246a623b005840a2393d26fd7f88faa7b9d463a8831f
ICC PK Modulus :: b808719c2be072f4a98f2e8a7485ebea7da2bbce8ecd288b39aee371e4acec4d1d181a92117c46ae85f44fda8ce2d42c6a0d868893ad7929a9f2463004063a75a146ef65aea8f254b4297831ff411c23b22859b411b31e71a778f09cd1035b3619f19d72f334629cbb49246a623b005840a2393d26fd7f88faa7b9d463a8831f
签名动态应用程序数据: 370c16af6bb1eb04cc2bbe6ad5d0612a76ebad966eb708a9a72814eced6807d64d6ec5ae4070290db34d2bb5272d99af30412bf1102e73c3a88eec4f94cdeb9c4e74e7fcf67c51607071eddf6557d698aab99072818cf9536217b8a453d70483e6736345b87bc11babf84835d44436fff5e0c7cf3a36455208a6a9172483d39f
恢复的数据: 6A05010908A23CB6491FC29772BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB2248D68D019D96F72D6494F1ED17781C29E50E36BC
数据标题:6A
签名数据格式:05
哈希算法指标:01
动态数据长度:09
ICC动态数据:08A23CB6491FC29772 垫图样:BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
哈希结果:2248D68D019D96F72D6494F1ED17781C29E50E36
数据预告片:BC
SDAD恢复数据验证:
步骤1:具有相同长度的发行方PK模数和签名静态应用数据:通过
第2步:恢复数据预告片检查:通过
步骤3:恢复的数据头检查(0x6A):通过
步骤4:证书格式检查(0x05):通过
步骤5:哈希输入数据:05010908A23CB6491FC29772BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB9D69CB85
第6步:哈希结果:2248D68D019D96F72D6494F1ED17781C29E50E36
第7步:哈希结果比较:通过
[GenerateAC1]
要求:80AE80002B0000000001000000000000500840008004700008401706072154A6413F240000A23CB6491FC297721f000000
回复:6985
由于
答案 0 :(得分:1)
基于您的CDOL1和日志格式我假设您使用的是M / Chip4或M / Chip Advance卡。关于DAC和IDN的假设是错误的 - 正如@adarsh指出的那样,只有在线终端不需要支持任何形式的官方发展援助。与您没有分配值的任何对象一样,您应该使用填充(全零)填充这些字段。 您遇到的情况可能是内部安全控制导致最大生成密码数量的结果(有关详细信息,请参阅卡应用程序规范)。 您需要开始使用测试卡进行开发,因为PCI DSS和PCI PA DSS也正式禁止使用测试卡进行开发和测试。