问题
In the case of GETCHALLENGE Request (0084000000) in EMV, we are getting the positive response for VISA\DEBIT card, but for MASTERCARD we are getting the response as 6D00 (Instruction code not supported or invalid).
Here are the sequence of commands that are being executed prior to callling the Get Challenge in the case of MasterCard. The CDOL as you can see has the tag for ICC Dynamic number and when the call for getting the dynamic number by executing the get Challenge command, I get Instruction code not supported error message.
Answer To Reset
Response: 3b6d00000031c071d66419160100849000 Select Payment System Directory
Request : 00A404000E315041592E5359532E444446303100
Response : 6f1a840e315041592e5359532e4444463031a5088801015f2d02656e9000
Read Data
Request : 00B2010c00
Response : 701a61184f07a0000000041010500a4d6173746572436172648701019000
Select application
Request : 00A4040007a000000004101000
Response : 6f278407a0000000041010a51c500a4d6173746572436172648701015f2d02656ebf0c059f4d020b0a9000
Get Processing Options
Request : 80A8000002830000
Response : 770a820238009404100105019000
Internal Authenticate
Request : 0088000004E153F3E800
Response : 77539f4b508464f182032bd432f415ec7ddaa3e601526a2b860fcc9785475f8f45f095186e3658bc0a55bceb2d4c22fbded8af82bd81338e38961c5d000dd5a8f99d3ec0c774648534a2b362b55d4b9ee13f2043739000
Read data Request : 00B2011400
Response : 7081835f25031402015f24031703315a08XXXXXXXXXXXXXXXX5f3401019f0702ff008e10000000000000000042015e0342031f039f0d05b8500408009f0e0500008800009f0f05b8700498008c219f02069f03069f1a0295055f2a029a039c019f37049f35019f45029f4c089f34038d0c910a8a0295059f37049f4c085f280208409f4a01829000
Read data
Request : 00B2021400
Response : 70689f080200025711XXXXXXXXXXXXXXXXd1703201021010792f5f2018XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX5f300202019f1f1a30303030303030323130313030303030303739323030303030309f420208409f4401029f49039f37049f4701039000
Read data
Request : 00B2031400
Response : 7081b79f4681b0c507d5fc6f008bf22f04484d0522f9a652df181559a938096558461a6a44a3acc8e1e64fb901a3bd5fa656ea1ec2eb2021d8ddab983aa5362ae0972bb717dc8f852da5a3ad03884c2ef06c4f2a7c56ff9891dd800707665569fb32bb05425c6d5a7461f2a604eb681d659bf052cad311af2b29e8a571a8e93a015814090eb13589e40756b5706e4e5bb75a1734f871aa6e6894f959f020854dfa9bca011340b470e5c45309f91486e7aa882a9109df708f01059000
Read data
Request : 00B2041400
Response : 7081b39081b057591da6a8901a96bb23f5ebbf6d86ae95b07395146a9a940833b1ba052e65676c9c4f7d0d86ec55f58a75647736b31895a7d1f439f777abc8866abd9054ebebed31f882fa05d6188da55f9a9ebf346e3a93e9cd0663fddaaa56f55d56ba37f5405804e873edd79fefd9957114e1c6826240b5ff049a0ea221310b1f25d6586863550673f979956de1df27f0bd91bfac6d4aa2b239d290b90a10b6b9f54ac006e3b917e3bb3e87e430ecb1927579fa979000
Read data
Request : 00B2051400
Response : 702a9f3201039224be09660a5a008739dcaa90106e2d4e0b99d3996fb7284012c1255c17e2709a52cdb9d7cb9000
Get Data - Application Transaction Counter
Request : 80CA9F3600
Response : 6a88
get Data - Last Online ATC Register
Request : 80CA9F1300
Response : 6a88
get data - Pin Try Counter
Request : 80CA9F1700
Response : 9f1701039000
get Data - Log format
Request : 80CA9F4F00
Response : 9f4f119f27019f02065f2a029a039f36029f52069000
GetChallenge
Request : 0084000000
Response : 6d00
Please advice
回答1:
For ICC Dynamic number for CDOL, After GPO, Internal authenticate need to be issued to the card. This will give you Signed Dynamic Application Data( which is a certificate signed under ICC Private Key ).
Below are the contents of the certificate you provided which I opened using your ICC Public Key. You can see ICC dynamic data of which 08 is the length and C7C298C8C60E2984 is your dynamic number. Cheers, enjoy !!
As to how this is done, you need to read EMV 4.3 Book 2 Security and Key Management Section 6, Offline Dynamic Data Authentication. Happy learning. Let me know once you complete, and accept this answer
DDA: Signed Dynamic Application Data Verification **************************************** ICC PK Modulus: BC41FF9CEF143DBC67F3FBF9F17565F5C948B0106CFF664BCB54EE935AC5E2119B1879AB1DEF5F456FFB7C21FB30329FADE04E62E749719C7C2920B91E3C459712D296F2A0CB3566AA46C55DBBEA6BEB Signed Dynamic Application Data: 8464F182032BD432F415EC7DDAA3E601526A2B860FCC9785475F8F45F095186E3658BC0A55BCEB2D4C22FBDED8AF82BD81338E38961C5D000DD5A8F99D3EC0C774648534A2B362B55D4B9EE13F204373 ---------------------------------------- Recovered Data: 6A05010908C7C298C8C60E2984BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBF97A677485DC0A64971C54099583FBD0F39870D0BC Data Header: 6A Signed Data Format: 05 Hash Algorithm Indicator: 01 Dynamic Data length: 09 ICC Dynamic Data: 08C7C298C8C60E2984 Pad Pattern: BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB Hash Result: F97A677485DC0A64971C54099583FBD0F39870D0 Data Trailer: BC ---------------------------------------- Recovered Data validation: ---------------------------------------- Step 1: Issuer PK Modulus and Signed Static Application Data having the same length: Passed Step 2: Recovered Data Trailer check: Passed Step 3: Recovered Data Header check (0x6A): Passed Step 4: Certificate Format check (0x03): Passed Step 5: Hash Input Data: 05010908C7C298C8C60E2984BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBE153F3E8 Step 6: Hashing Result: F97A677485DC0A64971C54099583FBD0F39870D0 Step 7: Hash Result Comparison: Passed ---------------------------------------- DDA Validation Succeed.
来源:https://stackoverflow.com/questions/44108376/getchallenge-issue6d00-in-emv-for-mastercard