add cmac intermediate values

2023-09-16 18:36:14 +01:00 · 2023-09-16 18:36:14 +01:00 · c36e19405d
commit c36e19405d
parent 2b0392ea44
2 changed files with 64 additions and 1 deletions
--- a/cli/main.go
+++ b/cli/main.go
@ -5,10 +5,59 @@ import (
 	"fmt"
 	"github.com/boltcard/boltcard/crypto"
 	"os"
+  "bytes"
+  "crypto/aes"
+  "github.com/aead/cmac"
 )

 // inspired by parse_request() in lnurlw_request.go

+func aes_cmac(key_sdm_file_read_mac []byte, sv2 []byte, ba_c []byte) (bool, error) {
+
+	c2, err := aes.NewCipher(key_sdm_file_read_mac)
+	if err != nil {
+		return false, err
+	}
+
+	ks, err := cmac.Sum(sv2, c2, 16)
+	if err != nil {
+		return false, err
+	}
+
+	fmt.Println("ks = ", ks)
+
+	c3, err := aes.NewCipher(ks)
+	if err != nil {
+  	return false, err
+	}
+
+	cm, err := cmac.Sum([]byte{}, c3, 16)
+	if err != nil {
+		return false, err
+	}
+
+	fmt.Println("cm = ", cm)
+
+	ct := make([]byte, 8)
+	ct[0] = cm[1]
+	ct[1] = cm[3]
+	ct[2] = cm[5]
+	ct[3] = cm[7]
+	ct[4] = cm[9]
+	ct[5] = cm[11]
+	ct[6] = cm[13]
+	ct[7] = cm[15]
+
+	fmt.Println("ct = ", ct)
+
+	res_cmac := bytes.Compare(ct, ba_c)
+	if res_cmac != 0 {
+		return false, nil
+	}
+
+	return true, nil
+}
+
 func check_cmac(uid []byte, ctr []byte, k2_cmac_key []byte, cmac []byte) (bool, error) {

 	sv2 := make([]byte, 16)
@ -29,7 +78,9 @@ func check_cmac(uid []byte, ctr []byte, k2_cmac_key []byte, cmac []byte) (bool,
 	sv2[14] = ctr[1]
 	sv2[15] = ctr[0]

-	cmac_verified, err := crypto.Aes_cmac(k2_cmac_key, sv2, cmac)
+  fmt.Println("sv2 = ", sv2)
+
+	cmac_verified, err := aes_cmac(k2_cmac_key, sv2, cmac)

 	if err != nil {
 		return false, err
--- a/docs/TEST_VECTORS.md
+++ b/docs/TEST_VECTORS.md
@ -13,6 +13,10 @@ aes_decrypt_key =  0c3b25d92b38ae443229dd59ad34b85d
 aes_cmac_key =  b45775776cb224c75bcde7ca3704e933

 decrypted card data : uid 04996c6a926980 , ctr 000003
+sv2 =  [60 195 0 1 0 128 4 153 108 106 146 105 128 3 0 0]
+ks =  [242 92 75 92 230 171 63 244 5 242 135 175 172 78 77 26]
+cm =  [118 225 233 156 238 203 64 31 163 237 110 136 112 146 124 206]
+ct =  [225 156 203 31 237 136 146 206]
 cmac validates ok


@ -25,6 +29,10 @@ aes_decrypt_key =  0c3b25d92b38ae443229dd59ad34b85d
 aes_cmac_key =  b45775776cb224c75bcde7ca3704e933

 decrypted card data : uid 04996c6a926980 , ctr 000005
+sv2 =  [60 195 0 1 0 128 4 153 108 106 146 105 128 5 0 0]
+ks =  [73 70 39 105 116 24 126 152 96 101 139 189 130 16 200 190]
+cm =  [94 102 243 180 93 130 2 110 198 164 241 193 67 85 112 180]
+ct =  [102 180 130 110 164 193 85 180]
 cmac validates ok


@ -37,6 +45,10 @@ aes_decrypt_key =  0c3b25d92b38ae443229dd59ad34b85d
 aes_cmac_key =  b45775776cb224c75bcde7ca3704e933

 decrypted card data : uid 04996c6a926980 , ctr 000007
+sv2 =  [60 195 0 1 0 128 4 153 108 106 146 105 128 7 0 0]
+ks =  [97 189 177 81 15 79 217 5 102 95 162 58 192 199 38 97]
+cm =  [40 204 202 97 87 102 6 12 101 2 250 11 199 77 73 150]
+ct =  [204 97 102 12 2 11 77 150]
 cmac validates ok

 ```