web/boltcard
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

add cmac intermediate values

Browse source
This commit is contained in:
Peter Rounce 2023-09-16 18:36:14 +01:00
parent 2b0392ea44
commit c36e19405d
2 changed files with 64 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

53
cli/main.go
View file

@ -5,10 +5,59 @@ import (
"fmt" "fmt"
"github.com/boltcard/boltcard/crypto" "github.com/boltcard/boltcard/crypto"
"os" "os"
"bytes"
"crypto/aes"
"github.com/aead/cmac"
) )
// inspired by parse_request() in lnurlw_request.go // inspired by parse_request() in lnurlw_request.go
func aes_cmac(key_sdm_file_read_mac []byte, sv2 []byte, ba_c []byte) (bool, error) {
c2, err := aes.NewCipher(key_sdm_file_read_mac)
if err != nil {
return false, err
}
ks, err := cmac.Sum(sv2, c2, 16)
if err != nil {
return false, err
}
fmt.Println("ks = ", ks)
c3, err := aes.NewCipher(ks)
if err != nil {
return false, err
}
cm, err := cmac.Sum([]byte{}, c3, 16)
if err != nil {
return false, err
}
fmt.Println("cm = ", cm)
ct := make([]byte, 8)
ct[0] = cm[1]
ct[1] = cm[3]
ct[2] = cm[5]
ct[3] = cm[7]
ct[4] = cm[9]
ct[5] = cm[11]
ct[6] = cm[13]
ct[7] = cm[15]
fmt.Println("ct = ", ct)
res_cmac := bytes.Compare(ct, ba_c)
if res_cmac != 0 {
return false, nil
}
return true, nil
}
func check_cmac(uid []byte, ctr []byte, k2_cmac_key []byte, cmac []byte) (bool, error) { func check_cmac(uid []byte, ctr []byte, k2_cmac_key []byte, cmac []byte) (bool, error) {
sv2 := make([]byte, 16) sv2 := make([]byte, 16)
@ -29,7 +78,9 @@ func check_cmac(uid []byte, ctr []byte, k2_cmac_key []byte, cmac []byte) (bool,
sv2[14] = ctr[1] sv2[14] = ctr[1]
sv2[15] = ctr[0] sv2[15] = ctr[0]
cmac_verified, err := crypto.Aes_cmac(k2_cmac_key, sv2, cmac) fmt.Println("sv2 = ", sv2)
cmac_verified, err := aes_cmac(k2_cmac_key, sv2, cmac)
if err != nil { if err != nil {
return false, err return false, err

12
docs/TEST_VECTORS.md
View file

@ -13,6 +13,10 @@ aes_decrypt_key = 0c3b25d92b38ae443229dd59ad34b85d
aes_cmac_key = b45775776cb224c75bcde7ca3704e933 aes_cmac_key = b45775776cb224c75bcde7ca3704e933
decrypted card data : uid 04996c6a926980 , ctr 000003 decrypted card data : uid 04996c6a926980 , ctr 000003
sv2 = [60 195 0 1 0 128 4 153 108 106 146 105 128 3 0 0]
ks = [242 92 75 92 230 171 63 244 5 242 135 175 172 78 77 26]
cm = [118 225 233 156 238 203 64 31 163 237 110 136 112 146 124 206]
ct = [225 156 203 31 237 136 146 206]
cmac validates ok cmac validates ok
@ -25,6 +29,10 @@ aes_decrypt_key = 0c3b25d92b38ae443229dd59ad34b85d
aes_cmac_key = b45775776cb224c75bcde7ca3704e933 aes_cmac_key = b45775776cb224c75bcde7ca3704e933
decrypted card data : uid 04996c6a926980 , ctr 000005 decrypted card data : uid 04996c6a926980 , ctr 000005
sv2 = [60 195 0 1 0 128 4 153 108 106 146 105 128 5 0 0]
ks = [73 70 39 105 116 24 126 152 96 101 139 189 130 16 200 190]
cm = [94 102 243 180 93 130 2 110 198 164 241 193 67 85 112 180]
ct = [102 180 130 110 164 193 85 180]
cmac validates ok cmac validates ok
@ -37,6 +45,10 @@ aes_decrypt_key = 0c3b25d92b38ae443229dd59ad34b85d
aes_cmac_key = b45775776cb224c75bcde7ca3704e933 aes_cmac_key = b45775776cb224c75bcde7ca3704e933
decrypted card data : uid 04996c6a926980 , ctr 000007 decrypted card data : uid 04996c6a926980 , ctr 000007
sv2 = [60 195 0 1 0 128 4 153 108 106 146 105 128 7 0 0]
ks = [97 189 177 81 15 79 217 5 102 95 162 58 192 199 38 97]
cm = [40 204 202 97 87 102 6 12 101 2 250 11 199 77 73 150]
ct = [204 97 102 12 2 11 77 150]
cmac validates ok cmac validates ok
``` ```