Ejemplo n.º 1
0
def test_format_iso9564_2_pin_block_exception() -> None:
    # PIN < 4 bytes
    with pytest.raises(
        ValueError,
        match="PIN must be between 4 and 12 digits long",
    ):
        sm.format_iso9564_2_pin_block(pin=b"123")

    # PIN > 12 bytes
    with pytest.raises(
        ValueError,
        match="PIN must be between 4 and 12 digits long",
    ):
        sm.format_iso9564_2_pin_block(pin=b"1234567890123")
Ejemplo n.º 2
0
def test_mastercard_pin_change_12():
    """
    Test generation of offline PIN script with ISO format 2 PIN block
    PIN is 12 digits long.

    Master Key Derivation = Option A
    SMI/SMC using Common Session Key Derivation (EMV SU-46)
    PIN encipherment with optional padding when block is not
    multiple of 8. However, no padding takes place because PIN
    block is 8 bytes long.
    """
    # Verify issuer master key check digits
    iss_mk_smc = bytes.fromhex("11111111111111112222222222222222")
    assert tools.key_check_digits(iss_mk_smc, 3).hex().upper() == "D2B91C"
    iss_mk_smi = bytes.fromhex("0123456789ABCDEFFEDCBA9876543210")
    assert tools.key_check_digits(iss_mk_smi, 3).hex().upper() == "08D7B4"

    # Derive ICC master keys
    pan = b"1234567890123456"
    psn = b"01"
    icc_mk_smc = kd.derive_icc_mk_a(iss_mk_smc, pan, psn)
    assert tools.key_check_digits(icc_mk_smc, 3).hex().upper() == "6B0F76"
    icc_mk_smi = kd.derive_icc_mk_a(iss_mk_smi, pan, psn)
    assert tools.key_check_digits(icc_mk_smi, 3).hex().upper() == "02396B"

    # Verify SMC/SMI session key
    # Common Session Key Derivation Option
    r = bytes.fromhex("ABCDEF1234567890")
    sk_smc = kd.derive_common_sk(icc_mk_smc, r)
    assert tools.key_check_digits(sk_smc, 3).hex().upper() == "D694B8"
    sk_smi = kd.derive_common_sk(icc_mk_smi, r)
    assert tools.key_check_digits(sk_smi, 3).hex().upper() == "F088F8"

    # Encrypt new PIN
    pin_block = sm.format_iso9564_2_pin_block(b"999999999999")
    assert pin_block.hex().upper() == "2C999999999999FF"
    command_data = sm.encrypt_command_data(sk_smc, pin_block,
                                           sm.EncryptionType.MASTERCARD)
    assert command_data.hex().upper() == "99AD3AF9EB3ECF0C"

    # Script MAC generated using Session Key
    command_header = bytes.fromhex("8424000210")
    mac = sm.generate_command_mac(sk_smi, command_header + command_data)
    assert mac.hex().upper() == "1471D88C6393BE21"
Ejemplo n.º 3
0
def test_ccd_pin_change(pin: Union[bytes, str]) -> None:
    """
    Test generation of offline PIN script with ISO format 2 PIN block'
    Common Core Definition. Mandatory padding.

    Master Key Derivation = Option A
    SMI/SMC using Common Session Key Derivation (EMV SU-46)
    PIN encipherment with optional padding when block is not
    multiple of 8. However, no padding takes place because PIN
    block is 8 bytes long.
    """
    # Verify issuer master key check digits
    iss_mk_smc = bytes.fromhex("11111111111111112222222222222222")
    assert tools.key_check_digits(iss_mk_smc, 3).hex().upper() == "D2B91C"
    iss_mk_smi = bytes.fromhex("0123456789ABCDEFFEDCBA9876543210")
    assert tools.key_check_digits(iss_mk_smi, 3).hex().upper() == "08D7B4"

    # Derive ICC master keys
    pan = "1234567890123456"
    psn = "01"
    icc_mk_smc = kd.derive_icc_mk_a(iss_mk_smc, pan, psn)
    assert tools.key_check_digits(icc_mk_smc, 3).hex().upper() == "6B0F76"
    icc_mk_smi = kd.derive_icc_mk_a(iss_mk_smi, pan, psn)
    assert tools.key_check_digits(icc_mk_smi, 3).hex().upper() == "02396B"

    # Verify SMC/SMI session key
    # Common Session Key Derivation Option
    r = bytes.fromhex("ABCDEF1234567890")
    sk_smc = kd.derive_common_sk(icc_mk_smc, r)
    assert tools.key_check_digits(sk_smc, 3).hex().upper() == "D694B8"
    sk_smi = kd.derive_common_sk(icc_mk_smi, r)
    assert tools.key_check_digits(sk_smi, 3).hex().upper() == "F088F8"

    # Encrypt new PIN
    pin_block = sm.format_iso9564_2_pin_block(pin)
    assert pin_block.hex().upper() == "249999FFFFFFFFFF"
    command_data = sm.encrypt_command_data(sk_smc, pin_block,
                                           sm.EncryptionType.EMV)
    assert command_data.hex().upper() == "28367E05DE3381C29D30A6055A8DEB86"

    # Script MAC generated using Session Key
    command_header = bytes.fromhex("8424000210")
    mac = sm.generate_command_mac(sk_smi, command_header + command_data)
    assert mac.hex().upper() == "69DA1EE208823022"