在IC卡认证过程中,最终极的的错误莫属DDA认证,由于涉及多次对称和非对称算法,所以碰到后一般都难以入手,PBOC规范写的比较凌乱,所以下面附一段机具和卡片的交互日志,有需要的可以配合一个加解密工具分析下具体执行流程。
机具与卡交互日志
---> 00A404000E 325041592E5359532E4444463031 <--- 6F39840E325041592E5359532E4444463031A527BF0C2461224F10A0000003330101065133020000000017500B50424F4320437265646974870101[9000] 选择交易环境PPSE,建立交易应用列表成功 ********************************* 交易环境选择结束 ********************************* ********************************* 选择交易应用 ********************************* ---> 00A4040010 A0000003330101065133020000000017 <--- 6F518410A0000003330101065133020000000017A53D500A50424F432044454249549F38189F66049F02069F03069F1A0295055F2A029A039C019F37045F2D027A689F1101019F120A50424F43204445424954[9000] 选择交易应用成功 ********************************* 选择交易应用结束 ********************************* ********************************* 初始化应用 ********************************* ---> 80A8000023 8321BE00000000000000020000000000000001560000000000015615080400118A118A <--- 775A82027C009410180305011801010030010100280101009F360200119F2608A93B37C2EF49E7709F101307010103900000010A010000020000C8AB4F4F57136217790001000000030D18082209222143528F5F3401009F6C020000[9000] 发送GPO指令成功 ********************************* 初始化应用结束 ********************************* ------------------ qPBOC交易处理 ------------------ ********************************* 密文类型检查 ********************************* 脱机处理 ********************************* 密文类型检查结束 ********************************* ********************************* 读取应用数据 ********************************* Read Record : SFI = 3,RecordNum = 3 ---> 00B2031C00 <--- 70485F24031808315F25031407015A0A6217790001000000030F9F0702FF008E0C00000000000000005E031F009F0D05D8603CA8009F0E0500108000009F0F05D8683CF8005F28020156[9000] [5F24] 03 180831 [5F25] 03 140701 [5A] 0A 6217790001000000030F [9F07] 02 FF00 [8E] 0C 00000000000000005E031F00 [9F0D] 05 D8603CA800 [9F0E] 05 0010800000 [9F0F] 05 D8683CF800 [5F28] 02 0156 Read Record : SFI = 3,RecordNum = 4 ---> 00B2041C00 <--- 7081E59F4681B008C82C06610FBC653409D34ACC929C9D98F7DEA06CFEFD234B8ED5FADBE653BB03C8B24A0C073286CD4F59F66A90986F5605071B982487A015AA996176BE7E92AF31176174A72E281017847EC608C8E86D2A217E55165C8EC5C0A7568D6817CB1EBAB024213DCB9A43C9CF0CCBFFCAEBF7A3177CBA54C93967B5AA0776079987333B628143FB259BF2E0395A3176E7D2D433B882BE57123685FED9B0A52A56C5FCC7FC39834C96A8F68B5F9E0ED06BC19F4701039F482A271444DD0E44DFFA28487D664A3B3142C2EF2253D772C045279A08C7F53C84F8E49FD525A0758CFABD33[9000] [9F46] B0 08C82C06610FBC653409D34ACC929C9D98F7DEA06CFEFD234B8ED5FADBE653BB03C8B24A0C073286CD4F59F66A90986F5605071B982487A015AA996176BE7E92AF31176174A72E281017847EC608C8E86D2A217E55165C8EC5C0A7568D6817CB1EBAB024213DCB9A43C9CF0CCBFFCAEBF7A3177CBA54C93967B5AA0776079987333B628143FB259BF2E0395A3176E7D2D433B882BE57123685FED9B0A52A56C5FCC7FC39834C96A8F68B5F9E0ED06BC1 [9F47] 01 03 [9F48] 2A 271444DD0E44DFFA28487D664A3B3142C2EF2253D772C045279A08C7F53C84F8E49FD525A0758CFABD33 Read Record : SFI = 3,RecordNum = 5 ---> 00B2051C00 <--- 7081CA9381B061129467CB2430F124B83909BB866E32099BD5A6EB3ACB78F1E0245157B30FF5929E493B4B190DCC60BD13DD5281C5404FECB8AD1904060526ACB675BCDF268DFAFCE38F141934FBB1FC070E816E381CC2C1DB7CF152B7B3E32E66AEA0B0F3F753283D02EC2D6547E9E8125A9477902423F7081275D3EA50C5E706AB48A73DAA9AD927D8A235BE7974C01A2C793F02292E6B736E0A90D2BC67A210E961D50D9CF001F24F5D1466834D2DE0282F4710ED9F4A01829F631031343336373030300000200000000000[9000] [93] B0 61129467CB2430F124B83909BB866E32099BD5A6EB3ACB78F1E0245157B30FF5929E493B4B190DCC60BD13DD5281C5404FECB8AD1904060526ACB675BCDF268DFAFCE38F141934FBB1FC070E816E381CC2C1DB7CF152B7B3E32E66AEA0B0F3F753283D02EC2D6547E9E8125A9477902423F7081275D3EA50C5E706AB48A73DAA9AD927D8A235BE7974C01A2C793F02292E6B736E0A90D2BC67A210E961D50D9CF001F24F5D1466834D2DE0282F4710ED [9F4A] 01 82 [9F63] 10 31343336373030300000200000000000 Read Record : SFI = 3,RecordNum = 1 ---> 00B2011C00 <--- 7081E09081B0107B7694025FE4573AFB2347D056E8C24EF1C148AC011E162602B369F248586713F5B48D2A236547664A01A1679982AFA773EF76DBD941E09D66E8524E2EDB36ADDA9AC68F2CC58AD9CC86B4A2BCA723F867A7F8C6F412BA668D81FF5AFD64DA067E37036486EB1C2408E90B1A48DE8952AEA03D0B79137E161AB9321F7F7627245CCDFE5F2C174A5563D68E9BB13958D8833F49B14C4EF32717A764A941B13FBF524CB270B0F2ADA9BA7603A02D2F6C8F01099F32010392240316536320A706BBC4CE88A059510B72FC27AE8A8ECB6755DD0BBAD1C27109FB24865CA3[9000] [90] B0 107B7694025FE4573AFB2347D056E8C24EF1C148AC011E162602B369F248586713F5B48D2A236547664A01A1679982AFA773EF76DBD941E09D66E8524E2EDB36ADDA9AC68F2CC58AD9CC86B4A2BCA723F867A7F8C6F412BA668D81FF5AFD64DA067E37036486EB1C2408E90B1A48DE8952AEA03D0B79137E161AB9321F7F7627245CCDFE5F2C174A5563D68E9BB13958D8833F49B14C4EF32717A764A941B13FBF524CB270B0F2ADA9BA7603A02D2F6C [8F] 01 09 [9F32] 01 03 [92] 24 0316536320A706BBC4CE88A059510B72FC27AE8A8ECB6755DD0BBAD1C27109FB24865CA3 Read Record : SFI = 6,RecordNum = 1 ---> 00B2013400 <--- 7081BD9F4B81B05537C80A09CDEB2CB1A4DDC3F8799809EC10227E909391B940551DF2795864C5334415C283F402792D95C37BFB4D627D82A3E769A363CDACC855F0FD38E500184E918A81CFC6BD12F03DC0CDF7183AB4978ECD49CD2B5AA633C8C85AFE20FF57EFFEDFF851B90A545D2106F5EE6559122E794A865F503133F5DFAD5BDF1F96BE5219754C7D600AE05C894A7EC3CAF04A3FC46FCB7AD3E41AD793830599B01DE7B01AD321916979F63AAC9F626A4454969F5D06000000020000[9000] [9F4B] B0 5537C80A09CDEB2CB1A4DDC3F8799809EC10227E909391B940551DF2795864C5334415C283F402792D95C37BFB4D627D82A3E769A363CDACC855F0FD38E500184E918A81CFC6BD12F03DC0CDF7183AB4978ECD49CD2B5AA633C8C85AFE20FF57EFFEDFF851B90A545D2106F5EE6559122E794A865F503133F5DFAD5BDF1F96BE5219754C7D600AE05C894A7EC3CAF04A3FC46FCB7AD3E41AD793830599B01DE7B01AD321916979F63AAC9F626A445496 [9F5D] 06 000000020000 Read Record : SFI = 5,RecordNum = 1 ---> 00B2012C00 <--- 70099F7406454343303031[9000] [9F74] 06 454343303031 静态认证的应用数据 5F24031808315F25031407015A0A6217790001000000030F9F0702FF008E0C00000000000000005E031F009F0D05D8603CA8009F0E0500108000009F0F05D8683CF8005F28020156 ********************************* 读取应用数据结束 ********************************* 终端下电 ********************************* 异常文件检查 ********************************* 异常文件检查成功 ********************************* 异常文件检查结束 ********************************* 读取卡应用数据成功,持卡人可以移开卡片 ********************************* 分析做脱机数据认证 ********************************* 脱机数据认证-终端使用RSA/SHA-1/3DES算法 快速动态数据认证,fDDA CA公钥RID: A000000333 CA公钥PKI [8F]: 09 CA公钥模: EB374DFC5A96B71D2863875EDA2EAFB96B1B439D3ECE0B1826A2672EEEFA7990286776F8BD989A15141A75C384DFC14FEF9243AAB32707659BE9E4797A247C2F0B6D99372F384AF62FE23BC54BCDC57A9ACD1D5585C303F201EF4E8B806AFB809DB1A3DB1CD112AC884F164A67B99C7D6E5A8A6DF1D3CAE6D7ED3D5BE725B2DE4ADE23FA679BF4EB15A93D8A6E29C7FFA1A70DE2E54F593D908A3BF9EBBD760BBFDC8DB8B54497E6C5BE0E4A4DAC29E5 CA公钥指数: 03 发卡行公钥证书 [90]: 107B7694025FE4573AFB2347D056E8C24EF1C148AC011E162602B369F248586713F5B48D2A236547664A01A1679982AFA773EF76DBD941E09D66E8524E2EDB36ADDA9AC68F2CC58AD9CC86B4A2BCA723F867A7F8C6F412BA668D81FF5AFD64DA067E37036486EB1C2408E90B1A48DE8952AEA03D0B79137E161AB9321F7F7627245CCDFE5F2C174A5563D68E9BB13958D8833F49B14C4EF32717A764A941B13FBF524CB270B0F2ADA9BA7603A02D2F6C 使用CA公钥对发卡行公钥证书解密后: 6A02621779FF08180025100101B001B9510E00B3888EAA8373B10B4D7A4E2CCD6E8E8600D512DD877CE3F58772D547CE8F97A810B842E3EC7943BD65F64EEF1B65A790E47906F07A49C6F45E61E01DCD2B0FD73674E509AE926942FF3D6B93048036880B262FC086B2521943BB5EF7AEF53ABB7823707BDDEFC3ED80BB3DBC1FE6C00AD918280223E9E62D5E81B293EDA2191893219381B28B40662ED9E62B0A13E722C068EB889CA7B1E9C8E66A66BC 发卡行公钥余项 [92]: 0316536320A706BBC4CE88A059510B72FC27AE8A8ECB6755DD0BBAD1C27109FB24865CA3 发卡行公钥指数 [9F32]: 03 计算哈希值输入数据: 02621779FF08180025100101B001B9510E00B3888EAA8373B10B4D7A4E2CCD6E8E8600D512DD877CE3F58772D547CE8F97A810B842E3EC7943BD65F64EEF1B65A790E47906F07A49C6F45E61E01DCD2B0FD73674E509AE926942FF3D6B93048036880B262FC086B2521943BB5EF7AEF53ABB7823707BDDEFC3ED80BB3DBC1FE6C00AD918280223E9E62D5E81B293EDA2191893219381B28B40660316536320A706BBC4CE88A059510B72FC27AE8A8ECB6755DD0BBAD1C27109FB24865CA303 终端计算哈希结果: 2ED9E62B0A13E722C068EB889CA7B1E9C8E66A66 卡恢复哈希数据: 2ED9E62B0A13E722C068EB889CA7B1E9C8E66A66 终端交易日期 [9A]: 150804 证书有效日期: 1808 发卡行公钥模: B9510E00B3888EAA8373B10B4D7A4E2CCD6E8E8600D512DD877CE3F58772D547CE8F97A810B842E3EC7943BD65F64EEF1B65A790E47906F07A49C6F45E61E01DCD2B0FD73674E509AE926942FF3D6B93048036880B262FC086B2521943BB5EF7AEF53ABB7823707BDDEFC3ED80BB3DBC1FE6C00AD918280223E9E62D5E81B293EDA2191893219381B28B40660316536320A706BBC4CE88A059510B72FC27AE8A8ECB6755DD0BBAD1C27109FB24865CA3 ICC公钥证书 [9F46]: 08C82C06610FBC653409D34ACC929C9D98F7DEA06CFEFD234B8ED5FADBE653BB03C8B24A0C073286CD4F59F66A90986F5605071B982487A015AA996176BE7E92AF31176174A72E281017847EC608C8E86D2A217E55165C8EC5C0A7568D6817CB1EBAB024213DCB9A43C9CF0CCBFFCAEBF7A3177CBA54C93967B5AA0776079987333B628143FB259BF2E0395A3176E7D2D433B882BE57123685FED9B0A52A56C5FCC7FC39834C96A8F68B5F9E0ED06BC1 使用发卡行公钥对ICC公钥证书解密后: 6A046217790001000000030F12190ABB3E0101B001ADAFAAFB0225F1C283B4A3B48C35D1015D3BE22A2054992CC2B8B33076164B33279103F7099DD12F190EE72CE50E38F0C09BF399FB6E96CF4045F47672AA0AA273E245EBF853E1AB85F4EB4285DEC23D2096285AF8AE429FA6913A079E8F96D7CF7FC05A374D3566B9013C129DE2F1F4EE1C2D1B54CBC85936F00B4BAF42FEA5E1CD3662D31AFB4A244A8C44E418AC0CA2871022982A73F595A9BC ICC公钥余项 [9F48]: 271444DD0E44DFFA28487D664A3B3142C2EF2253D772C045279A08C7F53C84F8E49FD525A0758CFABD33 ICC公钥指数: 03 计算哈希的输入数据: 046217790001000000030F12190ABB3E0101B001ADAFAAFB0225F1C283B4A3B48C35D1015D3BE22A2054992CC2B8B33076164B33279103F7099DD12F190EE72CE50E38F0C09BF399FB6E96CF4045F47672AA0AA273E245EBF853E1AB85F4EB4285DEC23D2096285AF8AE429FA6913A079E8F96D7CF7FC05A374D3566B9013C129DE2F1F4EE1C2D1B54CBC85936F00B4BAF42FEA5E1CD3662D31A271444DD0E44DFFA28487D664A3B3142C2EF2253D772C045279A08C7F53C84F8E49FD525A0758CFABD33035F24031808315F25031407015A0A6217790001000000030F9F0702FF008E0C00000000000000005E031F009F0D05D8603CA8009F0E0500108000009F0F05D8683CF8005F280201567C00 终端计算哈希结果: 8B9A1A737F78BB13DB342E0A5770B1F7D8BE9092 卡恢复哈希数据: FB4A244A8C44E418AC0CA2871022982A73F595A9 哈希校验不正确 快速动态数据认证fDDA失败 分析做数据认证失败 ********************************* 分析做脱机数据认证结束 ********************************* 脱机拒绝(Offline Decline) ********************************* 脱机交易处理结束 *********************************制卡文件
010117701557136217790001000000030D18082209222143528F 01025270505F201A20202020202020202020202020202020202020202020202020209F6119202020202020202020202020202020202020202020202020209F6201009F631031343336373030300000200000000000 02014C704A5F24031808315F25031407015A0A6217790001000000030F9F0702FF008E0E0000000000000000020303031F009F0D05D86004A8009F0E0500109800009F0F05D86804F8005F28020156 0202E87081E59F4681B008C82C06610FBC653409D34ACC929C9D98F7DEA06CFEFD234B8ED5FADBE653BB03C8B24A0C073286CD4F59F66A90986F5605071B982487A015AA996176BE7E92AF31176174A72E281017847EC608C8E86D2A217E55165C8EC5C0A7568D6817CB1EBAB024213DCB9A43C9CF0CCBFFCAEBF7A3177CBA54C93967B5AA0776079987333B628143FB259BF2E0395A3176E7D2D433B882BE57123685FED9B0A52A56C5FCC7FC39834C96A8F68B5F9E0ED06BC19F4701039F482A271444DD0E44DFFA28487D664A3B3142C2EF2253D772C045279A08C7F53C84F8E49FD525A0758CFABD33 0203BA7081B79381B0536DDF6FE5239381A36DD7A5D959C36B4C665E974A74FEEE9AADE89433F82E24F13D7FBBEDC75903D2140094185A5D8504FC512B036DF745D9A68A36AB26961AE6FA8E6E01037DD1C7979514F169CB76A4603B705A6A0CB80F4FBBC647CB51B6CECFD98865468C7FDCA0329C555AEBC89A51703054F688AF4EF0DC520E66BF3277D49888B904393C486B559C04E8F9852A9B2F60AE633C4D0AC6F394CC4A0F9538B0AC1977AC41D37D960DA690A473E69F4A0182 0301E37081E09081B0107B7694025FE4573AFB2347D056E8C24EF1C148AC011E162602B369F248586713F5B48D2A236547664A01A1679982AFA773EF76DBD941E09D66E8524E2EDB36ADDA9AC68F2CC58AD9CC86B4A2BCA723F867A7F8C6F412BA668D81FF5AFD64DA067E37036486EB1C2408E90B1A48DE8952AEA03D0B79137E161AB9321F7F7627245CCDFE5F2C174A5563D68E9BB13958D8833F49B14C4EF32717A764A941B13FBF524CB270B0F2ADA9BA7603A02D2F6C8F01099F32010392240316536320A706BBC4CE88A059510B72FC27AE8A8ECB6755DD0BBAD1C27109FB24865CA3 03025B70595F300202208C1B9F02069F03069F1A0295055F2A029A039C019F37049F21039F4E148D1D8A029F02069F03069F1A0295055F2A029A039C019F37049F21039F4E149F4401029F420201569F080200209F49039F37045F340100 03034A70485F24031808315F25031407015A0A6217790001000000030F9F0702FF008E0C00000000000000005E031F009F0D05D8603CA8009F0E0500108000009F0F05D8683CF8005F28020156 0304E87081E59F4681B008C82C06610FBC653409D34ACC929C9D98F7DEA06CFEFD234B8ED5FADBE653BB03C8B24A0C073286CD4F59F66A90986F5605071B982487A015AA996176BE7E92AF31176174A72E281017847EC608C8E86D2A217E55165C8EC5C0A7568D6817CB1EBAB024213DCB9A43C9CF0CCBFFCAEBF7A3177CBA54C93967B5AA0776079987333B628143FB259BF2E0395A3176E7D2D433B882BE57123685FED9B0A52A56C5FCC7FC39834C96A8F68B5F9E0ED06BC19F4701039F482A271444DD0E44DFFA28487D664A3B3142C2EF2253D772C045279A08C7F53C84F8E49FD525A0758CFABD33 0305CD7081CA9381B061129467CB2430F124B83909BB866E32099BD5A6EB3ACB78F1E0245157B30FF5929E493B4B190DCC60BD13DD5281C5404FECB8AD1904060526ACB675BCDF268DFAFCE38F141934FBB1FC070E816E381CC2C1DB7CF152B7B3E32E66AEA0B0F3F753283D02EC2D6547E9E8125A9477902423F7081275D3EA50C5E706AB48A73DAA9AD927D8A235BE7974C01A2C793F02292E6B736E0A90D2BC67A210E961D50D9CF001F24F5D1466834D2DE0282F4710ED9F4A01829F631031343336373030300000200000000000 04010A70089F1401009F230100 05010B70099F7406454343303031 09014D704BA539500A50424F432044454249548701019F38099F7A019F02065F2A025F2D027A689F1101019F120A50424F43204445424954BF0C059F4D020B0AFC024580FA0A6217790001000000030F 0D017B9F5801009F5901009F5301009F7201009F54060000000010009F5C060000001000009F4F199A039F21039F02069F03069F1A025F2A029F4E149C019F36029F77060000001000009F78060000001000009F79060000000000009F6D060000000000009F5D060000000000019F68049940F0009F6B06000000999999 0E013F9F510201569F5202C0009F5501C09F5601809F570201569F6C02000057136217790001000000030D18082209222143528F5F3401009F130200009F36020000 80003022E4E44F85D04F23A3E5373FB7FF78968BFEF8822D6D6D45871AAEF733311E7ED07B55168AB2781CEB9BACD8420A2031 801010CC4A7CD78D8711D7B3E784A4C180495D 82016030B014AEDE0DDB45D4D60C4FB684632EEA3C9A76FDB0DF0186E19BD87C9248645E6B2CD40D7359F1A8047CD172FD7C4A9DAA3A91536630785657F6A019793278FEC28C67498EED4A3AD07E9373850D39A81906C3C1EAD323B3E784A4C180495D 82026001D2256D391020AEC83C250345818291C88EF78F017F3AF848089CEFF6FA86F9A37C4C826FC856999649CECAE503597E9C2022FDE70C308754A417D4B99522065B5E14770E4CDC04AAAC1B1CB9BD21FAA5565C92AD6CA7DAB3E784A4C180495D 820360202EDE523C9FE139ADC10A2C18A583975C5B299E607E79BAFD8731C7DFE3F5864F5E0A3A143A1D72985836C640C988F7AC90CD3EB97C32F481433BD7D43BAF08418061CA6A9691FDC52D347866DA940EEA7FBD8D35A23E61B3E784A4C180495D 820460D1809963B676EC8DAD86F110868EA72B7046CCDDCBA61C9F4FD24F716E851C8B4DB1FC12EF23831E19D3BADF5BF31DB04F3EEEF6A8C656AEA277B79806F52A8FC5F5A592055EF6A2E1159F7BE7C385C4E4F76937A3CBB329B3E784A4C180495D 820560A6FACF6BEC98EB3280DC4BE6537576B4ACBF9A1A0288B759721005ECC88491D1D7D332DF370022E595A985A5B60D5CC845D4644722E4306416F8A221D042C46FE254E2C98CA0E1C4904F9A9324511C11B18B8DE7D2CC5FACB3E784A4C180495D 9000094522FDEBBFEA5FBEAA 9010020303 910238A536500A50424F432044454249549F38099F7A019F02065F2A025F2D027A689F1101019F120A50424F43204445424954BF0C059F4D020B0A 91033FA53D500A50424F432044454249549F38189F66049F02069F03069F1A0295055F2A029A039C019F37045F2D027A689F1101019F120A50424F43204445424954 91041682027C00941008010200100103011801020020010100 92000D9F100A07010103000000010A01 92060A82027C00940408010100 92072382027C009410180305011801010030010100280101009F100A07010103000000010A01