The Implementation of ALG_DES_MAC8_ISO9797_1_M2_ALG3

In order to work with the Java Card, we need to implement the algorithm ALG_DES_MAC8_ISO9797_1_M2_ALG3 outside the card.

 

Here is the instruction from Java Card Application Programming Interface:

 

public static final byte ALG_DES_MAC8_ISO9797_1_M2_ALG3Signature algorithm ALG_DES_MAC8_ISO9797_1_M2_ALG3 generates an 8-byte MAC using a 2-key DES3 key according to ISO9797-1 MAC algorithm 3 with method 2 (also EMV'96, EMV'2000), where input data is padded using method 2 and the data is processed as described in MAC Algorithm 3 of the ISO 9797-1 specification. The left key block of the triple DES key is used as a single DES key(K) and the right key block of the triple DES key is used as a single DES Key (K') during MAC processing. The final result is truncated to 8 bytes as described in ISO9797-1.

 

The instruction is too simple to implement the algorithm, so I have to get into the other document, and csme into the calculation process:

1, Pad the data to be signed with method 2:

2, Encrypt the padded data with K1 in DES CBC mode

3, Decrypt the last block with K2 in DES ECB mode

4, Encrypt the last block with K1 in DES ECB mode

Then the last block is our signature.

 

 

The Padding method:

Pad the message M according to ISO 7816-4 (which is equivalent to method 2 of ISO/IEC 9797), hence add a mandatory ‘80’ byte to the right of MSG, and then add the smallest number of ‘00’ bytes to the right such that the length of resulting message MSG := (MSG || ‘80’ || ‘00’ || ‘00’ || . . . || ‘00’) is a multiple of 8 bytes.