The Implementation of ALG_DES_MAC8_ISO9797_1_M2_ALG3

In order to work with the Java Card, we need to implement the algorithm ALG_DES_MAC8_ISO9797_1_M2_ALG3 outside the card.

 

Here is the instruction from Java Card Application Programming Interface:

 

public static final byte ALG_DES_MAC8_ISO9797_1_M2_ALG3Signature algorithm ALG_DES_MAC8_ISO9797_1_M2_ALG3 generates an 8-byte MAC using a 2-key DES3 key according to ISO9797-1 MAC algorithm 3 with method 2 (also EMV'96, EMV'2000), where input data is padded using method 2 and the data is processed as described in MAC Algorithm 3 of the ISO 9797-1 specification. The left key block of the triple DES key is used as a single DES key(K) and the right key block of the triple DES key is used as a single DES Key (K') during MAC processing. The final result is truncated to 8 bytes as described in ISO9797-1.

 

The instruction is too simple to implement the algorithm, so I have to get into the other document, and csme into the calculation process:

1, Pad the data to be signed with method 2:

2, Encrypt the padded data with K 1 in DES CBC mode

3, Decrypt the last block with K 2 in DES ECB mode

4, Encrypt the last block with K 1 in DES ECB mode

Then the last block is our signature.

 

 

The Padding method:

Pad the message M according to ISO 7816-4 (which is equivalent to method 2 of ISO/IEC 9797), hence add a mandatory ‘ 80’ byte to the right of MSG, and then add the smallest number of ‘ 00’ bytes to the right such that the length of resulting message MSG := (MSG || ‘ 80’ || ‘ 00’ || ‘ 00’ || . . . || ‘ 00’ ) is a multiple of 8 bytes.