Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 11 Next »

This article describe knowledge about SmartTap 2.1.

All resource upload and record here. 

Specification

Part 1 describe the detail of SmartTap 2.1 feature.

Part 2 describe the timing requirement. But VP3300 would need longer time than requirement because VP3300 implement software encryption(microECC Library).

SmartTap2.1-Part1-NFCProtocolDRAFT-v0.976.pdf

SmartTap2.0-Part2-TerminalCertificationDRAFT-v0.3.1.pdf

Test App

Before validate VP3300 transaction result, we could use terminal app and merchant app to simulate transaction flow.

Reader(ex. VP3300) should act like terminal app, and VAS app(ex. pass) should act like merchant app. Setup detail could be refer to App Setup Instructions.

terminalapp_v1_6_21.apk

merchantapp_v2_6_24.apk

2017-06-22 11_32_02.563561.7z

[READ ME] App Setup Instructions.docx

Long term private key(LTPK)

How to generate a PEM file

It seem that OpenSSL for Windows could generate PEM file, but I have no idea now.

How to get long term private key from pem file

To get private key from a pem file, you may have some tools to support openssl first, such as OpenSSL for Windows.

When you have tools support openssl, for example, change direction to openssl direction

c:\>cd "Program Files (x86)"

c:\Program Files (x86)>cd GnuWin32

c:\Program Files (x86)\GnuWin32>cd bin

c:\Program Files (x86)\GnuWin32\bin>

 

And using openssl.exe to read pem file(ex. PRIVATE.key_CS1630.pem, from Pronto)

c:\Program Files (x86)\GnuWin32\bin>openssl.exe ec -noout -text -in "c:\PRIVATE.key.pem"

read EC key

Private-Key: (256 bit)

priv:

    00:f5:36:87:08:93:39:20:55:3b:7b:9f:fb:16:ae:

    ed:9c:77:d5:bf:d9:66:2a:f1:49:a6:b9:f9:65:b7:

    3f:0c:ca

pub:

    04:38:0b:8f:7f:0a:43:33:a7:e4:f2:2a:96:b1:ce:

    a8:c3:eb:38:7a:af:d8:36:63:2d:62:dc:c0:a6:61:

    9c:cc:28:b4:28:c5:bf:86:38:d7:0e:93:28:c6:b4:

    61:39:1e:b2:ef:de:a8:db:bf:fe:93:c1:7d:14:e2:

    e6:94:dc:8e:4c

ASN1 OID: prime256v1

And the priv is the string we need.

How to load long term private key to reader

Customer could load LTPK to reader via command C7-62.

Before loading LTPK to reader, we could get private key from PEM file, and we should use RSA 2048 alogrithm to encrypt private key, the step is as below:

  1. RSA Private Key:

    3238682B00491F585E6D728DE13B5AE672C3D7E578D852563B1432A927CCDECA7655CEA2DB391F99FA55ED93CF6956AB9978D1BA9E73039355C40DFB3FF877BCFF55D9968BF1AD965D8DC8FD620C035C113D449F0B34A34C7BFF05330B376C7CE93A633D1B2DC5188CC332519ACAE06DAE8452265543A43F6BFC400336EBD20C0604C5497D416F113117A51F5736EFD471C16EEA993BAAE69F3A80B12DB6E8B7696423C7D661F236410DBD38DFC92FA1755ACBF2D64BCB7EA612AA3112133927CB5DB33B305E7357C8C5EC3998734BED901D319FC5ECAC8D56B266E417FC637673912571597B93082BA71813D9EC29EA317DCB97CD7682E8E24151123AC62059

  2. RSA Public Key:

    AAF0CB6B8459733E0FFAB1D6684F4C79C27F329F30575EBA44B148DA67BC39A46EBB6EB5F7624B6711BC4BC1BC271E241D18DA4FD4C88798BC27F0091ED0F48154A06A1B5B5899103C78D06A83A5FA85ECB6491420B42AAB152FE869F293CB3167680F6AA3940A66D433268AD30A1F037832006856B73CF674E4BE48CB5CA1E551C223AAC4AAD3E1C712EBAC9505D95FF31311E70C57ADDA5E08308645C33EB0F67E1C54C1C2D35AC9E96AE3F34724128131E3B21B663FD1A9A8E9957D7D38DCCE0A34C54D3AC2B6496F174E66CE2B8CE4249E0A6FC80A1EB3D20BE00CC637EBC50BFFF06873ADF771F3A2BB774F36C28046C026D8EC550EEFFC3C5627BCA1E9

  3. RSA Exp:

    010001


  4. Long term private key

    00F5368708933920553B7B9FFB16AEED9C77D5BFD9662AF149A6B9F965B73F0CCA


  5. Padding “00” + Version(ex. 00 00 00 01) + Long term private key to 256 bytes data

    0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100F5368708933920553B7B9FFB16AEED9C77D5BFD9662AF149A6B9F965B73F0CCA

  6. Calculate SHA-256 for data

    BD422E43F804506F002B4E93DD0165F488FC18660F21A0DC7D9B3057E36C504B

  7. Use RSA private key encrypt data

    A997961F9A8D1C44F89B46A95045DC51D767032EC645E80FA2DDB528690D28C820A828D44C322586FC0CB91B6FCF48513D7F7E579221A5F089E22FF1CB792070D6237D25198B77E3ECB053D519AB1BAB260B27DD8FD5E95C7A21CDA073D8E6AD928B0AD6F698074A5EDC2A5496C02F6B50DD650D9CC61E0385EAE15CF381EE639073A208A5C3A4ADA935369D689A295CE77BC9372A544492034A857F767854EDDFC922D6497B3905B588333447078F7DE55064EF3EA35E0877505E4107FA49126F26CB0114943267FC8BABB5C90A07AEE359A32A71ABFBCE529BF875501F70E4FE022D14FC43D1AE2BD18F4904962BE1C376658D16F298B6E0DEADA829021A85

  8. Add encrypt data and sha-256 data

    A997961F9A8D1C44F89B46A95045DC51D767032EC645E80FA2DDB528690D28C820A828D44C322586FC0CB91B6FCF48513D7F7E579221A5F089E22FF1CB792070D6237D25198B77E3ECB053D519AB1BAB260B27DD8FD5E95C7A21CDA073D8E6AD928B0AD6F698074A5EDC2A5496C02F6B50DD650D9CC61E0385EAE15CF381EE639073A208A5C3A4ADA935369D689A295CE77BC9372A544492034A857F767854EDDFC922D6497B3905B588333447078F7DE55064EF3EA35E0877505E4107FA49126F26CB0114943267FC8BABB5C90A07AEE359A32A71ABFBCE529BF875501F70E4FE022D14FC43D1AE2BD18F4904962BE1C376658D16F298B6E0DEADA829021A85BD422E43F804506F002B4E93DD0165F488FC18660F21A0DC7D9B3057E36C504B

  9. IDG Command 

    56 69 56 4F 74 65 63 68 32 00 C7 62 01 20 A9 97 96 1F 9A 8D 1C 44 F8 9B 46 A9 50 45 DC 51 D7 67 03 2E C6 45 E8 0F A2 DD B5 28 69 0D 28 C8 20 A8 28 D4 4C 32 25 86 FC 0C B9 1B 6F CF 48 51 3D 7F 7E 57 92 21 A5 F0 89 E2 2F F1 CB 79 20 70 D6 23 7D 25 19 8B 77 E3 EC B0 53 D5 19 AB 1B AB 26 0B 27 DD 8F D5 E9 5C 7A 21 CD A0 73 D8 E6 AD 92 8B 0A D6 F6 98 07 4A 5E DC 2A 54 96 C0 2F 6B 50 DD 65 0D 9C C6 1E 03 85 EA E1 5C F3 81 EE 63 90 73 A2 08 A5 C3 A4 AD A9 35 36 9D 68 9A 29 5C E7 7B C9 37 2A 54 44 92 03 4A 85 7F 76 78 54 ED DF C9 22 D6 49 7B 39 05 B5 88 33 34 47 07 8F 7D E5 50 64 EF 3E A3 5E 08 77 50 5E 41 07 FA 49 12 6F 26 CB 01 14 94 32 67 FC 8B AB B5 C9 0A 07 AE E3 59 A3 2A 71 AB FB CE 52 9B F8 75 50 1F 70 E4 FE 02 2D 14 FC 43 D1 AE 2B D1 8F 49 04 96 2B E1 C3 76 65 8D 16 F2 98 B6 E0 DE AD A8 29 02 1A 85 BD 42 2E 43 F8 04 50 6F 00 2B 4E 93 DD 01 65 F4 88 FC 18 66 0F 21 A0 DC 7D 9B 30 57 E3 6C 50 4B 6E 7C


How to configuration reader

There are some configurations need to setup for difference type transaction.

ConfigurationTagused for APDUM/ODefault ValueNote
LTPK
Negotiate SmartTap Secure SessionMandantoryNo
Merchant ID(Collector ID)DFEE3BGet SmartTap DataMandantory

Yes,

0x00, 0xBC, 0x61, 0x4E(12345678)

default value setting as Merchant app
Store locationDFEE3CGet SmartTap DataOptionalNo
Terminal IDDFEE3DGet SmartTap DataOptionalNo
Merchant NameDFEF25Get SmartTap DataOptionalNo
Merchant  CategoryDFED01Get SmartTap DataOptionalNo
POS Capability BitmapDFED02PushSmartTap DataOptional

Yes

0x05, 0x00, 0x10, 0x00, 0x08, 0x01

follow Kelso, but do not how to use
Retry TimesDFED03behaviorOptionalYes, 00
Select OSE supportDFED04behaviorOptionalYes, 01
Skip Second Select supportDFED05behaviorOptionalYes, 01

Stop Payment if smart tap2.1 failed support

DFED06behaviorOptionalYes, 00
Pre-Signed supportDFED07behaviorOptionalYes, 00

How to parser NDEF

To understand NDEF please refer to 3.2 Record Layout NFCForum-TS-NDEF-1.pdf and NDEF Parser.




Related issues

TS-10251 - Getting issue details... STATUS CS-1630 - Getting issue details... STATUS

 



  • No labels