setPIN via Python Reader NFC

97 views
Skip to first unread message

richard redpath

unread,
Oct 25, 2024, 1:55:37 PMOct 25
to FIDO Dev (fido-dev)
I have a NFC reader; is there a sample to set PIN for the stick?
I know the APDU commands that would be needed.

   -CMD Select Applet
   -CMD_AUTHENTICATOR_GET_INFO
   -CMD_AUTHENTICATOR_RESET
   -CMD_AUTHENTICATOR_CLIENT_PIN as SUB_CMD_GET_KEY_AGREEMENT
   -CMD_AUTHENTICATOR_CLIENT_PIN as SUB_CMD_SET_PIN

 Well of course the first four are simple and easy do with Python. The setPIN has allot of CBORs work to be done such as to get the share secret and so on.
But if here is a library already that does this. Please provide sample or a decent pointer to where.

I want to write automated tests repeatedly to validate memory usage is fine. I did search the forum with no luck.

thanks in advance.

DUBOUCHER Thomas

unread,
Oct 25, 2024, 3:20:48 PMOct 25
to richard redpath, FIDO Dev (fido-dev)

THALES GROUP LIMITED DISTRIBUTION to email recipients

 

Hi,

 

You may have a good chance by simply binding your code with Python cffi to libfido2, instead of implementing everything by yourself.

 

Note : if your reader is an ISO contactless reader, you may need to rebuild libfido2 with USE_PCSC

 

Best regards,

 

 

 

Thomas Duboucher

Embedded Security Specialist

Digital Identity and Security

Thales

 

--
You received this message because you are subscribed to the Google Groups "FIDO Dev (fido-dev)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fido-dev+u...@fidoalliance.org.
To view this discussion visit https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/abc68e83-7a95-4dcc-95dc-125c905799aen%40fidoalliance.org.

richard redpath

unread,
Oct 27, 2024, 5:50:42 AMOct 27
to FIDO Dev (fido-dev), DUBOUCHER Thomas, richard redpath
Thanks for the reply. I tend to stay away from using direct open source as it it always has some issue of IT  USE TO WORK for some version of the environment.
SO here are my Questions as I am close to it working nicely. Just the last part.

This is sample APDU for authenticatorClientPIN (0x06) sub Command setPIN (0x03)
which is has CBORs shown in Diagnostic format:
Actually I am simply using the JCShell to drive th setPIN (also Python).

Select Applet
/send 00A4040008A0000006472F000100
Get Info
/send 80108000010400
Reset PIN
/send 80108000010700
Get keyAgreement
/send 801080000606a20102020200

/Send for Set PIN APDU excerpted 0x06 0x03

80 10 80 00 AA 06
A50102020303A5010203381820012158203D54DFBD6F303ECCCBE4CEA9BF84BFE29CF644C7BAE4CAA67C175A5DE58F37572258207CA5217BDF8BCB7FC930B522717E1F5036DD3C5DFDE75BF742E2F5E85C8198960458407B1B8402F6939A0BF1EE944432ABF7EA47E9EE2DDCECBCFCA962CD829279F03B68A0658F49706E40156AAB140587C7E74F2453CB11F53320BFAEFD5FABB37B1E0550F89DB093D711AB3C27D5DFBB53A091CE

CBORs A5
{
    1: 2,      # pinProtocol
    2: 3,      # sub command setPIN
    3: {        # COSkey
        1: 2,
        3: -25_0,
        -1: 1,
        -2: h'131bf204a8f2534ee14d0f97199456aac4b0fa043622edffe364ed3bb69a179e',
        -3: h'fe373a34b4383b498b5787d71b83c5064a1b939e3723e8682c08a213cf816366',
    },
    4: h'e5b631e68a779f815781872864a33090  # 64 bytes newPINEnc
           ceb92bb906d4a4e5333df2539f0d2e98',
    5: h'18d9810ac098f66a5ba2928fbad01a74   #80 bytes pinAuth apparently
           d646a5ad81d4dcd40a73c7e1b09bb7f
   db1d40bb33b538a9169450e0b17951
   1c2aa60abdbf22771be4879bc154281
   fdda50a6ed110d8a703f807c384217e80830',
}

The quesiton is the newPINEnc and pinAuth.
#1
newPINEnc:

  If my pin is "123456" well it says to pad to 64 bytes with 0x00 then
  aes256_cbc_enc. Which returns a length of 64 bytes? Is that correct. Take the 123456 and add 0x00 to 64 bytes then process with the aes256 the  (iv = b'\x00' * 16  # 16-byte IV of all zeroes)
  As to the  spec "Client to Authenticator Protocol (CTAP) Review Draft, March 21, 2023"
 

#2
pinAuth:

   pinAuth= authenticate(sharedSecret, newPinEnc).
   Computes a MAC of the given message 2023 Documentation
   But the  Fido Client Authenticator Protocol 2018 Documentation says
        pinAuth = LEFT(HMAC-SHA-256(sharedSecret, newPinEnc), 16).
    which means only 16 Bytes? But its 80 bytes?
   SO what is it then?

#3
Also the shareSecret
is based on the platform pirvatekey and the
public key of the Authentcator. Does it really matter how this is
created for test?  In Python I can simply create a share key.

    shared_secret = secrets.token_hex(16)  
    newPINenc     = util.aes256_cbc_PadPIN64_encrypt(shared_secret.encode('utf-8'), pindata.encode('utf-8') )
    auth               =  util.hmac_sha256_left_16(shared_secret.encode('utf-8'), newPINenc )

Certainly the Authenticator cannot tell that the platform derived shared secret is from platform pivateKey as it has no knowledge and no way to check that?
As I said I just want to drive this setPIN multiple time for testing rigor.

The Python code is simple, certainly will POST it with nice flags to print pretty  CBOR

    util.APDUhex("00a4040008a0000006472f0001","Select applet")
    util.APDUhex("80108000010400","Get Info", cborflag=True)
    util.APDUhex("80108000010700","Reset Card PIN")
    util.APDUhex("801000000606A201020201","Get retries", cborflag=True)
    util.APDUhex("801080000606a20102020200","Client PIN subcmd get keyAgreement",True)
    pinSetAPDU = createCBORsetPIN(newPINenc, auth)
    util.APDUhex(pinSetAPDU,"Client PIN subcmd SetPIN", checkflag=True);

Thanks in Advance.
Reply all
Reply to author
Forward
0 new messages