if SSAD present before check it (A@Pay)

client/src/emv/emv_pki.c

@@ -349,7 +349,7 @@ unsigned char *emv_pki_sdatl_fill(const struct tlvdb *db, size_t *sdatl_len) {
 }
 
 struct tlvdb *emv_pki_recover_dac_ex(const struct emv_pk *enc_pk, const struct tlvdb *db, const struct tlv *sda_tlv, bool showData) {
-    size_t data_len;
+    size_t data_len = 0;
 
     // Static Data Authentication Tag List
     size_t sdatl_len;

client/src/emv/emvcore.c

@@ -970,17 +970,21 @@ int trCDA(struct tlvdb *tlv, struct tlvdb *ac_tlv, struct tlv *pdol_data_tlv, st
                   sprint_hex(icc_pk->serial, 3)
                  );
 
-    struct tlvdb *dac_db = emv_pki_recover_dac(issuer_pk, tlv, sda_tlv);
+    // Signed Static Application Data (SSAD) check
-    if (dac_db) {
+    const struct tlv *ssad_tlv = tlvdb_get(tlv, 0x93, NULL);
-        const struct tlv *dac_tlv = tlvdb_get(dac_db, 0x9f45, NULL);
+    if (ssad_tlv && ssad_tlv->len > 1) {
-        PrintAndLogEx(SUCCESS, "SSAD verified (%s) (%02hhx:%02hhx)", _GREEN_("ok"), dac_tlv->value[0], dac_tlv->value[1]);
+        struct tlvdb *dac_db = emv_pki_recover_dac(issuer_pk, tlv, sda_tlv);
-        tlvdb_add(tlv, dac_db);
+        if (dac_db) {
-    } else {
+            const struct tlv *dac_tlv = tlvdb_get(dac_db, 0x9f45, NULL);
-        PrintAndLogEx(ERR, "Error: SSAD verify error");
+            PrintAndLogEx(SUCCESS, "Signed Static Application Data (SSAD) verified (%s) (%02hhx:%02hhx)", _GREEN_("ok"), dac_tlv->value[0], dac_tlv->value[1]);
-        emv_pk_free(pk);
+            tlvdb_add(tlv, dac_db);
-        emv_pk_free(issuer_pk);
+        } else {
-        emv_pk_free(icc_pk);
+            PrintAndLogEx(ERR, "Error: Signed Static Application Data (SSAD) verify error");
-        return 4;
+            emv_pk_free(pk);
+            emv_pk_free(issuer_pk);
+            emv_pk_free(icc_pk);
+            return 4;
+        }
     }
 
     PrintAndLogEx(INFO, "* * Check Signed Dynamic Application Data (SDAD)");