Merge pull request #1238 from merlokk/emv_ssad

ApplePay CDA check
2025-08-23 22:55:37 -07:00 · 2021-04-08 18:29:40 +03:00 · 2021-04-08 18:29:40 +03:00 · 9c64d2f4e0
commit 9c64d2f4e0
parent e207091ace 2f634923bb
3 changed files with 23 additions and 15 deletions
--- a/client/src/emv/cmdemv.c
+++ b/client/src/emv/cmdemv.c
@ -1143,10 +1143,14 @@ static int CmdEMVExec(const char *Cmd) {
            // CDA
            PrintAndLogEx(NORMAL, "\n* CDA:");
            struct tlvdb *ac_tlv = tlvdb_parse_multi(buf, len);
            if (tlvdb_get(ac_tlv, 0x9f4b, NULL)) {
                res = trCDA(tlvRoot, ac_tlv, pdol_data_tlv, cdol_data_tlv);
                if (res) {
                    PrintAndLogEx(NORMAL, "CDA error (%d)", res);
                }
            } else {
                PrintAndLogEx(NORMAL, "\n* Signed Dynamic Application Data (0x9f4b) not present");
            }
            free(ac_tlv);
            free(cdol_data_tlv);
--- a/client/src/emv/emv_pki.c
+++ b/client/src/emv/emv_pki.c
@ -349,7 +349,7 @@ unsigned char *emv_pki_sdatl_fill(const struct tlvdb *db, size_t *sdatl_len) {
 }
 struct tlvdb *emv_pki_recover_dac_ex(const struct emv_pk *enc_pk, const struct tlvdb *db, const struct tlv *sda_tlv, bool showData) {
-    size_t data_len;
+    size_t data_len = 0;
    // Static Data Authentication Tag List
    size_t sdatl_len;
--- a/client/src/emv/emvcore.c
+++ b/client/src/emv/emvcore.c
@ -970,18 +970,22 @@ int trCDA(struct tlvdb *tlv, struct tlvdb *ac_tlv, struct tlv *pdol_data_tlv, st
                  sprint_hex(icc_pk->serial, 3)
                 );
    // Signed Static Application Data (SSAD) check
    const struct tlv *ssad_tlv = tlvdb_get(tlv, 0x93, NULL);
    if (ssad_tlv && ssad_tlv->len > 1) {
        struct tlvdb *dac_db = emv_pki_recover_dac(issuer_pk, tlv, sda_tlv);
        if (dac_db) {
            const struct tlv *dac_tlv = tlvdb_get(dac_db, 0x9f45, NULL);
-        PrintAndLogEx(SUCCESS, "SSAD verified (%s) (%02hhx:%02hhx)", _GREEN_("ok"), dac_tlv->value[0], dac_tlv->value[1]);
+            PrintAndLogEx(SUCCESS, "Signed Static Application Data (SSAD) verified (%s) (%02hhx:%02hhx)", _GREEN_("ok"), dac_tlv->value[0], dac_tlv->value[1]);
            tlvdb_add(tlv, dac_db);
        } else {
-        PrintAndLogEx(ERR, "Error: SSAD verify error");
+            PrintAndLogEx(ERR, "Error: Signed Static Application Data (SSAD) verify error");
            emv_pk_free(pk);
            emv_pk_free(issuer_pk);
            emv_pk_free(icc_pk);
            return 4;
        }
    }
    PrintAndLogEx(INFO, "* * Check Signed Dynamic Application Data (SDAD)");
    struct tlvdb *idn_db = emv_pki_perform_cda_ex(icc_pk, tlv, ac_tlv,