学勇建站,重新做系统后怎么没有wordpress,公众号开发的可行性,做直播 网站的上市公司【静态数据认证】 静态数据认证处理过程中#xff0c;卡片没有执行任何处理#xff0c;终端执行的处理流程#xff1a;1、认证中心公钥的获取终端使用卡片上的认证中心公钥索引#xff08;PKI#xff09;【TAG#xff1a;8F#xff0c;Certification Authority Public K…【静态数据认证】 静态数据认证处理过程中卡片没有执行任何处理终端执行的处理流程1、认证中心公钥的获取终端使用卡片上的认证中心公钥索引PKI【TAG8FCertification Authority Public Key Index】以及注册的应用提供商标识RID【TAG9F06Application IdentifierAID-terminal】来获取存储在终端的认证中心公钥和相关信息 注认证中心公钥是预先存储在终端里的通过PKI和RID作为索引找到 2、发卡行公钥的获取终端用认证中心公钥验证发卡行公钥证书【TAG90Issuer Public Key Certificate】验证正确则从发卡行公钥证书中取出发卡行公钥 注通过第1步获取到认证中心公钥后使用该公钥经过RSA算法解密发卡行公钥证书【TAG90】的数据根据解密后的数据格式参考Book25.3Table6验证是否正确如果正确则可以获取到发卡行公钥发卡行公钥有一部分是解密后获得的 3、签名静态应用数据的验证终端用发卡行公钥验证签名静态应用数据【TAG93Signed Static Application Data】如果验证不正确则数据可能被篡改静态数据认证失败了 注通过第2步获取到发卡行公钥后使用改公钥经过RSA算法解密签名静态应用数据【TAG93】的数据根据解密后的数据格式参考Book25.4Table7验证是否正确 4、静态数据认证结果如果以上所有步骤得以成功执行则静态数据认证通过如果静态数据认证失败终端设置终端验证结果中的相应指示器以显示静态数据认证结果并在随后的处理中使用该指示器决定交易的处理 【发卡行公钥的获取Book2,5.3】 1. If the Issuer Public Key Certificate has a henght different from the length of the Cerfitfication Authority Public Key Modulus obtained in the previous section, SDA has failed.2. In order to obtain the recovered data speicified in the Table 6, apply the recovery function specified in Annex A2.1 to the Issuer Public Key Certificate using the Certification Authority Public Key in conjunction with the corresponding algorithm. If the Recovered Data Trailer is not equal to BC, SDA has failed.3. Check the Recovered Data Header. If it is not 6A, SDA has failed.4. Check the Certificate Format. If it is not 02, SDA has failed.5. Concatenate from left to right the second to the tenth data elements in Table 6(that is, Certificate Format through Issuer Public Key or Leftmost Digits of the Issuer Public Key), followed by th Issuer Public Key Remainder(if present), and finally the Issuer Public Key Exponent.6. Apply the indicated hash algorithm(derived from the Hash Algorithm Indicator) to the result of the concatenation of the previous step to produce the hash result.7. Compare the calculated hash result from the previous step with the recoverd Hash Result. If they are not the same, SDA has failed.8. Verify that the Issuer Identifier mathces the leftmost 3-8 PAN digits (allowing for the possible padding the Issuer Identifier with hexadecimal Fs). If not, SDA has failed.9. Verify that the last day of the month specified in the Certificate Expiration Date is equal to or later than todays date. If the Certificate Expiration Date is earlier than todays date, the certificate has expired, in which case SDA has failed.10.Verify that the concatenation of RID, Certification Authority Public Key Index and Certificate Serial Number is valid. If not, SDA has failed.11.If the Issuer Public Key Algorithm Indicator is not recognised, SDA has failed.12.If all the checks above are correct, concatenate the Leftmost Digits of Issuer Public Key and the Issuer Public Key Remainder(if present) to obtain the Issuer Public Key Modulus, and continue with the next steps for the verification of the Signed Static Application Data. 【签名静态应用数据的验证Book2,5.4】 1. If the Signed Static Application Data has a length different from the length of the Issuer Public Key Modulus, SDA has failed.2. In order to abtain the Recovered Data specified in Table 7, apply the recovery function specified in Annex A2.1 on the Signed Static Application Data using the Issuer Public Key in conjunction with the corresponding algorithm. If the Recovered Data Trailer is not equal to BC, SDA has failed.3. Check the Recovered Data Header. If it is not 6A, SDA has failed.4. Check the Signed Data Format. If it is mot 03, SDA has failed.5. Concatenate from left to right the second to the fifth data elements in Table7(that is, Signed Static Data Format through Pad Pattern), followed by the static data to the authenticated as specified in section 10.3 of Book 3. If the Statis Data Authentication Tag List is present an contains tags other than 82, then SDA has failed.6. Apply the indicated hasd algorithm (derived from the Hash Algorithm Indicator) to the result of the concatenation of the previous step to produce the hash result.7. Compare the calculated hash result from the previous step with the recoverd Hash Result. If they are not the same, SDA has failed.8. If all of the obove steps were executed successfully, SDA was successful. The Data Authentication Code recovered in Table 7 shall be stored in tag 9F45. 转载于:https://www.cnblogs.com/utank/p/8469360.html
