Hello All,
I am newbie in EMV personalization and studying about Offline data authentication (SDA, DDA). About SDA my understanding is like:-
1-The Static application data will be signed with the Issuer Private Key (S1) and stored in Signed Application Data (SSAD). [ require RSA-Private Key]
2- The corresponding Issuer Public Key (P1) will be stored in the Issuer PK Certificate.[ generate PK certificate, require RSA-Public Key]
3- the Issuer PK Certificate is signed with a Certification Authority Private Key (SCA). The Certification Authority Public Key (PCA) is stored in the IC Terminal.[ require CA private/public key]
4-For SDA the terminals decrypt the Issuer PK Certificate with the PCA key. If the decryption was successful, the terminal extracts the P1 key to decrypt the SSAD. SDA was successful if the IC Terminal verifies the SSAD.
Is anyone tell me how to implement this all in real. any tool to generate RSA keys and PK certificate and CA public private keys? Any suggestion would be a lot to me.
SDA will help me to understand the concept, after that it would be easy to implement DDA.
If having any query please let me know.