SCP03 v1.2 S16 mode not implemented

[dilucide]

Describe the bug

Secure Channel Protocol '03'
Card Specification v2.3 - Amendment D
Version 1.2

specifies a new protocol option (i.b1) named S16 mode which, when enabled causes cards to expect 16 byte challenges, MAC values, etc., instead of the regular 8 bytes.

Information about your card and used reader

N/A

Expected behavior

S16 mode is currently not supported, resulting in cards with SCP03, i=x1 policy configuration refusing to open a secure channel. This is not a pressing issue due to card availability, but is expected to be troublesome with future card generations due to the S8 mode being referred to as legacy.

Full log

N/A

Additional context

I have quickly implemented a corresponding fix, in conjunction with more robust length checking of the INITIALIZE UPDATE response and will create a pull request in due time.

[martinpaljak]

Please send me a card that supports this!

[martinpaljak]

Will add to the upcoming 24.10.XX release. At this point it seems a command line option -s16 is necessary (unless profiles get a bump, which does not seem to be the case now).

[DEBUG] GPSession - Host challenge: DC6BD172F76073B0BB5E8E635FA2ADD0
[DEBUG] GPSession - Card challenge: B24D192BCDF42EF8F28289727569481B
[DEBUG] GPSession - Card reports SCP03 (i=11) with key version 1 (0x01)
[INFO] GPSession - Diversified card keys: ENC=404142434445464748494A4B4C4D4E4F404142434445464748494A4B4C4D4E4F (KCV: D26086) MAC=404142434445464748494A4B4C4D4E4F404142434445464748494A4B4C4D4E4F (KCV: D26086) DEK=404142434445464748494A4B4C4D4E4F404142434445464748494A4B4C4D4E4F (KCV: D26086) for SCP03
[INFO] GPSession - Session keys: ENC=D85663F0559E43D1E6CBBA40660F142A8FDA5F186AAE57598D771B4BB1242B04 MAC=C48FB440EA5CA97D5A5FB4B9B137D62D1F8FBAE60B5C9CD9D617E81CC09DE09A RMAC=FADD8371AD4061E62C190C0ED88DBF13CFFEEEDC6FBFE12A384090DC0EB4A2FD
[DEBUG] GPSession - Verified card cryptogram: C33C275FA623A4E3735D1E9797CA9B57
[DEBUG] GPSession - Calculated host cryptogram: F3DF419FA532A785117F42DE75B39E9A