I think it would make sense for me to share my code right now.
getChallenge
private string getPICCChallenge()
{
string challenge;
var httpWebRequest = (HttpWebRequest)WebRequest.Create(baseURL + getChallengeEndpoint);
httpWebRequest.ContentType = "application/json";
httpWebRequest.Method = "POST";
using (var streamWriter = new StreamWriter(httpWebRequest.GetRequestStream()))
{
Dictionary<string, string> post = new Dictionary<string, string>
{
{"api-key", apikey }
};
string json = JsonConvert.SerializeObject(post, Formatting.Indented);
streamWriter.Write(json);
}
var httpResponse = (HttpWebResponse)httpWebRequest.GetResponse();
using (var streamReader = new StreamReader(httpResponse.GetResponseStream()))
{
challenge = streamReader.ReadToEnd();
}
var data = (JObject)JsonConvert.DeserializeObject(challenge);
return data.First.First.ToString();
}
getUID
private string getUID()
{
using (var ctx = contextFactory.Establish(SCardScope.System))
{
using (var isoReader = new IsoReader(ctx, comboBox1.Text, SCardShareMode.Shared, SCardProtocol.Any, false))
{
var apdu = new CommandApdu(IsoCase.Case2Short, isoReader.ActiveProtocol)
{
CLA = 0xFF, // Class
Instruction = InstructionCode.GetData,
P1 = 0x00, // Parameter 1
P2 = 0x00, // Parameter 2
Le = 0x07 // Expected length of the returned data
};
var response = isoReader.Transmit(apdu);
var array = response.GetData();
return BitConverter.ToString(array).Replace("-", string.Empty);
}
}
}
getPCDChallenge
private string getPCDChallenge()
{
using (var ctx = contextFactory.Establish(SCardScope.System))
{
using (var isoReader = new IsoReader(ctx, comboBox1.Text, SCardShareMode.Shared, SCardProtocol.Any, false))
{
var apdu = new CommandApdu(IsoCase.Case4Short, isoReader.ActiveProtocol)
{
CLA = 0x90, // Class
INS = 0x71,
P1 = 0x00, // Parameter 1
P2 = 0x00, // Parameter 2
Data = new byte[] { 0x02, 0x00 },
Le = 0x00
};
var response = isoReader.Transmit(apdu);
var array = response.GetData();
return BitConverter.ToString(array).Replace("-", string.Empty).ToLower();
}
}
}
At this point my struct contains
auth.PICCUID = "04XXXXXXXXXXXX"
auth.PCDchallenge = "58EB612FC45FB06A9D473F994589B1D1"
auth.PICCchallenge = "154ad56c251753b809b829dd0bfb8e69"
auth.PCDresponse = ""
getPCDResponse
private string getPCDResponse(AUTH auth)
{
string response;
var httpWebRequest = (HttpWebRequest)WebRequest.Create(baseURL + pcdChallengeEndpoint);
httpWebRequest.ContentType = "application/json";
httpWebRequest.Method = "POST";
using (var streamWriter = new StreamWriter(httpWebRequest.GetRequestStream()))
{
Dictionary<string, string> post = new Dictionary<string, string>
{
{"picc-uid", auth.PICCUID},
{"picc-challenge", auth.PICCchallenge},
{"pcd-challenge", auth.PCDchallenge}
};
string json = JsonConvert.SerializeObject(post);
streamWriter.Write(json);
}
var httpResponse = (HttpWebResponse)httpWebRequest.GetResponse();
using (var streamReader = new StreamReader(httpResponse.GetResponseStream()))
{
response = streamReader.ReadToEnd();
}
var data = (JObject)JsonConvert.DeserializeObject(response);
return data.First.First.ToString();
}
At this point my struct contains
auth.PICCUID = "04XXXXXXXXXXXX"
auth.PCDchallenge = "58EB612FC45FB06A9D473F994589B1D1"
auth.PICCchallenge = "154ad56c251753b809b829dd0bfb8e69"
auth.PCDresponse = "error"