javacard mac相關

MAC, (message authentication code), just a personal digest algorithm with a secret key.

HMAC, just a MAC with standard digest algorithm. Hashed twice. The secret key just do XOR operation.

mac填充方式：

    PKCS5: Pad with bytes all of the same value as the number of padding bytes. it’s also the same as PKCS5 and RFC 3852 Cryptographic Message Syntax (CMS)

    ISO 9797 method 1: Pad with zero (null) characters.

    ISO 9797 method 2:   Pad with 0x80 followed by zero bytes. if the last block is full

ALG_DES_MAC8_ISO9797_1_M2_ALG3 算法流程：

1. Pad the data to be signed with method 2: （pad方式見The Padding method）

2, Encrypt the padded data with K1 in DES CBC mode

3, Decrypt the last block with K2 in DES ECB mode

4, Encrypt the last block with K1 in DES ECB mode

Then the last block is our signature.

The Padding method:

Pad the message M according to ISO 7816-4 (which is equivalent to method 2 of ISO/IEC 9797), hence add a mandatory ‘80’ byte to the right of MSG, and then add the smallest number of ‘00’ bytes to the right such that the length of resulting message MSG := (MSG || ‘80’ || ‘00’ || ‘00’ || . . . || ‘00’) is a multiple of 8 bytes.