Generating field 52 with Postilion
351 views
Skip to first unread message
Ibrahim Abiodun
Aug 30, 2016, 9:41:05 AM8/30/16
to jPOS Users
Hi,
I'm sending a message to postilion and I'm having issues with the field 52. I'm not using a HSM as we speak although we planned to use AWS HSM but we want to make sure the application works properly before investing in one.
Here is how I'm generating my pinblock
JCESecurityModule jcesecmod = new JCESecurityModule("path to test lmk", "com.sun.crypto.provider.SunJCE");
SecureDESKey sdk = new SecureDESKey(SMAdapter.LENGTH_DES3_2KEY, SMAdapter.TYPE_ZPK, "ZPK Value", "KCV");
EncryptedPIN pinUnderLMK = jcesecmod.encryptPIN(pin,account);
EncryptedPIN pinUnderTPK = jcesecmod.exportPINImpl(pinUnderLMK, sdk, SMAdapter.FORMAT01);
byte[] pinblock = pinUnderTPK.getPINBlock();
Where the pin is the clear pin as entered by the customer and the account is the right most 12 digit excluding the check digit.
The Format of the PIN required is ANSI_X98.
Here is the message I get from the postilion trace,
Description: Declined message from node '****' with response code 96 (SYSTEM MALFUNCTION). The PIN could not be translated for card '*****************=*******' due to a cryptographic error. Acquirer: , Card acceptor: , Terminal: ****. Additional error information: A PIN translation between KWP keys '_KWP' and 'AWK' failed. The HSM command 'CC' returned the response code '20'.: A cryptographic operation (translate PIN) involving key 'KWP' failed, because invalid data was supplied. The invalid data was in field 'PIN block'. The data was invalid because PIN block invalid according to format ANSI_X98.
ID: [5039]
Data: [none]
at postilion.realtime.apps.tranmgr.CryptoPinManager.translatePin(CryptoPinManager.java:218)
at postilion.realtime.apps.tranmgr.AuthorizingTranProxy.translatePin(AuthorizingTranProxy.java:1472)
at postilion.realtime.apps.tranmgr.authorizers.AuthorizerAcquirer.processSecurityInfoPin(AuthorizerAcquirer.java:1450)
at postilion.realtime.apps.tranmgr.authorizers.AuthorizerAcquirer.processSecurityInfo(AuthorizerAcquirer.java:1410)
at postilion.realtime.apps.tranmgr.authorizers.AuthorizerAcquirer.validateCardOnline(AuthorizerAcquirer.java:603)
at postilion.realtime.apps.tranmgr.authorizers.AuthorizerAcquirer.authorizeRequestOnline(AuthorizerAcquirer.java:102)
at postilion.realtime.apps.tranmgr.EventHandlerReqReqMessage.attemptLocalAuthorization(EventHandlerReqReqMessage.java:145)
at postilion.realtime.apps.tranmgr.EventHandlerTranReq.processTran(EventHandlerTranReq.java:88)
at postilion.realtime.apps.tranmgr.EventHandlerMessage.process(EventHandlerMessage.java:64)
at postilion.realtime.apps.tranmgr.EventHandlerMessage.processMsg(EventHandlerMessage.java:40)
at postilion.realtime.apps.tranmgr.TransactionManager.processNodeMessage(TransactionManager.java:1435)
at postilion.realtime.apps.tranmgr.TransactionManager.processEvent(TransactionManager.java:1360)
at postilion.realtime.sdk.util.Processor.run(Processor.java:213)
at postilion.realtime.sdk.env.AppProcessor.run(AppProcessor.java:136)
Caused by: Postilion exception: [postilion.realtime.sdk.crypto.XPinTranslationFailure]
Description: A PIN translation between KWP keys '' and 'AWK' failed. The HSM command 'CC' returned the response code '20'.
Is there something I'm missing here ?
I'm sending a message to postilion and I'm having issues with the field 52. I'm not using a HSM as we speak although we planned to use AWS HSM but we want to make sure the application works properly before investing in one.
Here is how I'm generating my pinblock
JCESecurityModule jcesecmod = new JCESecurityModule("path to test lmk", "com.sun.crypto.provider.SunJCE");
SecureDESKey sdk = new SecureDESKey(SMAdapter.LENGTH_DES3_2KEY, SMAdapter.TYPE_ZPK, "ZPK Value", "KCV");
EncryptedPIN pinUnderLMK = jcesecmod.encryptPIN(pin,account);
EncryptedPIN pinUnderTPK = jcesecmod.exportPINImpl(pinUnderLMK, sdk, SMAdapter.FORMAT01);
byte[] pinblock = pinUnderTPK.getPINBlock();
Where the pin is the clear pin as entered by the customer and the account is the right most 12 digit excluding the check digit.
The Format of the PIN required is ANSI_X98.
Here is the message I get from the postilion trace,
Description: Declined message from node '****' with response code 96 (SYSTEM MALFUNCTION). The PIN could not be translated for card '*****************=*******' due to a cryptographic error. Acquirer: , Card acceptor: , Terminal: ****. Additional error information: A PIN translation between KWP keys '_KWP' and 'AWK' failed. The HSM command 'CC' returned the response code '20'.: A cryptographic operation (translate PIN) involving key 'KWP' failed, because invalid data was supplied. The invalid data was in field 'PIN block'. The data was invalid because PIN block invalid according to format ANSI_X98.
ID: [5039]
Data: [none]
at postilion.realtime.apps.tranmgr.CryptoPinManager.translatePin(CryptoPinManager.java:218)
at postilion.realtime.apps.tranmgr.AuthorizingTranProxy.translatePin(AuthorizingTranProxy.java:1472)
at postilion.realtime.apps.tranmgr.authorizers.AuthorizerAcquirer.processSecurityInfoPin(AuthorizerAcquirer.java:1450)
at postilion.realtime.apps.tranmgr.authorizers.AuthorizerAcquirer.processSecurityInfo(AuthorizerAcquirer.java:1410)
at postilion.realtime.apps.tranmgr.authorizers.AuthorizerAcquirer.validateCardOnline(AuthorizerAcquirer.java:603)
at postilion.realtime.apps.tranmgr.authorizers.AuthorizerAcquirer.authorizeRequestOnline(AuthorizerAcquirer.java:102)
at postilion.realtime.apps.tranmgr.EventHandlerReqReqMessage.attemptLocalAuthorization(EventHandlerReqReqMessage.java:145)
at postilion.realtime.apps.tranmgr.EventHandlerTranReq.processTran(EventHandlerTranReq.java:88)
at postilion.realtime.apps.tranmgr.EventHandlerMessage.process(EventHandlerMessage.java:64)
at postilion.realtime.apps.tranmgr.EventHandlerMessage.processMsg(EventHandlerMessage.java:40)
at postilion.realtime.apps.tranmgr.TransactionManager.processNodeMessage(TransactionManager.java:1435)
at postilion.realtime.apps.tranmgr.TransactionManager.processEvent(TransactionManager.java:1360)
at postilion.realtime.sdk.util.Processor.run(Processor.java:213)
at postilion.realtime.sdk.env.AppProcessor.run(AppProcessor.java:136)
Caused by: Postilion exception: [postilion.realtime.sdk.crypto.XPinTranslationFailure]
Description: A PIN translation between KWP keys '' and 'AWK' failed. The HSM command 'CC' returned the response code '20'.
Is there something I'm missing here ?
chhil
Aug 30, 2016, 10:04:51 AM8/30/16
to jpos-...@googlegroups.com
SecureDESKey sdk = new SecureDESKey(SMAdapter.LENGTH_DES3_2KEY, SMAdapter.TYPE_ZPK, "ZPK Value", "KCV");
Are you replacing the ZPK Value and KCV with actual clear values that the Postilion system has provided you (online via a key exchange or offline)?
-chhil
--
--
jPOS is licensed under AGPL - free for community usage for your open-source project. Licenses are also available for commercial usage. Please support jPOS, contact: sa...@jpos.org
Join us in IRC at http://webchat.freenode.net/?channels=jpos
You received this message because you are subscribed to the "jPOS Users" group.
Please see http://jpos.org/wiki/JPOS_Mailing_List_Readme_first
To post to this group, send email to jpos-...@googlegroups.com
To unsubscribe, send email to jpos-users+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/jpos-users
---
You received this message because you are subscribed to the Google Groups "jPOS Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jpos-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jpos-users/ec586df1-6135-4676-875e-55faa10bd46e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Victor Salaman
Aug 30, 2016, 10:07:36 AM8/30/16
to jpos-...@googlegroups.com
Hi
You should not do this in software and the AWS HSM is not the type of HSM you need :)
Sent from my iPhone
Sent from my iPhone
--
--
jPOS is licensed under AGPL - free for community usage for your open-source project. Licenses are also available for commercial usage. Please support jPOS, contact: sa...@jpos.org
Join us in IRC at http://webchat.freenode.net/?channels=jpos
You received this message because you are subscribed to the "jPOS Users" group.
Please see http://jpos.org/wiki/JPOS_Mailing_List_Readme_first
To post to this group, send email to jpos-...@googlegroups.com
To unsubscribe, send email to jpos-users+...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/jpos-users
---
You received this message because you are subscribed to the Google Groups "jPOS Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jpos-users+...@googlegroups.com.
Ibrahim Abiodun
Aug 30, 2016, 10:20:34 AM8/30/16
to jPOS Users
I got two clear component from the postilion guys and used smconsole to form a new Key. This is the key I'm using here with its key check value
chhil
Aug 30, 2016, 10:32:46 AM8/30/16
to jpos-...@googlegroups.com
So you probably used the FK command in the console. Could you share what was input without using actual key values as the 3 components entered (since you have only 2 components)?
The 3 should be comp1 comp2 comp1
Did the key check value you generated matched the ones that was provided by Postilion?
-chhil
-chhil
On Tue, Aug 30, 2016 at 7:50 PM, Ibrahim Abiodun <floppyc...@gmail.com> wrote:
I got two clear component from the postilion guys and used smconsole to form a new Key. This is the key I'm using here with its key check value
--
--
jPOS is licensed under AGPL - free for community usage for your open-source project. Licenses are also available for commercial usage. Please support jPOS, contact: sa...@jpos.org
Join us in IRC at http://webchat.freenode.net/?channels=jpos
You received this message because you are subscribed to the "jPOS Users" group.
Please see http://jpos.org/wiki/JPOS_Mailing_List_Readme_first
To post to this group, send email to jpos-...@googlegroups.com
To unsubscribe, send email to jpos-users+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/jpos-users
---
You received this message because you are subscribed to the Google Groups "jPOS Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jpos-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jpos-users/e7029bfc-bf9c-441c-b011-5bde9545a818%40googlegroups.com.
Ibrahim Abiodun
Aug 30, 2016, 11:07:45 AM8/30/16
to jPOS Users
Thanks Chill,
Here it is smconsole -lmk path/to/your/test.lmk FK 128 ZPK PARTA PARTB 00000
I got this as the response
<log realm="jce-security-module" at="2016-08-24T14:32:52.217" lifespan="43ms">
<s-m-operation>
<command name="Form Key from Three Clear Components">
<parameter name="Key Length">
128
</parameter>
<parameter name="Key Type">
ZPK
</parameter>
<parameter name="Component 1 Check Value">
[redacted]
</parameter>
<parameter name="Component 2 Check Value">
[redacted]
</parameter>
<parameter name="Component 3 Check Value">
[redacted]
</parameter>
</command>
<result name="Formed Key">
<secure-des-key length="128" type="ZPK" variant="0" scheme="X">
<data>[redacted]</data>
<check-value>FE6D76</check-value>
</secure-des-key>
</result>
</s-m-operation>
</log>
On Tuesday, 30 August 2016 15:32:46 UTC+1, chhil wrote:
So you probably used the FK command in the console. Could you share what was input without using actual key values as the 3 components entered (since you have only 2 components)?The 3 should be comp1 comp2 comp1Did the key check value you generated matched the ones that was provided by Postilion?-chhil-chhil
On Tue, Aug 30, 2016 at 7:50 PM, Ibrahim Abiodun <floppyc...@gmail.com> wrote:
I got two clear component from the postilion guys and used smconsole to form a new Key. This is the key I'm using here with its key check value
--
--
jPOS is licensed under AGPL - free for community usage for your open-source project. Licenses are also available for commercial usage. Please support jPOS, contact: sa...@jpos.org
Join us in IRC at http://webchat.freenode.net/?channels=jpos
You received this message because you are subscribed to the "jPOS Users" group.
Please see http://jpos.org/wiki/JPOS_Mailing_List_Readme_first
To post to this group, send email to jpos-...@googlegroups.com
To unsubscribe, send email to jpos-users+...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/jpos-users
---
You received this message because you are subscribed to the Google Groups "jPOS Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jpos-users+...@googlegroups.com.
Ibrahim Abiodun
Aug 30, 2016, 11:24:35 AM8/30/16
to jPOS Users
Wow !
Thanks for the heads up, know anyone offering HSM as a service ?
Best Regards
Thanks for the heads up, know anyone offering HSM as a service ?
Best Regards
Mark Salter
Aug 31, 2016, 10:43:15 AM8/31/16
to jPOS Users
On Tuesday, August 30, 2016 at 2:41:05 PM UTC+1, Ibrahim Abiodun wrote:
I'm sending a message to postilion and I'm having issues with the field 52.
Before delving into the crypto parts...
... are you sending field 52 correctly, in the correct form (binary/hex/other) expected by the target?
... are you sending field 52 correctly, in the correct form (binary/hex/other) expected by the target?
Here is how I'm generating my pinblock
JCESecurityModule jcesecmod = new JCESecurityModule("path to test lmk", "com.sun.crypto.provider.SunJCE");
SecureDESKey sdk = new SecureDESKey(SMAdapter.LENGTH_DES3_2KEY, SMAdapter.TYPE_ZPK, "ZPK Value", "KCV");
EncryptedPIN pinUnderLMK = jcesecmod.encryptPIN(pin,account);
You can't have the pin in the clear outside of test - it will/should already be secured by a PIN pad or similar; reconsider your options here - how is the pin captured?
--
Mark
chhil
Aug 31, 2016, 10:52:04 AM8/31/16
to jPOS Users
FYI :
See this thread for the correct packager for field 52.
https://groups.google.com/d/msg/jpos-users/5ggH6RfIwXA/KzrWkhVomuIJpostpack.xml (postilion packager) actually has a comment in it ;)
-chhil
Ibrahim Abiodun
Aug 31, 2016, 10:56:47 AM8/31/16
to jPOS Users
Thanks Mark,
This is what I have in Packager for the PIN Data new
IFB_BINARY(8, "PIN DATA"),
Best Regards
This is what I have in Packager for the PIN Data new
IFB_BINARY(8, "PIN DATA"),
Best Regards
Ibrahim Abiodun
Aug 31, 2016, 11:03:26 AM8/31/16
to jPOS Users
To your second question, we are still in the test phase and we are considering other options too.
On Wednesday, 31 August 2016 15:43:15 UTC+1, Mark Salter wrote:
Mark Salter
Aug 31, 2016, 2:59:21 PM8/31/16
to jpos-...@googlegroups.com
On 31/08/16 16:03, Ibrahim Abiodun wrote:
> To your second question, we are still in the test phase and we are
> considering other options too.
I mention it as it *might* need a hardware solution too, depending on
> To your second question, we are still in the test phase and we are
> considering other options too.
the interface with the cardholder.
--
Mark
Mark Salter
Aug 31, 2016, 3:19:58 PM8/31/16
to jpos-...@googlegroups.com
On 30/08/16 14:41, Ibrahim Abiodun wrote:
> JCESecurityModule jcesecmod = new JCESecurityModule("path to test lmk",
> "com.sun.crypto.provider.SunJCE");
> SecureDESKey sdk = new SecureDESKey(SMAdapter.LENGTH_DES3_2KEY,
> SMAdapter.TYPE_ZPK, "ZPK Value", "KCV");
> EncryptedPIN pinUnderLMK = jcesecmod.encryptPIN(pin,account);
> EncryptedPIN pinUnderTPK = jcesecmod.exportPINImpl(pinUnderLMK, sdk,
> SMAdapter.FORMAT01);
> byte[] pinblock = pinUnderTPK.getPINBlock();
Can you try run your code against some test data/keys and share all the
> JCESecurityModule jcesecmod = new JCESecurityModule("path to test lmk",
> "com.sun.crypto.provider.SunJCE");
> SecureDESKey sdk = new SecureDESKey(SMAdapter.LENGTH_DES3_2KEY,
> SMAdapter.TYPE_ZPK, "ZPK Value", "KCV");
> EncryptedPIN pinUnderLMK = jcesecmod.encryptPIN(pin,account);
> EncryptedPIN pinUnderTPK = jcesecmod.exportPINImpl(pinUnderLMK, sdk,
> SMAdapter.FORMAT01);
> byte[] pinblock = pinUnderTPK.getPINBlock();
input and the result; just to check we can verify/mimic the same?
I can share the same/similar tomorrow from work.
--
Mark
Ibrahim Abiodun
Sep 1, 2016, 11:35:01 AM9/1/16
to jPOS Users
Hi Mark,
Here
PART A: 753B57941C5D578FBA1A7C3792F16B58
PART B: A764E5AEBA3880B9A45762F1E60BFD98
Here
PART A: 753B57941C5D578FBA1A7C3792F16B58
PART B: A764E5AEBA3880B9A45762F1E60BFD98
<result name="Formed Key">
<secure-des-key length="128" type="ZPK" variant="0" scheme="X">
<data>1627DACF3DFB504AF4875AAB2423D1AC</data>
<check-value>FE6D76</check-value>
</secure-des-key>
</result>
PAN: 1236480014019920
which makes account :: 648001401992
Clear PIN: 1234
Generated PIN Block: <field id="52" value="FE1EE78DCE4242B2" type="binary"/>
Best Regards
which makes account :: 648001401992
Clear PIN: 1234
Generated PIN Block: <field id="52" value="FE1EE78DCE4242B2" type="binary"/>
Best Regards
Mark Salter
Sep 2, 2016, 1:10:30 PM9/2/16
to jpos-...@googlegroups.com
On 01/09/16 16:35, Ibrahim Abiodun wrote:
> Generated PIN Block: <field id="52" value="FE1EE78DCE4242B2" type="binary"/>
I did try to recreate and could not match your result.
> Generated PIN Block: <field id="52" value="FE1EE78DCE4242B2" type="binary"/>
I also failed to share my results, so will do so as soon as I can.
In the meantime, can you share your clear pin block build steps in this
example please?
--
Mark
Victor Salaman
Sep 2, 2016, 3:05:35 PM9/2/16
to jpos-...@googlegroups.com
Hi:
Mark, I could not reproduce his results either.
Ibrahim, here is what I did with your supplied data: https://gist.github.com/vsalaman/f045a8d7dbe5986a76527e981c6b5614
/V
--
Mark
--
--
jPOS is licensed under AGPL - free for community usage for your open-source project. Licenses are also available for commercial usage. Please support jPOS, contact: sa...@jpos.org
Join us in IRC at http://webchat.freenode.net/?channels=jpos
You received this message because you are subscribed to the "jPOS Users" group.
Please see http://jpos.org/wiki/JPOS_Mailing_List_Readme_first
To post to this group, send email to jpos-...@googlegroups.com
To unsubscribe, send email to jpos-users+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/jpos-users
---
You received this message because you are subscribed to the Google Groups "jPOS Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jpos-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jpos-users/cfb24de3-43c4-502b-cbaf-29eab03a942c%40talktalk.net.
Victor Salaman
Sep 3, 2016, 11:09:19 AM9/3/16
to jpos-...@googlegroups.com
Can you try sending 5C23B5B72F0E4A89 as the pinblock?
/V
--
--
jPOS is licensed under AGPL - free for community usage for your open-source project. Licenses are also available for commercial usage. Please support jPOS, contact: sa...@jpos.org
Join us in IRC at http://webchat.freenode.net/?channels=jpos
You received this message because you are subscribed to the "jPOS Users" group.
Please see http://jpos.org/wiki/JPOS_Mailing_List_Readme_first
To post to this group, send email to jpos-...@googlegroups.com
To unsubscribe, send email to jpos-users+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/jpos-users
---
You received this message because you are subscribed to the Google Groups "jPOS Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jpos-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jpos-users/f6ffdde4-4812-49f6-be1e-3735d9fc0b35%40googlegroups.com.
Mark Salter
Sep 4, 2016, 7:39:30 AM9/4/16
to jpos-...@googlegroups.com
On 01/09/16 19:08, Victor Salaman wrote:
> Can you try sending 5C23B5B72F0E4A89 as the pinblock?
I like this value for a format 1 clear PIN PIN data = LLPPPPFFFFFFFFFF
> Can you try sending 5C23B5B72F0E4A89 as the pinblock?
but also 114EE81A3A28A8B1 (PPPPFFFFFFFFFFFF - clear pin form)
I think the key here is what the OP has as PIN data going into the
encryption - I suspect you have that incorrect for the target system.
I asked for that detail elsewhere on this thread, so we shall see.
--
Mark
Victor Salaman
Sep 4, 2016, 7:12:36 PM9/4/16
to jpos-...@googlegroups.com
We'll have to wait to see if it's FORMAT01 or FORMAT03 :)
/V
--
Mark
--
--
jPOS is licensed under AGPL - free for community usage for your open-source project. Licenses are also available for commercial usage. Please support jPOS, contact: sa...@jpos.org
Join us in IRC at http://webchat.freenode.net/?channels=jpos
You received this message because you are subscribed to the "jPOS Users" group.
Please see http://jpos.org/wiki/JPOS_Mailing_List_Readme_first
To post to this group, send email to jpos-...@googlegroups.com
To unsubscribe, send email to jpos-users+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/jpos-users
---
You received this message because you are subscribed to the Google Groups "jPOS Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jpos-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jpos-users/c63f8908-9ea4-12dd-2638-66dd4d2298a8%40talktalk.net.
Ibrahim Abiodun
Sep 5, 2016, 4:10:31 AM9/5/16
to jPOS Users
Thanks Victor and Mark,
From Victor's code sample, I think I'm making the mistake for passing an incomplete PAN to the
"EncryptedPIN pinUnderLMK = jcesecmod.encryptPIN(pin,account);" instead of passing the full PAN.
I will retry with the full PAN and come back with my result.
Best Regards
From Victor's code sample, I think I'm making the mistake for passing an incomplete PAN to the
"EncryptedPIN pinUnderLMK = jcesecmod.encryptPIN(pin,account);" instead of passing the full PAN.
I will retry with the full PAN and come back with my result.
Best Regards
On Monday, 5 September 2016 00:12:36 UTC+1, Victor Salaman wrote:
We'll have to wait to see if it's FORMAT01 or FORMAT03 :)/V
On Sun, Sep 4, 2016 at 7:39 AM, 'Mark Salter' via jPOS Users <jpos-...@googlegroups.com> wrote:
On 01/09/16 19:08, Victor Salaman wrote:
> Can you try sending 5C23B5B72F0E4A89 as the pinblock?
I like this value for a format 1 clear PIN PIN data = LLPPPPFFFFFFFFFF
but also 114EE81A3A28A8B1 (PPPPFFFFFFFFFFFF - clear pin form)
I think the key here is what the OP has as PIN data going into the
encryption - I suspect you have that incorrect for the target system.
I asked for that detail elsewhere on this thread, so we shall see.
--
Mark
--
--
jPOS is licensed under AGPL - free for community usage for your open-source project. Licenses are also available for commercial usage. Please support jPOS, contact: sa...@jpos.org
Join us in IRC at http://webchat.freenode.net/?channels=jpos
You received this message because you are subscribed to the "jPOS Users" group.
Please see http://jpos.org/wiki/JPOS_Mailing_List_Readme_first
To post to this group, send email to jpos-...@googlegroups.com
To unsubscribe, send email to jpos-users+...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/jpos-users
---
You received this message because you are subscribed to the Google Groups "jPOS Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jpos-users+...@googlegroups.com.
Ibrahim Abiodun
Sep 5, 2016, 4:24:33 AM9/5/16
to jPOS Users
Hi Victor,
Got this 5C23B5B72F0E4A89 after adjusting the PAN.
Best Regards
Got this 5C23B5B72F0E4A89 after adjusting the PAN.
Best Regards
Mark Salter
Sep 5, 2016, 9:55:01 AM9/5/16
to jPOS Users
On Monday, September 5, 2016 at 9:24:33 AM UTC+1, Ibrahim Abiodun wrote:
Got this 5C23B5B72F0E4A89 after adjusting the PAN.
Can you share the code as it now stands at all?
I think you are saying that the call into the encryption takes the full PAN and you were prematurely truncating it?
--
Mark
I think you are saying that the call into the encryption takes the full PAN and you were prematurely truncating it?
--
Mark
Ibrahim Abiodun
Sep 5, 2016, 12:09:17 PM9/5/16
to jPOS Users
Yes you are right, I'm still using the same code I shared about but with the full PAN instead of using the truncated PAN
Victor Salaman
Sep 6, 2016, 4:41:07 AM9/6/16
to jpos-...@googlegroups.com
I think he might be overlooking the fact that my sample code is extracting the account # from the PAN. :)
--
--
jPOS is licensed under AGPL - free for community usage for your open-source project. Licenses are also available for commercial usage. Please support jPOS, contact: sa...@jpos.org
Join us in IRC at http://webchat.freenode.net/?channels=jpos
You received this message because you are subscribed to the "jPOS Users" group.
Please see http://jpos.org/wiki/JPOS_Mailing_List_Readme_first
To post to this group, send email to jpos-...@googlegroups.com
To unsubscribe, send email to jpos-users+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/jpos-users
---
You received this message because you are subscribed to the Google Groups "jPOS Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jpos-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jpos-users/1913df6c-9d91-4530-bb19-f912e16a37dd%40googlegroups.com.
Ibrahim Abiodun
Sep 6, 2016, 5:21:11 AM9/6/16
to jPOS Users
Hi Victor,
Just seeing that now, Here is the code
EncryptedPIN pinUnderLMK = jcesecmod.encryptPIN(pin,fullpan);
EncryptedPIN pinUnderTPK = jcesecmod.exportPINImpl(pinUnderLMK, sdk, SMAdapter.FORMAT01);
byte[] pinblock = pinUnderTPK.getPINBlock();
Just seeing that now, Here is the code
EncryptedPIN pinUnderLMK = jcesecmod.encryptPIN(pin,fullpan);
EncryptedPIN pinUnderTPK = jcesecmod.exportPINImpl(pinUnderLMK, sdk, SMAdapter.FORMAT01);
byte[] pinblock = pinUnderTPK.getPINBlock();
On Tuesday, 6 September 2016 09:41:07 UTC+1, Victor Salaman wrote:
I think he might be overlooking the fact that my sample code is extracting the account # from the PAN. :)
On Mon, Sep 5, 2016 at 9:55 AM, 'Mark Salter' via jPOS Users <jpos-...@googlegroups.com> wrote:
--
On Monday, September 5, 2016 at 9:24:33 AM UTC+1, Ibrahim Abiodun wrote:Got this 5C23B5B72F0E4A89 after adjusting the PAN.Can you share the code as it now stands at all?
I think you are saying that the call into the encryption takes the full PAN and you were prematurely truncating it?
--
Mark
--
jPOS is licensed under AGPL - free for community usage for your open-source project. Licenses are also available for commercial usage. Please support jPOS, contact: sa...@jpos.org
Join us in IRC at http://webchat.freenode.net/?channels=jpos
You received this message because you are subscribed to the "jPOS Users" group.
Please see http://jpos.org/wiki/JPOS_Mailing_List_Readme_first
To post to this group, send email to jpos-...@googlegroups.com
To unsubscribe, send email to jpos-users+...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/jpos-users
---
You received this message because you are subscribed to the Google Groups "jPOS Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jpos-users+...@googlegroups.com.
Victor Salaman
Sep 6, 2016, 5:26:30 AM9/6/16
to jpos-...@googlegroups.com
On Tue, Sep 6, 2016 at 5:21 AM, Ibrahim Abiodun <floppyc...@gmail.com> wrote:
EncryptedPIN pinUnderLMK = jcesecmod.encryptPIN(pin,fullpan);
If using the full PAN you need to tell encryptPin to extract the account as in:
EncryptedPIN pinUnderLMK = jcesecmod.encryptPIN(pin,fullpan, true);
- What Pinblock do you get?
- When you send the pinblock to Postilion what does it return?
/V
Reply all
Reply to author
Forward
0 new messages