Re: [jpos-users] DUKPT PIN verification error
254 views
Skip to first unread message
AAO
Oct 21, 2012, 1:16:00 PM10/21/12
to jpos-...@googlegroups.com
Arun -
Andy Orrock
See KSN/KSN Descriptor Enlightenment delivered just now in a separate answer.
One first thought here...your Decimalization Table....
Of it, Thales says:
Decimalization Table: Encrypted/Plaintext [E/P]
• When set to ‘E’ (the default setting), the supplied decimalization table must be encrypted (using console command ED), and will consist of 16 hexadecimal digits.
• When set to ‘P’, the supplied decimalization table must be plaintext, and will consist of 16 decimal digits.
Did you go out of your way to change the setting to plaintext? Because you're providing a plaintext value in your command.
To rectify, you can either:
a) Encrypt the decimalization table using ED. (If attempts to address ED last longer than four hours, please see a doctor).
-- OR --
b) Change the Console setting to 'P': http://screencast.com/t/qVabDyZQDR
Andy Orrock
On Sun, Oct 21, 2012 at 10:50 AM, Arunkumar D <arun....@gmail.com> wrote:
While working in DUKPT, I came across the below problem. If you could help me out, it will be more helpful to me.
I am using Thales RG8000 HSM.
2012-10-17 17:49:14,607: INFO - [XBExtCommPoint] TCPIP Hexdump while sending
000000: 00 8f 30 30 30 39 43 4b 39 30 39 45 39 36 30 35 ..0009CK909E9605
000010: 33 36 39 34 31 38 32 31 42 37 35 41 42 37 46 37 36941821B75AB7F7
000020: 31 38 31 46 33 39 43 37 36 35 46 31 35 34 36 41 181F39C765F1546A
000030: 43 31 35 37 38 36 36 32 36 30 35 37 35 41 32 44 C157866260575A2D
000040: 41 30 30 30 30 32 30 30 30 31 36 30 35 41 36 32 A000020001605A62
000050: 38 32 43 42 39 38 41 35 44 33 30 30 34 36 32 34 82CB98A5D3004624
000060: 32 35 30 34 39 35 37 37 36 31 32 33 34 35 36 37 2504957761234567
000070: 38 39 30 31 32 33 34 35 36 34 33 38 36 32 34 32 8901234564386242
000080: 35 30 34 4e 36 31 32 33 34 46 46 46 46 46 46 46 504N61234FFFFFFF
000090: 46 F
2012-10-17 17:49:14,816: INFO - [XBExtCommPoint] TCPIP Hexdump at receive
000000: 00 08 30 30 30 39 43 4c 32 34 ..0009CL24
The Message split-up is as follows;
CmdCode => CK ( Verify DUKPT PIN IBM Method )
BDK Encypted by LMK => 909E960536941821B75AB7F7181F39C7
PVK Encrypted by LMK => 65F1546AC1578662 ( a Single Length One )
KSN Descriptor => 605
KSN => 75A2DA0000200016 ( My KSN Comprises of 75A2DA - BDK Id, 00002 - Device Id, 00016 - Counter )
Source Pin Block => 05A6282CB98A5D30
Check Length => 04
Account Number => 624250495776 ( 12 Digits excluding check digit )
Decimalization Table => 1234567890123456
PIN Validation Data => 4386242504N6
Pin Offset => 1234FFFFFFFF ( Padded with 'F's )
As mentioned in the response message, I am getting error as "PIN is fewer than 4 or more than 12 digits in length"
Since I am testing my application without PED, I am using the PIN Block generated by a DUKPT utility
at http://www.codemagus.com/WebTools/cgi-bin/cmldkgipek
The Clear BDK is 75A2DA799E4361FBA7C479FE5225FB1F
I created BDK as follows ( in console ),
1. DD Command
5EC7 3EF8 D680 5880 9D34 6BBF 29E0 EF45 ( Clear ZMK )
2. DE Command
A645 54F1 867F E2B8 3126 2DAC 8739 A0DB ( Encrypted ZMK )
6FDF A94A ( Check Value )
3. DG Command
BDK Encrypted by ZMK : 67BE 7632 F7A0 856D E109 90A4 D89A BB5A
BDK Encrypted by LMK : 909E 9605 3694 1821 B75A B7F7 181F 39C7
Can you please help me to find out the reason for this error code 24?
Please enlighten me on the concepts of KSN and KSN Descriptor.
Additional Info :
Clear PIN is "2449"
--
--
jPOS is licensed under AGPL - free for community usage for your open-source project. Licenses are also available for commercial usage.
Please support jPOS, contact: sa...@jpos.org
You received this message because you are subscribed to the "jPOS Users" group.
Please see http://jpos.org/wiki/JPOS_Mailing_List_Readme_first
To post to this group, send email to jpos-...@googlegroups.com
To unsubscribe, send email to jpos-users+...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/jpos-users
Reply all
Reply to author
Forward
0 new messages