DUKPT(3DES) Decrypt
1,202 views
Skip to first unread message
Jagn
Jul 4, 2010, 10:25:41 AM7/4/10
to jPOS Users
We are checking with the JPOS 1.5 for DUKPT decryption, We tried
running the example test of SSM, we are not getting the clear PIN.
The input values for test_DUKPT method are:
EncryptedPIN pin = new EncryptedPIN("1b9c1845eb993a7a",
SMAdapter.FORMAT01, "4012345678909");
KeySerialNumber ksn = new KeySerialNumber("987654", "3210",
"e00001");
We are getting the below error:
org.jpos.security.SMException: PIN Block Error at
org.jpos.security.jceadapter.SSM.calculatePIN(SSM.java:808) at
org.jpos.security.jceadapter.SSM.translatePINImpl(SSM.java:249) at
org.jpos.security.BaseSMAdapter.translatePIN(BaseSMAdapter.java:313)
at com.mobibucks.pinblock.SSMTestCase.test_DUKPT(SSMTestCase.java:65)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:
39) at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:
25) at java.lang.reflect.Method.invoke(Method.java:597) at
junit.framework.TestCase.runTest(TestCase.java:154) at
junit.framework.TestCase.runBare(TestCase.java:127) at
junit.framework.TestResult$1.protect(TestResult.java:106) at
junit.framework.TestResult.runProtected(TestResult.java:124) at
junit.framework.TestResult.run(TestResult.java:109) at
junit.framework.TestCase.run(TestCase.java:118) at
junit.framework.TestSuite.runTest(TestSuite.java:208) at
junit.framework.TestSuite.run(TestSuite.java:203) at
org.eclipse.jdt.internal.junit.runner.junit3.JUnit3TestReference.run(JUnit3TestReference.java:
130) at
org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:
38) at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:
467) at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:
683) at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:
390) at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:
197)
We are verifying results against the dukptdecrypt.exe tool available
in the net.
The results are matching for 1-DES DUKPT and not for 3-DES.
For 3-DES we are getting the above errors
Please suggest
running the example test of SSM, we are not getting the clear PIN.
The input values for test_DUKPT method are:
EncryptedPIN pin = new EncryptedPIN("1b9c1845eb993a7a",
SMAdapter.FORMAT01, "4012345678909");
KeySerialNumber ksn = new KeySerialNumber("987654", "3210",
"e00001");
We are getting the below error:
org.jpos.security.SMException: PIN Block Error at
org.jpos.security.jceadapter.SSM.calculatePIN(SSM.java:808) at
org.jpos.security.jceadapter.SSM.translatePINImpl(SSM.java:249) at
org.jpos.security.BaseSMAdapter.translatePIN(BaseSMAdapter.java:313)
at com.mobibucks.pinblock.SSMTestCase.test_DUKPT(SSMTestCase.java:65)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:
39) at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:
25) at java.lang.reflect.Method.invoke(Method.java:597) at
junit.framework.TestCase.runTest(TestCase.java:154) at
junit.framework.TestCase.runBare(TestCase.java:127) at
junit.framework.TestResult$1.protect(TestResult.java:106) at
junit.framework.TestResult.runProtected(TestResult.java:124) at
junit.framework.TestResult.run(TestResult.java:109) at
junit.framework.TestCase.run(TestCase.java:118) at
junit.framework.TestSuite.runTest(TestSuite.java:208) at
junit.framework.TestSuite.run(TestSuite.java:203) at
org.eclipse.jdt.internal.junit.runner.junit3.JUnit3TestReference.run(JUnit3TestReference.java:
130) at
org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:
38) at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:
467) at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:
683) at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:
390) at
org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:
197)
We are verifying results against the dukptdecrypt.exe tool available
in the net.
The results are matching for 1-DES DUKPT and not for 3-DES.
For 3-DES we are getting the above errors
Please suggest
Mark Salter
Jul 4, 2010, 5:34:53 PM7/4/10
to jpos-...@googlegroups.com
On 04/07/2010 15:25, Jagn wrote:
> We are checking with the JPOS 1.5 for DUKPT decryption, We tried
> running the example test of SSM, we are not getting the clear PIN.
I suspect the PIN block has not been produced using the key your tests> We are checking with the JPOS 1.5 for DUKPT decryption, We tried
> running the example test of SSM, we are not getting the clear PIN.
are using? The "PIN Block Error" Exceptions are thrown upon finding bad
data in a c;ear PIN block, so this is why I think the decryption is
'failing'.
>
> The input values for test_DUKPT method are:
>
> EncryptedPIN pin = new EncryptedPIN("1b9c1845eb993a7a",
> SMAdapter.FORMAT01, "4012345678909");
Which key was used to produce 1b9c1845eb993a7a ?
> KeySerialNumber ksn = new KeySerialNumber("987654", "3210",
> "e00001");
I'm not at all sure what the code above has to do with the following
Exception?
>
> We are getting the below error:
> org.jpos.security.SMException: PIN Block Error at
> org.jpos.security.jceadapter.SSM.calculatePIN(SSM.java:808) at
> org.jpos.security.jceadapter.SSM.translatePINImpl(SSM.java:249) at
> org.jpos.security.BaseSMAdapter.translatePIN(BaseSMAdapter.java:313)
> at com.mobibucks.pinblock.SSMTestCase.test_DUKPT(SSMTestCase.java:65)
Can you show this code?
>
> We are verifying results against the dukptdecrypt.exe tool available
> in the net.
> The results are matching for 1-DES DUKPT and not for 3-DES.
> For 3-DES we are getting the above errors
So is the Encrypted PIN block (1b9c1845eb993a7a) encrypted under single
or triple DES - and using which test key?
--
Mark
Jagn
Jul 5, 2010, 6:51:04 AM7/5/10
to jPOS Users
Thanks for kind response.
Below are my comments & clarifictions in [].
On Jul 5, 2:34 am, Mark Salter <marksal...@talktalk.net> wrote:
> On 04/07/2010 15:25, Jagn wrote:> We are checking with the JPOS 1.5 for DUKPT decryption, We tried
> > running the example test of SSM, we are not getting the clear PIN.
>
> I suspect the PIN block has not been produced using the key your tests
> are using? The "PIN Block Error" Exceptions are thrown upon finding bad
> data in a c;ear PIN block, so this is why I think the decryption is
> 'failing'. [ Correct ]
I am straight away using the clear BDK (bypassing the decryption from
LMK functionality)]
Here I am using SSMTestCase.java, and method: test_DUKPT () and
changed the input values what I got from my Pinpad and the
dukptdecrypt.exe tool, here both the results are matching, but when
used the same inputs in the method test_DUKPT , its giving above error
Here is the result for the dukptdecrypt
input:
dukptdecrypt -bdk 0123456789abcdeffedcba9876543210 -ksn
ffff9876543210e00001 -epb 1b9c1845eb993a7a -pan 4012345678909
output:
clear pinblock 041274EDCBA9876F, pin: 1234]
>
> --
> Mark
Below are my comments & clarifictions in [].
On Jul 5, 2:34 am, Mark Salter <marksal...@talktalk.net> wrote:
> On 04/07/2010 15:25, Jagn wrote:> We are checking with the JPOS 1.5 for DUKPT decryption, We tried
> > running the example test of SSM, we are not getting the clear PIN.
>
> I suspect the PIN block has not been produced using the key your tests
> are using? The "PIN Block Error" Exceptions are thrown upon finding bad
> data in a c;ear PIN block, so this is why I think the decryption is
>
>
>
> > The input values for test_DUKPT method are:
>
> > EncryptedPIN pin = new EncryptedPIN("1b9c1845eb993a7a",
> > SMAdapter.FORMAT01, "4012345678909");
>
> Which key was used to produce 1b9c1845eb993a7a ? [ I used the test key provided in the keys-test file which is present in the cfg folder of ssm.zip
>
>
> > The input values for test_DUKPT method are:
>
> > EncryptedPIN pin = new EncryptedPIN("1b9c1845eb993a7a",
> > SMAdapter.FORMAT01, "4012345678909");
>
I am straight away using the clear BDK (bypassing the decryption from
LMK functionality)]
>
> > KeySerialNumber ksn = new KeySerialNumber("987654", "3210",
> > "e00001");
>
> I'm not at all sure what the code above has to do with the following
> Exception?
>
>
>
> > We are getting the below error:
> > org.jpos.security.SMException: PIN Block Error at
> > org.jpos.security.jceadapter.SSM.calculatePIN(SSM.java:808) at
> > org.jpos.security.jceadapter.SSM.translatePINImpl(SSM.java:249) at
> > org.jpos.security.BaseSMAdapter.translatePIN(BaseSMAdapter.java:313)
> > at com.mobibucks.pinblock.SSMTestCase.test_DUKPT(SSMTestCase.java:65)
>
> Can you show this code?
[ Please refer: http://jpos.org/ee/modules/ssm.zip
> > KeySerialNumber ksn = new KeySerialNumber("987654", "3210",
> > "e00001");
>
> I'm not at all sure what the code above has to do with the following
> Exception?
>
>
>
> > We are getting the below error:
> > org.jpos.security.SMException: PIN Block Error at
> > org.jpos.security.jceadapter.SSM.calculatePIN(SSM.java:808) at
> > org.jpos.security.jceadapter.SSM.translatePINImpl(SSM.java:249) at
> > org.jpos.security.BaseSMAdapter.translatePIN(BaseSMAdapter.java:313)
> > at com.mobibucks.pinblock.SSMTestCase.test_DUKPT(SSMTestCase.java:65)
>
> Can you show this code?
Here I am using SSMTestCase.java, and method: test_DUKPT () and
changed the input values what I got from my Pinpad and the
dukptdecrypt.exe tool, here both the results are matching, but when
used the same inputs in the method test_DUKPT , its giving above error
Here is the result for the dukptdecrypt
input:
dukptdecrypt -bdk 0123456789abcdeffedcba9876543210 -ksn
ffff9876543210e00001 -epb 1b9c1845eb993a7a -pan 4012345678909
output:
clear pinblock 041274EDCBA9876F, pin: 1234]
>
> > We are verifying results against the dukptdecrypt.exe tool available
> > in the net.
> > The results are matching for 1-DES DUKPT and not for 3-DES.
> > For 3-DES we are getting the above errors
>
> So is the Encrypted PIN block (1b9c1845eb993a7a) encrypted under single
> or triple DES - and using which test key? [double length (128) BDK used: 0123456789abcdeffedcba9876543210]
> > We are verifying results against the dukptdecrypt.exe tool available
> > in the net.
> > The results are matching for 1-DES DUKPT and not for 3-DES.
> > For 3-DES we are getting the above errors
>
> So is the Encrypted PIN block (1b9c1845eb993a7a) encrypted under single
>
> --
> Mark
jagnd
Jul 7, 2010, 4:07:00 AM7/7/10
to jPOS Users
Hi Mark,
Please let me know if you find any updates on the below
Jagn
Please let me know if you find any updates on the below
Jagn
Reply all
Reply to author
Forward
0 new messages