Key Exchange with Postilion
ricmoore
Transaction Manager. I have an application which is configured as a
sink node. But I have problem generating key using the
JCESecurityModule
Any help with sample code will be appreciated
Regards
chhil
What are u doing with the JSecurityModuke to generate the key?
Basically you will have the KEK in the clear and you will generate a key called a pin working key (KWP) that you will perform a DES encrypt on and send it in the key exchange message to the Postilion system. This will generally be a double length key. You will need to find out from the Postilion system guys if they use variants for the keys then you will need to apply them and send them the KWP to the remote.
Look at the unit test code samples available that show you how the api gets used.
Also read these up...as they may be helpful...
http://jpos.org/wiki/HSM_basics
http://jpos.org/w/index.php/HSM_basics_continued
-chhil
ricmoore
Thanks for that quick response. If I get you right the KEK is the clear
key that I shared with Postilion source Node(client). Then postilion
will request for KWP which I generate from my app encryted under KEK.
The KWP is the key postilion use to encryt PIN block from ATM and send
to my App to Translate.
You detail explaination will be appreciated am using the
JCESecurityModule for my KWP generation. Also I think I can also
generate the KEK from JCESecurityModule and give to the postilion guys
to load to there HSM (Thales)
Thanks
chhil
Andy Orrock
“the Key naming conventions differ from system to system”
Right. Typically, I find that the nomenclature in place at a specific company is sort of generated from the HSM outwards.
So, for example, if you’re using a Key-Up, you have a KEK. If you’re using a Thales (formerly RACAL), one equivalent (at least on the remote endpoint side) is the ZMK (Zone Master Key).
Also, the KEK is referred to here as a “clear key.” I don’t have 100% knowledge of the task the two of you are describing here, but I imagine (for the sake of other readers) that the KEK is in fact a cryptogram encrypted under some type of Local Master Key (“LMK,” aka, MFK – Master File Key).
Andy Orrock
ricmoore
I have some clear hints now to go about this things. I have generated
2 component KEK (to be xored) now with their check value and sent to
the postilion guys to be imported to the HSM
Now which method would I used to encrypt the KWP under the KEK(ZMK) to
get the encryted key to be sent to the postilion
Thanks for you help!
ricmoore
I still need your response please. This is a trace
::: input -1='0800'
::: input 0='8238000000000000'
::: input 1='0400000000000000'
::: input 7='0823035208'
::: input 11='165208'
::: input 12='165208'
::: input 13='0823'
::: input 70='101'
response
::: Field -1='0810'
::: Field 0='8038000002000000'
::: Field 1='0400000000000008'
::: Field 11='165208'
::: Field 12='165208'
::: Field 13='0823'
::: Field 39='00'
::: Field 70='101'
::: Field 125='879BA7550CF48133DF45FB0179B5E8FEFB88'
Postilion cannot load this Key(The last 4 digit is the check value), it
complain of IndexOutofrangeException. Does that means that is expecting
more that one am sending. If I encryt 32 Hex digit with 32 hex digit
what should I get
I need your help
Andy Orrock wrote:
> "the Key naming conventions differ from system to system"
>
>
>
> Right. Typically, I find that the nomenclature in place at a specific
> company is sort of generated from the HSM outwards.
>
>
>
> So, for example, if you're using a Key-Up, you have a KEK. If you're using
> a Thales (formerly RACAL), one equivalent (at least on the remote endpoint
> side) is the ZMK (Zone Master Key).
>
>
>
> Also, the KEK is referred to here as a "clear key." I don't have 100%
> knowledge of the task the two of you are describing here, but I imagine (for
> the sake of other readers) that the KEK is in fact a cryptogram encrypted
> under some type of Local Master Key ("LMK," aka, MFK - Master File Key).
>
>
>
> Andy Orrock
>
>
>
> _____
>
> ------=_NextPart_000_0060_01C6C5C0.BDC058D0
> Content-Type: text/html; charset=utf-8
> Content-Transfer-Encoding: quoted-printable
> X-Google-AttachSize: 10523
>
> <html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr=
> osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
> xmlns:st1=3D"urn:schemas-microsoft-com:office:smarttags" xmlns=3D"http://ww=
> w.w3.org/TR/REC-html40">
>
> <head>
> <meta http-equiv=3DContent-Type content=3D"text/html; charset=3Dus-ascii">
> <meta name=3DGenerator content=3D"Microsoft Word 11 (filtered medium)">
> <!--[if !mso]>
> <style>
> v\:* {behavior:url(#default#VML);}
> o\:* {behavior:url(#default#VML);}
> w\:* {behavior:url(#default#VML);}
> =2Eshape {behavior:url(#default#VML);}
> </style>
> <![endif]--><o:SmartTagType
> namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags" name=3D"Person=
> Name"/>
> <!--[if !mso]>
> <style>
> st1\:*{behavior:url(#default#ieooui) }
> </style>
> <![endif]-->
> <style>
> <!--
> /* Font Definitions */
> @font-face
> {font-family:Tahoma;
> panose-1:2 11 6 4 3 5 4 4 2 4;}
> @font-face
> {font-family:"Palatino Linotype";
> panose-1:2 4 5 2 5 5 5 3 3 4;}
> /* Style Definitions */
> p.MsoNormal, li.MsoNormal, div.MsoNormal
> {margin:0in;
> margin-bottom:.0001pt;
> font-size:12.0pt;
> font-family:"Times New Roman";}
> a:link, span.MsoHyperlink
> {color:blue;
> text-decoration:underline;}
> a:visited, span.MsoHyperlinkFollowed
> {color:blue;
> text-decoration:underline;}
> span.EmailStyle18
> {mso-style-type:personal-reply;
> font-family:"Palatino Linotype";
> color:blue;
> font-weight:normal;
> font-style:normal;
> text-decoration:none none;}
> @page Section1
> {size:8.5in 11.0in;
> margin:1.0in 1.25in 1.0in 1.25in;}
> div.Section1
> {page:Section1;}
> -->
> </style>
> <!--[if gte mso 9]><xml>
> <o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
> </xml><![endif]--><!--[if gte mso 9]><xml>
> <o:shapelayout v:ext=3D"edit">
> <o:idmap v:ext=3D"edit" data=3D"1" />
> </o:shapelayout></xml><![endif]-->
> </head>
>
> <body lang=3DEN-US link=3Dblue vlink=3Dblue>
>
> <div class=3DSection1>
>
> <p class=3DMsoNormal><font size=3D2 color=3Dblue face=3D"Palatino Linotype"=
> ><span
> style=3D'font-size:10.0pt;font-family:"Palatino Linotype";color:blue'>̶=
> 0;</span></font>the
> Key naming conventions differ from system to system”<font size=3D2
> color=3Dblue face=3D"Palatino Linotype"><span style=3D'font-size:10.0pt;fon=
> t-family:
> "Palatino Linotype";color:blue'><o:p></o:p></span></font></p>
>
> <p class=3DMsoNormal><font size=3D2 color=3Dblue face=3D"Palatino Linotype"=
> ><span
> style=3D'font-size:10.0pt;font-family:"Palatino Linotype";color:blue'><o:p>=
> </o:p></span></font></p>
>
> <p class=3DMsoNormal><font size=3D2 color=3Dblue face=3D"Palatino Linotype"=
> ><span
> style=3D'font-size:10.0pt;font-family:"Palatino Linotype";color:blue'>Right=
> .
> Typically, I find that the nomenclature in place at a specific company is s=
> ort
> of generated from the HSM outwards.<o:p></o:p></span></font></p>
>
> <p class=3DMsoNormal><font size=3D2 color=3Dblue face=3D"Palatino Linotype"=
> ><span
> style=3D'font-size:10.0pt;font-family:"Palatino Linotype";color:blue'><o:p>=
> </o:p></span></font></p>
>
> <p class=3DMsoNormal><font size=3D2 color=3Dblue face=3D"Palatino Linotype"=
> ><span
> style=3D'font-size:10.0pt;font-family:"Palatino Linotype";color:blue'>So, f=
> or
> example, if you’re using a Key-Up, you have a KEK. If you’=
> ;re
> using a Thales (formerly RACAL), one equivalent (at least on the remote
> endpoint side) is the ZMK (Zone Master Key). <o:p></o:p></span></font></p>
>
> <p class=3DMsoNormal><font size=3D2 color=3Dblue face=3D"Palatino Linotype"=
> ><span
> style=3D'font-size:10.0pt;font-family:"Palatino Linotype";color:blue'><o:p>=
> </o:p></span></font></p>
>
> <p class=3DMsoNormal><font size=3D2 color=3Dblue face=3D"Palatino Linotype"=
> ><span
> style=3D'font-size:10.0pt;font-family:"Palatino Linotype";color:blue'>Also,=
> the
> KEK is referred to here as a “clear key.” I don’t h=
> ave
> 100% knowledge of the task the two of you are describing here, but I imagine
> (for the sake of other readers) that the KEK is in fact a cryptogram encryp=
> ted
> under some type of Local Master Key (“LMK,” aka, MFK – Ma=
> ster
> File Key).<o:p></o:p></span></font></p>
>
> <p class=3DMsoNormal><font size=3D2 color=3Dblue face=3D"Palatino Linotype"=
> ><span
> style=3D'font-size:10.0pt;font-family:"Palatino Linotype";color:blue'><o:p>=
> </o:p></span></font></p>
>
> <p class=3DMsoNormal><st1:PersonName w:st=3D"on"><font size=3D2 color=3Dblue
> face=3D"Palatino Linotype"><span style=3D'font-size:10.0pt;font-family:"Pa=
> latino Linotype";
> color:blue'>Andy Orrock</span></font></st1:PersonName><font size=3D2 color=
> =3Dblue
> face=3D"Palatino Linotype"><span style=3D'font-size:10.0pt;font-family:"Pal=
> atino Linotype";
> color:blue'><o:p></o:p></span></font></p>
>
> <p class=3DMsoNormal><font size=3D2 color=3Dblue face=3D"Palatino Linotype"=
> ><span
> style=3D'font-size:10.0pt;font-family:"Palatino Linotype";color:blue'><o:p>=
> </o:p></span></font></p>
>
> <div style=3D'border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in =
> 4.0pt'>
>
> <div>
>
> <div class=3DMsoNormal align=3Dcenter style=3D'text-align:center'><font siz=
> e=3D3
> face=3D"Times New Roman"><span style=3D'font-size:12.0pt'>
>
> <hr size=3D2 width=3D"100%" align=3Dcenter tabindex=3D-1>
>
> </span></font></div>
>
> <p class=3DMsoNormal><b><font size=3D2 face=3DTahoma><span style=3D'font-si=
> ze:10.0pt;
> font-family:Tahoma;font-weight:bold'>From:</span></font></b><font size=3D2
> face=3DTahoma><span style=3D'font-size:10.0pt;font-family:Tahoma'> <st1:Per=
> sonName
> w:st=3D"on">jpos-...@googlegroups.com</st1:PersonName> [mailto:<st1:Perso=
> nName
> w:st=3D"on">jpos-...@googlegroups.com</st1:PersonName>] <b><span
> style=3D'font-weight:bold'>On Behalf Of </span></b>chhil<br>
> <b><span style=3D'font-weight:bold'>Sent:</span></b> Tuesday, August 22, 20=
> 06
> 7:02 AM<br>
> <b><span style=3D'font-weight:bold'>To:</span></b> <st1:PersonName w:st=3D"=
> on">jpos-...@googlegroups.com</st1:PersonName><br>
> <b><span style=3D'font-weight:bold'>Subject:</span></b> Re: Key Exchange wi=
> th
> Postilion</span></font><o:p></o:p></p>
>
> </div>
>
> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span style=3D=
> 'font-size:
> 12.0pt'><o:p> </o:p></span></font></p>
>
> <div>
>
> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span style=3D=
> 'font-size:
> 12.0pt'> <o:p></o:p></span></font></p>
>
> </div>
>
> <div>
>
> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span style=3D=
> 'font-size:
> 12.0pt'>The kek (key encryption key) is the clear key that you will sh=
> are
> with the postilion system (beware ...the Key naming conventions differ from
> system to system).I am not sure if it will request a key..it will simply se=
> nd
> it or you send it to it. <o:p></o:p></span></font></p>
>
> </div>
>
> <div>
>
> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span style=3D=
> 'font-size:
> 12.0pt'>The pinblock received from the atm will be translated from Postilio=
> ns
> KWP (pin working key) to the KWP exchanged between you and Postilion.<o:p><=
> /o:p></span></font></p>
>
> </div>
>
> <div>
>
> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span style=3D=
> 'font-size:
> 12.0pt'> <o:p></o:p></span></font></p>
>
> </div>
>
> <div>
>
> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span style=3D=
> 'font-size:
> 12.0pt'>You can use the commandline utility available with jpos to
> generate key components that you can give to the guys your system talks to =
> and
> they can load the KEK into their HSM (I have not used it in some time so am=
> not
> 100% sure, give it a shot until someone more knowledgeable can guide you
> through the process). <o:p></o:p></span></font></p>
>
> </div>
>
> <div>
>
> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span style=3D=
> 'font-size:
> 12.0pt'> <o:p></o:p></span></font></p>
>
> </div>
>
> <div>
>
> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span style=3D=
> 'font-size:
> 12.0pt'>I would look at the command line utility to see how the key generat=
> ion
> works and you can implement the encrypting of the generating of the KWP und=
> er
> the KEK and use it in the key exchange.<o:p></o:p></span></font></p>
>
> </div>
>
> <div>
>
> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span style=3D=
> 'font-size:
> 12.0pt'> <o:p></o:p></span></font></p>
>
> </div>
>
> <div>
>
> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span style=3D=
> 'font-size:
> 12.0pt'>-chhil<o:p></o:p></span></font></p>
>
> </div>
>
> <div>
>
> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span style=3D=
> 'font-size:
> 12.0pt'> <o:p></o:p></span></font></p>
>
> </div>
>
> <div>
>
> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span style=3D=
> 'font-size:
> 12.0pt'> <o:p></o:p></span></font></p>
>
> </div>
>
> <div>
>
> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span style=3D=
> 'font-size:
> 12.0pt'> <o:p></o:p></span></font></p>
>
> </div>
>
> <div>
>
> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span style=3D=
> 'font-size:
> 12.0pt'> <o:p></o:p></span></font></p>
>
> </div>
>
> <div>
>
> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span style=3D=
> 'font-size:
> 12.0pt'> <o:p></o:p></span></font></p>
>
> </div>
>
> <div>
>
> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span style=3D=
> 'font-size:
> 12.0pt'> <o:p></o:p></span></font></p>
>
> </div>
>
> <div>
>
> <p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span style=3D=
> 'font-size:
> 12.0pt'><br>
> <br>
> <o:p></o:p></span></font></p>
>
> </div>
>
> <div>
>
> <p class=3DMsoNormal><span class=3Dgmailquote><font size=3D3 face=3D"Times =
> New Roman"><span
> style=3D'font-size:12.0pt'>On 8/22/06, <b><span style=3D'font-weight:bold'>=
> ricmoore</span></b>
> <<a href=3D"mailto:richard...@gmail.com">richard...@gmail.com<=
> /a>>
> wrote:</span></font></span> <o:p></o:p></p>
>
> <p class=3DMsoNormal style=3D'margin-bottom:12.0pt'><font size=3D3
> face=3D"Times New Roman"><span style=3D'font-size:12.0pt'><br>
> Hi chhil,<br>
> Thanks for that quick response. If I get you right the KEK is the clear<br>
> key that I shared with Postilion source Node(client). Then postilion <br>
> will request for KWP which I generate from my app encryted under KEK.<br>
> The KWP is the key postilion use to encryt PIN block from ATM and send<br>
> to my App to Translate.<br>
> <br>
> You detail explaination will be appreciated am using the <br>
> JCESecurityModule for my KWP generation. Also I think I can also<br>
> generate the KEK from JCESecurityModule and give to the postilion guys<br>
> to load to there HSM (Thales)<br>
> <br>
> Thanks<br>
> <br>
> <br>
> <br>
>
> </div>
>
> </div>
>
> </div>
>
> </body>
>
> </html>
>
> ------=_NextPart_000_0060_01C6C5C0.BDC058D0--
Andy Orrock
How is field 125 defined in your XML packager?
Andy Orrock
chhil
chhil
Mark Salter
> Postilion cannot load this Key(The last 4 digit is the check value),
> it complain of IndexOutofrangeException. Does that means that is
> expecting more that one am sending.
Are you generating the 0810 in response to the 0800 from Postilion? Is
the IndexOutofRangeException occurring at their end receiving the
message or at yours as you try to send it? As Andy has already asked,
the format of your field 125 might be the 'key' here.
> If I encryt 32 Hex digit with 32 hex digit what should I get
You should get 32 bytes of data.
Can I take a wild guess?
I would think you might need to encrypt or prepare the key you are
trying to pass in it's binary form - 8 bytes for single length keys and
16 bytes for a double. The key might travel in the message as the
character hexadecimal representation of the binary key, but I don't
imagine you would encrypt the characters representing the key?
Just a wild guess remember! I have no experience of Postilion!
--
Mark
chhil
You are correct as usual...the KEK is a cryptogram and not clear :-)
-chhil
ricmoore
padded '00' from the documentaion. But I still have a challenge. The
encryted key was later accepted but postilion is still asking for key
exchange though I can see that it has loaded the key or do I need to
send a response to stop asking for key exchange again. Other question I
have is if I use 32hex to encryt 32hex what should be the length of the
resultant key. I tried to use
JCEHandler.encryptDESKey(SMAdapter.LENGTH_DES3_2KEY,newkey,kek);
Is it proper
Mark Salter
> Postilion was actually expecting 38 hex values. That has been fixed I
> padded '00' from the documentaion. But I still have a challenge. The
> encryted key was later accepted but postilion is still asking for
> key exchange though I can see that it has loaded the key or do I need
> to send a response to stop asking for key exchange again.
did the postilion system log or indicate a successful key process? As
it continues to ask, that would indicate that something is amiss.
What does the documentation say about this process?
> Other question I have is if I use 32hex to encryt 32hex what should
> be the length of the resultant key.
The result of encryption is normally a block of data whose length is a
multiple of the encryption key length. As your clear data is already a
multiple (*1) of the key length you should end up with 32 bytes of data.
> I tried to use
> JCEHandler.encryptDESKey(SMAdapter.LENGTH_DES3_2KEY,newkey,kek);
>
> Is it proper
Looks ok, 128 bit / 16 byte / double length keys?
How are you getting the resultant byte[] into your message?
What is the structure/definition of field 125 in your message?
--
Mark
Mark Salter
> JCEHandler.encryptDESKey(SMAdapter.LENGTH_DES3_2KEY,newkey,kek);
Also, how are you forming these two Key objects?
--
Mark
chhil
-chhil
Mark Salter
> Postilion has many interfaces that it talks to on the sink (upstream)
> side. Based on what interface you are talking to the key exchanges
> may be timer driven to enhance security or if that interface was
> restarted it may ask for key exchanges tobe in sync and avoid pin
> failure declines. Find out if the remote can configure the postilion
> interface to allow you to do key exchanges this way you have control
> of the process.
can re-request keys?
--
Mark
chhil
-chhil
ricmoore
String hexmaster = "e4a3ca2b471d308295f9b11b6006ee6c"
byte[] keydata = ISOUtil.hex2byte(hexmaster );
SecretKey master = new SecretKeySpec(keydata,"DESede");
newkey = jcehandler.generateDESKey(SMAdapter.LENGTH_DES3_2KEY);
enkey =
jcehandler.encryptDESKeySMAdapter.LENGTH_DES3_2KEY,newkey,master);
Also how do I know if postilion has Loaded my key(I expect that it stop
sending key exchange message)
ricmoore
This what postilion define for the exchange key field
"In key change transactions, this field contains the encrypted key in
the first 8, 16, or 24 bytes, depending on the key length, followed by
up to 4 of the most significant bytes of the key check digits. The key
check digits are defined to be the value of 8 zero bytes encrypted
under the key.
This field should be right padded with binary zeros to 48 bytes."
How do u guys interprete this?
Mark Salter
>
> Mark Salter wrote:
>> ricmoore wrote:
>>
>>> JCEHandler.encryptDESKey(SMAdapter.LENGTH_DES3_2KEY,newkey,kek);
>> Also, how are you forming these two Key objects?
>>
>> --
>> Mark
> This the code to encryt the generated key
> String hexmaster = "e4a3ca2b471d308295f9b11b6006ee6c"
> byte[] keydata = ISOUtil.hex2byte(hexmaster );
> SecretKey master = new SecretKeySpec(keydata,"DESede");
> newkey = jcehandler.generateDESKey(SMAdapter.LENGTH_DES3_2KEY);
> enkey =
> jcehandler.encryptDESKeySMAdapter.LENGTH_DES3_2KEY,newkey,master);
Are you including "up to 4 bytes of Key check value" or does the
message allow simple padding up to the required length?
>
> Also how do I know if postilion has Loaded my key(I expect that it stop
> sending key exchange message)
As chhil has indicated, postilion might be configured to request a key
for each device that connects to it, or indeed after a time period. So
you would need to keep answering all of it's request with the same key
or derive a mechanism for allocating a key per device or upstream?
I assume the 0800 includes a field to identify the device or the upstream?
--
Mark
ricmoore
step by step of message flow between a position as a client and a sink
node(server or Issuer) am getting confused please explain as if am a
beginner
Thanks
chhil
Can you not find out from the guys where the system is installed what is expected off you?
-chhil
ricmoore
to other systems which work fine. It is the same config that was used
to configure my sink node.
Chhil. What does key exchange entails? a step to step approach will be
appreciated. I have never done something like this before I know the
problem is because I don't grap the step. help pls
chhil
2. Have you looked at Andy's post on the WIKI, its very self explanatory (see section 1.4)
http://jpos.org/w/index.php/HSM_basics_continued.
A Postilion interface uses 800 messages to exchange keys. Both the systems share a KEK, now another key , a KWP is used for encrypting pinblock. in order for both entites to encrypt and decrypt successfully the KWP needs to be shared. Since the KEK is shared one encrypts the KWP with the KEK and sends it to the remote entity using an online message like 0800's. Now Postilion can encrypt a pinblock using the KWP shared in online messages. You get the pinblock and decrypt it with the KWP to get it in the clear and you get to do fun stuff like pin verification etc. ANother thing to be aware of is that the pinblock type used at Postilion's end needs to match the pinblock used at your end to successfully decrypt the pinblock and extract information from it.
-chhil
chhil
"They don't seems to know the problem. They have other interface (sink)
to other systems which work fine. It is the same config that was used
to configure my sink node."
Have you asked them to look at their traces and eventlogs as a ton of debugging info is available to them.
-chhil
Mark Salter
Note I still have no experience of postilion, but this is general
guidance with some reading between the lines in this thread!
At times during it's processing postilion may ask for a key that you
want it to use to encrypt pins under when it 'speaks' to you. It might
be once, it might be when it is configured to do so.
Each and every time it asks for a key exchange via an 0800 request you
must be ready to tell it the key you want it to use. This has to happen
within a correctly structured and formatted message, that postilion can
understand.
There is a documented structure for packaging the key you want it to use
in the 0810 response you make. It should define how to build the field
content and how the prepared data will be presented in the message
(binary,hexadecimal character etc). The data you need to respond with
involves using a predetermined and shared key to encrypt the new PIN key
and also a check value so postilion can check the key it unpackages is
the one you intended.
So using the code you have posted to illustrate ...
// I hope this is a test key!!!! If not get a new secret one 8)
String hexmaster = "e4a3ca2b471d308295f9b11b6006ee6c"
byte[] keydata = ISOUtil.hex2byte(hexmaster );
// I changed this , you really only need a Key - I think!
Key master = jcehandler.formDESKey(SMAdapter.LENGTH_DES3_2KEY,keydata);
// Generate a new PIN key. Remember to save this somewhere safe and
// persistent so that when a message arrives you can undo the
// postilion PIN block encryption!
newkey = jcehandler.generateDESKey(SMAdapter.LENGTH_DES3_2KEY);
enkey = jcehandler.encryptDESKey(SMAdapter.LENGTH_DES3_2KEY,newkey,master);
byte[] zeros = ISOUtil.hex2byte("00000000000000000000000000000000";
byte[] wholecheckvalue = jcehandler.encryptData(zeros,newkey);
byte[] checkvalue = ISOUtil.trim(wholecheckvalue,4)
The values enkey and checkvalue now need to be concatenated and placed
in the correct field (that has the correct structure). As you indicated
with :-
"In key change transactions, this field contains the encrypted key in
the first 8, 16, or 24 bytes, depending on the key length, followed by
up to 4 of the most significant bytes of the key check digits. The key
check digits are defined to be the value of 8 zero bytes encrypted
under the key.
This field should be right padded with *binary zeros* to 48 bytes."
As enkey is 16 bytes and checkvalue is 4 and we want 48 bytes, you will
need to pad with 28 bytes.
I guess all the data remains as binary (perhaps to support future key
length increases). I suggest binary because we couldn't fit a 24 byte
key *and* a check value in if it was character hexadecimal - twice as
big - (24*2+4*2=56), also the padding is in binary zeros.
Very rough from here...
// We need 28 bytes padding as 16+4+28 = 48!
byte[] padding28bytes =
ISOUtil.hex2byte("00000000000000000000000000000000000000000000000000000000";
byte[] f125 =
ISOUtil.concat(ISOUtil.concat(enkey,checkvalue),padding28bytes);
The next step is ensuring that your field 125 definition is correct, you
have not provided this detail yet! What field do these 48 bytes go
into, how are they transported?
--
Mark
ricmoore
postilion guys of one of their already working interface to another
sink node. Can u interprete?
=======================================================================================================
[Aug 25 00h00:00.655] - <0800> Message to SINK_NODE1
[172.29.12.144,1323] (online delivery)
0800:
[Fixed n 10 010] 007 [0824110000]
[Fixed n 6 006] 011 [000000]
[Fixed n 6 006] 012 [000000]
[Fixed n 4 004] 013 [0825]
[Fixed n 3 003] 070 [101]
binary data
0000(0000) 30 38 30 30 82 38 00 00 00 00 00 00 04 00 00 00
0800.8..........
0016(0010) 00 00 00 00 30 38 32 34 31 31 30 30 30 30 30 30
....082411000000
0032(0020) 30 30 30 30 30 30 30 30 30 30 30 38 32 35 31 30
0000000000082510
0048(0030) 31 1
--------------------------------------------------------------------------------
[Aug 25 00h00:01.046] - <0810> Message from SINK_NODE1
[172.29.12.144,1323]
0810:
[Fixed n 10 010] 007 [0825000540]
[Fixed n 6 006] 011 [000528]
[Fixed n 6 006] 012 [000528]
[Fixed an 2 002] 039 [00]
[Fixed n 3 003] 070 [301]
binary data
0000(0000) 30 38 31 30 82 30 00 00 02 00 00 00 04 00 00 00
0810.0..........
0016(0010) 00 00 00 00 30 38 32 35 30 30 30 35 34 30 30 30
....082500054000
0032(0020) 30 35 32 38 30 30 30 35 32 38 30 30 33 30 31
052800052800301
--------------------------------------------------------------------------------
[Aug 25 00h00:01.437] - <0800> Message from SINK_NODE1
[172.29.12.144,1323]
0800:
[Fixed n 10 010] 007 [0824235558]
[Fixed n 6 006] 011 [068849]
[Fixed n 3 003] 070 [101]
[Fixed b 8 008] 096 *[3030303030303030]
[LLLVAR ans ..999 036] 125 [5FD6F085FC0E4E7150DA64F010F7758591BB]
binary data
0000(0000) 30 38 30 30 82 20 00 00 00 00 00 00 04 00 00 01 0800.
..........
0016(0010) 00 00 00 08 30 38 32 34 32 33 35 35 35 38 30 36
....082423555806
0032(0020) 38 38 34 39 31 30 31 30 30 30 30 30 30 30 30 30
8849101000000000
0048(0030) 33 36 35 46 44 36 46 30 38 35 46 43 30 45 34 45
365FD6F085FC0E4E
0064(0040) 37 31 35 30 44 41 36 34 46 30 31 30 46 37 37 35
7150DA64F010F775
0080(0050) 38 35 39 31 42 42 8591BB
--------------------------------------------------------------------------------
[Aug 25 00h00:01.733] - <0810> Message to SINK_NODE1
[172.29.12.144,1323] (online delivery)
0810:
[Fixed n 10 010] 007 [0824235558]
[Fixed n 6 006] 011 [068849]
[Fixed an 2 002] 039 [00]
[Fixed n 3 003] 070 [101]
[LLLVAR ans ..999 038] 125 [CED037E12C77D3EC08EC4DC04E2C670F39F3A4]
binary data
0000(0000) 30 38 31 30 82 20 00 00 02 00 00 00 04 00 00 00 0810.
..........
0016(0010) 00 00 00 08 30 38 32 34 32 33 35 35 35 38 30 36
....082423555806
0032(0020) 38 38 34 39 30 30 31 30 31 30 33 38 43 45 44 30
884900101038CED0
0048(0030) 33 37 45 31 32 43 37 37 44 33 45 43 30 38 45 43
37E12C77D3EC08EC
0064(0040) 34 44 43 30 34 45 32 43 36 37 30 46 33 39 46 33
4DC04E2C670F39F3
0080(0050) 41 34 A4
--------------------------------------------------------------------------------
[Aug 25 00h00:01.733] - <0810> Message from SINK_NODE1
[172.29.12.144,1323]
0810:
[Fixed n 10 010] 007 [0824110000]
[Fixed n 6 006] 011 [000000]
[Fixed an 2 002] 039 [00]
[Fixed n 3 003] 070 [101]
[LLLVAR ans ..999 038] 125 [5FD6F085FC0E4E7150DA64F010F7758591BB00]
binary data
0000(0000) 30 38 31 30 82 20 00 00 02 00 00 00 04 00 00 00 0810.
..........
0016(0010) 00 00 00 08 30 38 32 34 31 31 30 30 30 30 30 30
....082411000000
0032(0020) 30 30 30 30 30 30 31 30 31 30 33 38 35 46 44 36
0000001010385FD6
0048(0030) 46 30 38 35 46 43 30 45 34 45 37 31 35 30 44 41
F085FC0E4E7150DA
0064(0040) 36 34 46 30 31 30 46 37 37 35 38 35 39 31 42 42
64F010F7758591BB
0080(0050) 30 30 00
--------------------------------------------------------------------------------
[Aug 25 00h00:35.780] - <0800> Message from SINK_NODE1
[172.29.12.144,1323]
0800:
[Fixed n 10 010] 007 [0824235632]
[Fixed n 6 006] 011 [068850]
[Fixed n 3 003] 070 [301]
binary data
0000(0000) 30 38 30 30 82 20 00 00 00 00 00 00 04 00 00 00 0800.
..........
0016(0010) 00 00 00 00 30 38 32 34 32 33 35 36 33 32 30 36
....082423563206
0032(0020) 38 38 35 30 33 30 31 8850301
--------------------------------------------------------------------------------
[Aug 25 00h00:35.780] - <0810> Message to SINK_NODE1
[172.29.12.144,1323] (online delivery)
0810:
[Fixed n 10 010] 007 [0824235632]
[Fixed n 6 006] 011 [068850]
[Fixed an 2 002] 039 [00]
[Fixed n 3 003] 070 [301]
binary data
0000(0000) 30 38 31 30 82 20 00 00 02 00 00 00 04 00 00 00 0810.
..........
0016(0010) 00 00 00 00 30 38 32 34 32 33 35 36 33 32 30 36
....082423563206
0032(0020) 38 38 35 30 30 30 33 30 31
885000301
--------------------------------------------------------------------------------
[Aug 25 00h01:36.062] - <0800> Message from SINK_NODE1
[172.29.12.144,1323]
0800:
[Fixed n 10 010] 007 [0824235732]
[Fixed n 6 006] 011 [068852]
[Fixed n 3 003] 070 [301]
binary data
0000(0000) 30 38 30 30 82 20 00 00 00 00 00 00 04 00 00 00 0800.
..........
0016(0010) 00 00 00 00 30 38 32 34 32 33 35 37 33 32 30 36
....082423573206
0032(0020) 38 38 35 32 33 30 31 8852301
--------------------------------------------------------------------------------
[Aug 25 00h01:36.062] - <0810> Message to SINK_NODE1
[172.29.12.144,1323] (online delivery)
0810:
[Fixed n 10 010] 007 [0824235732]
[Fixed n 6 006] 011 [068852]
[Fixed an 2 002] 039 [00]
[Fixed n 3 003] 070 [301]
binary data
0000(0000) 30 38 31 30 82 20 00 00 02 00 00 00 04 00 00 00 0810.
..........
0016(0010) 00 00 00 00 30 38 32 34 32 33 35 37 33 32 30 36
....082423573206
0032(0020) 38 38 35 32 30 30 33 30 31
885200301
--------------------------------------------------------------------------------
[Aug 25 00h02:36.421] - <0800> Message from SINK_NODE1
[172.29.12.144,1323]
0800:
[Fixed n 10 010] 007 [0824235832]
[Fixed n 6 006] 011 [068854]
[Fixed n 3 003] 070 [301]
binary data
0000(0000) 30 38 30 30 82 20 00 00 00 00 00 00 04 00 00 00 0800.
..........
0016(0010) 00 00 00 00 30 38 32 34 32 33 35 38 33 32 30 36
....082423583206
0032(0020) 38 38 35 34 33 30 31 8854301
--------------------------------------------------------------------------------
[Aug 25 00h02:36.437] - <0810> Message to SINK_NODE1
[172.29.12.144,1323] (online delivery)
0810:
[Fixed n 10 010] 007 [0824235832]
[Fixed n 6 006] 011 [068854]
[Fixed an 2 002] 039 [00]
[Fixed n 3 003] 070 [301]
binary data
0000(0000) 30 38 31 30 82 20 00 00 02 00 00 00 04 00 00 00 0810.
..........
0016(0010) 00 00 00 00 30 38 32 34 32 33 35 38 33 32 30 36
....082423583206
0032(0020) 38 38 35 34 30 30 33 30 31
885400301
====================================================================================================
Can u interprete?
Andy Orrock
(twice by Mark) to provide the packager definition you have in place for
Field 125. The information you've provided below isn't wholly interpretable
absent of you letting us know how you've got the fields defined within your
application.
For example, can you confirm your 125 definition looks like this (if ASCII):
<isofield
id="125"
length="999"
name="POSTILION KEY"
class="org.jpos.iso.IFA_LLLCHAR"/>
...or like this (if EBCDIC):
<isofield
id="125"
length="999"
name="POSTILION KEY"
class="org.jpos.iso.IFE_LLLCHAR"/>
I can see by your trace that field 125 contains character-based, 36-byte
content. That's going to be a 32-byte cryptogram, followed by a four-byte
check digit.
Andy Orrock
> -----Original Message-----
> From: jpos-...@googlegroups.com [mailto:jpos-...@googlegroups.com] On
> Behalf Of ricmoore
> Sent: Saturday, August 26, 2006 7:41 AM
> To: jPOS Users
> Subject: Re: Key Exchange with Postilion
>
>
Andy Orrock
Mark's answer is good. Here's some supplementary info from an engagement we
just completed with a big Debit/EBT gateway. Mark may know them. We'll
call them "F--" here. (Mark: this is the so-called 'North' platform
implementation, which I believe is a vestige from the Citibank 'CCAS'
acquisition).
Your key exchange is initiated by a 0800/0810 message network message
exchange. In our model (which is hardware-based), it works like this:
. F-- provides Acquirer with two or more double-length key parts, which -
when loaded together - comprise the Key Exchange Key ('KEK'; also known as
the Zone Master Key or 'ZMK')
. The ZMK key parts are entered into the Hardware Security Module, which
returns the ZMK cryptogram. This cryptogram is loaded into your database.
. According to F-- specification, the acquirer initiates a key exchange via
a 0800 Network request with ISO Field 70 set to 811 ('request new key').
F-- replies via a 0810 with a copy of the new Zone PIN Key ('ZPK') encrypted
under the ZMK in ISO Field 96.
[Obviously, your model uses Field 125 instead of 96.]
Then, behind the scenes, we're using a Thales HSM do performance the key
exchange actions. Mark has explained the software-based approach. If you
want to read about the hardware-based approach (here implemented via the
Thales 'FA' command), you can read two things I've written about it here:
Andy Orrock
> -----Original Message-----
> From: jpos-...@googlegroups.com [mailto:jpos-...@googlegroups.com] On
> Behalf Of Mark Salter
> Sent: Saturday, August 26, 2006 4:27 AM
> To: jpos-...@googlegroups.com
> Subject: Re: Key Exchange with Postilion
>
>
Mark Salter
> Thanks mark am using field 125. Below is a dump I got from the
> postilion guys of one of their already working interface to another
> sink node. Can u interprete?
blind ones) are possible.
It appears the field 125 in these messages (when present) do not conform
with the specification you posted (field 125 padded to 48 bytes)?
Please provide the definition of the field 125 you are using and while
you are at it, compare your field 125 with the field 125s in these examples.
These field 125 look like they could hold a double length encrypted key
(16 bytes / 32 hex digits) with 2 bytes (4 hex digits) of check value.
Without knowing the keys involved it is impossible to check this is
true, which of course why this approach to key exchange is used.
The trace you need from the postilion system are the messages and logs
around *your* SINK, and in particular what it see and thinks of your
0810 response. All you can do with these is compare them to yours to
see if the look similar (in terms of structures and lengths, not content).
It seems this postilion support team are being a little unhelpful, but
perhaps this is because your responses are badly structured rather
containing the wrong content.
Imagine if the postilion system cannot even pull your 0810 response
apart, it might be throwing it away as garbage rather than parsing it
successfully, logging it's existence and then logging an informative
message when it has trouble or success in extracting your keys.
Obviously the support team *could* monitor the network level, but this
is usually much harder compared to looking in the application log.
--
Mark
Mark Salter
> More details on your question "What does key exchange entail?"
>
> Mark's answer is good. Here's some supplementary info from an engagement we
> just completed with a big Debit/EBT gateway. Mark may know them. We'll
> call them "F--" here. (Mark: this is the so-called 'North' platform
> implementation, which I believe is a vestige from the Citibank 'CCAS'
> acquisition).
I think I might know who you mean 8).
> Then, behind the scenes, we're using a Thales HSM do performance the key
> exchange actions. Mark has explained the software-based approach. If you
> want to read about the hardware-based approach (here implemented via the
> Thales 'FA' command), you can read two things I've written about it here:
I assume an HSM is involved in ricmoore's production system. I think
little else would be acceptable to the local PCI audit team.
--
Mark
Mark Salter
> // I changed this , you really only need a Key - I think!
> Key master = jcehandler.formDESKey(SMAdapter.LENGTH_DES3_2KEY,keydata);
If the keydata is not clear you may well need your original line, I
think I may have misinterpreted what you were attempting.
The original line was :-
SecretKey master = new SecretKeySpec(keydata,"DESede");
Does this original line decode the encrypted keydata to get a clear key?
If so, ignore my suggested line!
--
Mark
chhil
These are Postilion traces...and from the perspective of the the system, so I assume you are talking to sink_1.
Heres the flow... assuming message to sink_1 is what Postilion Sink interface is sending you.
[Aug 25 00h00: 00.655] - <0800> Message to SINK_NODE1
[Aug 25 00h00:01.046] - <0810> Message from SINK_NODE1
[Aug 25 00h00:01.733] - <0810> Message to SINK_NODE1
The remainder are all echo messags based on content of field 70.
Now I still don't know what is the sink you are talking to, please don't say Postilion, Postilion has a huge number of sink interfaces and each has a different behavior.
Please find out what the sink is if you need additional help (Sink_1 is not the name of the interface its just a name defined for the actual interface..
Please look at the spec or talk to the guys you are interfacing to, to determine what needs to be done for key exchanges, I feel a 800 with a 101 in it is a request for a key exchange and the other end responds with a key (I speculate).
If the guys that are running the Postilion system are not sure what the problem is then they there is only this much we can do here on the jpos list. Not knowing what is happening is unacceptable answer from my perspective.
-chhil
ricmoore
ricmoore
jcehandler.formDESKey is protected
Andy Orrock
cryptogram), then re-encrypting the value under your local key and using the
last four positions (the check digit) to validate the result of that
operation, right?
[You said you weren't sure about what a key exchange does. That's the
essence of it.]
> -----Original Message-----
> From: jpos-...@googlegroups.com [mailto:jpos-...@googlegroups.com] On
> Behalf Of ricmoore
> Sent: Monday, August 28, 2006 12:01 AM
> To: jPOS Users
> Subject: Re: Key Exchange with Postilion
>
>
ricmoore
Key master = jcehandler.formDESKey(SMAdapter.LENGTH_DES3_2KEY,keydata);
it is protected, any other method for me to use to load the KEK(ZMK)
from the store
Thanks
Alejandro Revilla
unencrypted keys outside the security module code, but, you are free to
change it to public for your particular purpose.
Andy Orrock
Is your plan to ultimately use a hardware device to perform these tasks?
Unless you've got a closed-loop system, you appear to be headed down a path
where you'd not pass a PCI/CISP audit (just a note of caution).
Andy Orrock
> -----Original Message-----
> From: jpos-...@googlegroups.com [mailto:jpos-...@googlegroups.com] On
> Behalf Of Alejandro Revilla
> Sent: Monday, August 28, 2006 1:10 PM
> To: jpos-...@googlegroups.com
> Subject: Re: Key Exchange with Postilion
>
>
Mark Salter
> i cannot use
> Key master = jcehandler.formDESKey(SMAdapter.LENGTH_DES3_2KEY,keydata);
line converted a encrypted master key into a clear for later use, my
suggestion assumed your master key was already a clear key and hence my
comment about getting a new key if it wasn't test data.
>
> it is protected, any other method for me to use to load the KEK(ZMK)
> from the store
you just need to get your field 125 contents correct and the message
correctly structured, so that postilion can process you response.
--
Mark
ricmoore
the postilion guys and get a log from postilion because I think what am
sending now is Ok.
But Mark this code return NullPointerException
private String respondKey()
{
Key newkey = null;
byte[] enkey = null;
try{
String hexmaster = "e4a3ca2b471d308295f9b11b6006ee6c";
byte[] keydata = ISOUtil.hex2byte(hexmaster);
SecretKey master = new SecretKeySpec(keydata,"DESede");
// I changed this , you really only need a Key - I think!
//Key master =
jcehandler.generateDESKey(SMAdapter.LENGTH_DES3_2KEY);
// Generate a new PIN key. Remember to save this somewhere
safe and
// persistent so that when a message arrives you can undo
the
// postilion PIN block encryption!
System.out.println("new
key:"+ISOUtil.hexString(master.getEncoded()));
newkey =
jcehandler.generateDESKey(SMAdapter.LENGTH_DES3_2KEY);
enkey =
jcehandler.encryptDESKey(SMAdapter.LENGTH_DES3_2KEY,newkey, master);
System.out.println("Encryted
key:"+ISOUtil.hexString(enkey));
}catch(Exception _e){
_e.printStackTrace();
}
return ISOUtil.hexString(enkey);
}
It generated error at encryptDESKey but if I use generateDESKey to
generate a test master key. It works see the line commented
Mark Salter
ricmoore wrote:
> It generated error at encryptDESKey but if I use generateDESKey to
> generate a test master key. It works see the line commented
Can we see the stack trace please?
--
Mark
ricmoore
org.jpos.security.jceadapter.JCEHandlerException:
java.security.InvalidKeyException: Invalid key length: 16 bytes
(java.security.InvalidKeyException: Invalid key length: 16 bytes)
at
org.jpos.security.jceadapter.JCEHandler.doCryptStuff(JCEHandler.java:289)
at
org.jpos.security.jceadapter.JCEHandler.encryptDESKey(JCEHandler.java:155)
you know this is the line
SecretKey master = new SecretKeySpec(keydata,"DESede");
also look at the KEK am using
ricmoore
Mark Salter
> this is the stack trace:
And not, it appears, the full stack trace either?
> org.jpos.security.jceadapter.JCEHandlerException:
> java.security.InvalidKeyException: Invalid key length: 16 bytes
> (java.security.InvalidKeyException: Invalid key length: 16 bytes)
> at
> org.jpos.security.jceadapter.JCEHandler.doCryptStuff(JCEHandler.java:289)
> at
> org.jpos.security.jceadapter.JCEHandler.encryptDESKey(JCEHandler.java:155)
>
>
> you know this is the line
> SecretKey master = new SecretKeySpec(keydata,"DESede");
I don't think this line is the problem. I think a later one is causing
the above Exception when the SecretKey is used to encrypt something.
The key length is invalid for the crypto call being invoked.
Show use the full stack trace, don't trim or intepret, just copy it out
and post it here.
If you can debug your code and step through it, you might be able to see
the value that are causing the problem.
--
Mark
Ibrahim Abiodun
Sorry for digging this thread out of its grave, how did you resolve this issue, I'm currently having the same issue with the Key length and I don't know how to resolve it.
Your help will be greatly appreciated.
Regards.
Victor Salaman
--
--
jPOS is licensed under AGPL - free for community usage for your open-source project. Licenses are also available for commercial usage. Please support jPOS, contact: sa...@jpos.org
Join us in IRC at http://webchat.freenode.net/?channels=jpos
You received this message because you are subscribed to the "jPOS Users" group.
Please see http://jpos.org/wiki/JPOS_Mailing_List_Readme_first
To post to this group, send email to jpos-...@googlegroups.com
To unsubscribe, send email to jpos-users+...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/jpos-users
---
You received this message because you are subscribed to the Google Groups "jPOS Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jpos-users+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jpos-users/828c6ae6-201b-4a13-ae3b-ef5b8c082d95%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.