Key Check Value is not available in Thales HSM A0-A1 Response
Aswin Sundar
Good Afternoon
1. Generate TMK Key.
I attached the log for you to look over.
Disclaimer: This email may contain confidential, proprietary and/or privileged information belonging to Skilworth Technologies Private Limited. If you are not the intended recipient or authorized to receive it, you are strictly prohibited from using, copying, forwarding, disclosing, or taking any action based on this email or its contents. If you have received this email in error, please notify the sender immediately by replying to this email and delete it from your system. Recipient by anyone other than the intended recipient shall not be deemed a waiver of any privilege or protection. We do not represent or warrant in any way that this communication is free of malicious software or potentially damaging defects. You agree not to misuse any personally identifiable information contained in this email and shall comply with all applicable laws while handling such personally identifiable information. We expressly disclaim all liability for any actual or alleged loss, damage, or injury arising out of or resulting in any way from the receipt. Further, the Company has initiated actions for improving the environment and proactively undertakes business in accordance with industry standard Environment, Social, and Governance practices.
chhil
> Also, we need to know, why the key-check value is unavailable for Generate BDK and IPEK keys scenarios.
key-scheme: '3'
Maybe check your schema file used for parsing and make sure that the key encrypted under LMK (First S) followed by BDK keyblock (Second S) and last 6 maybe the check value.
What you have as key scheme is not defined in the thales A1 keyblock request response command.
--
--
jPOS is licensed under AGPL - free for community usage for your open-source project. Licenses are also available for commercial usage. Please support jPOS, contact: sa...@jpos.org
---
You received this message because you are subscribed to the Google Groups "jPOS Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jpos-users+...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/jpos-users/e47d7056-74fc-4d71-b3f0-1c32037bf7c6n%40googlegroups.com.
Aswin Sundar
Good Evening
Below code we used for parsing the A0-A1 Commands data.
<schema id='A0'>
<field id="mode" type="X" length="1" />
<field id="key-type" type="K" length="3">FFF</field>
<field id="key-scheme" type="K" length="1">S</field>
<field id="key-mode" type="X" length="1" />
<field id="deliminator-1" type="X" length="1" />
<field id="derive-key-type" type="X" length="1" />
<field id="tmk" type="X" length="97" />
<field id="ksn" type="X" length="15" />
<field id="export-key-scheme" type="X" length="1" />
<field id="delimiter" type="X" length="1">#</field>
<field id="device-id" type="A" length="10" />
</schema>
<schema id='A1'>
<field id="key-under-lmk" type="A" length="97" />
<field id="key-scheme" type="X" length="1" optional="true" />
<field id="tmk" type="X" length="32" optional="true" />
<field id="key-check" type="X" length="6" />
</schema>
Best Regards,
Aswin Sundar
Senior Software Developer
Skilworth Technologies Private Limited
New No 51, 9th Floor, “Chaitanya Exotica”, Venkatnarayana Road, T. Nagar Chennai – 600 017
To view this discussion visit https://groups.google.com/d/msgid/jpos-users/CAPazefBF5%2BCXXUWCFLe014KZCp97n74-iVQg8SzWgMcQ_2Brcw%40mail.gmail.com.
chhil
https://github.com/jpos/jPOS/blob/main/jpos/src/main/java/org/jpos/util/FSDMsg.java#L257C1-L290C1
To view this discussion visit https://groups.google.com/d/msgid/jpos-users/CAPTSi3EoxYLrZy_6DRDMHGsPXFcfd%3Dc8CFFKQCg67%2B%2Bio-znfg%40mail.gmail.com.