org.jpos.security.BaseSMAdapter
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||
java.lang.Object
public class BaseSMAdapter
Provides base functionality for the actual Security Module Adapter.
You adapter needs to override the methods that end with "Impl"
| Field Summary | |
|---|---|
protected Configuration |
cfg
|
protected Logger |
logger
|
protected String |
realm
|
| Fields inherited from interface org.jpos.security.SMAdapter |
|---|
FORMAT00, FORMAT01, FORMAT02, FORMAT03, FORMAT04, FORMAT05, FORMAT34, FORMAT35, FORMAT41, FORMAT42, LENGTH_DES, LENGTH_DES3_2KEY, LENGTH_DES3_3KEY, TYPE_BDK, TYPE_CVK, TYPE_MK_AC, TYPE_MK_CVC3, TYPE_MK_SMC, TYPE_MK_SMI, TYPE_PVK, TYPE_TAK, TYPE_TMK, TYPE_TPK, TYPE_ZAK, TYPE_ZMK, TYPE_ZPK |
| Constructor Summary | |
|---|---|
BaseSMAdapter()
|
|
BaseSMAdapter(Configuration cfg,
Logger logger,
String realm)
|
|
| Method Summary | |
|---|---|
String |
calculateCVV(String accountNo,
SecureDESKey cvkA,
SecureDESKey cvkB,
Date expDate,
String serviceCode)
Calaculate a Card Verification Code/Value NOTE: cvkA and cvkB should be single
length keys but at least one of them may be double length key |
protected String |
calculateCVVImpl(String accountNo,
SecureDESKey cvkA,
SecureDESKey cvkB,
Date expDate,
String serviceCode)
Your SMAdapter should override this method if it has this functionality |
String |
calculateIBMPINOffset(EncryptedPIN pinUnderKd1,
SecureDESKey kd1,
SecureDESKey pvk,
String decTab,
String pinValData,
int minPinLen)
Calculate an PIN Offset using the IBM 3624 method of customer selected PIN Using that method is not recomendated. |
String |
calculateIBMPINOffset(EncryptedPIN pinUnderKd1,
SecureDESKey kd1,
SecureDESKey pvk,
String decTab,
String pinValData,
int minPinLen,
List<String> excludes)
Calculate an PIN Offset using the IBM 3624 method of customer selected PIN Using that method is not recomendated. |
String |
calculateIBMPINOffset(EncryptedPIN pinUnderLmk,
SecureDESKey pvk,
String decTab,
String pinValData,
int minPinLen)
Calculate an PIN Offset using the IBM 3624 method Using that method is not recomendated. |
String |
calculateIBMPINOffset(EncryptedPIN pinUnderLmk,
SecureDESKey pvk,
String decTab,
String pinValData,
int minPinLen,
List<String> excludes)
Calculate an PIN Offset using the IBM 3624 method Using that method is not recomendated. |
protected String |
calculateIBMPINOffsetImpl(EncryptedPIN pinUnderKd1,
SecureDESKey kd1,
SecureDESKey pvk,
String decTab,
String pinValData,
int minPinLen,
List<String> excludes)
Your SMAdapter should override this method if it has this functionality |
protected String |
calculateIBMPINOffsetImpl(EncryptedPIN pinUnderLmk,
SecureDESKey pvk,
String decTab,
String pinValData,
int minPinLen,
List<String> excludes)
Your SMAdapter should override this method if it has this functionality |
String |
calculatePVV(EncryptedPIN pinUnderLMK,
SecureDESKey pvkA,
SecureDESKey pvkB,
int pvkIdx)
Calculate PVV (VISA PIN Verification Value of PIN under LMK) with exclude list NOTE: pvkA and pvkB should be single length keys
but at least one of them may be double length key |
String |
calculatePVV(EncryptedPIN pinUnderLMK,
SecureDESKey pvkA,
SecureDESKey pvkB,
int pvkIdx,
List<String> excludes)
Calculate PVV (VISA PIN Verification Value of PIN under LMK) NOTE: pvkA and pvkB should be single length keys
but at least one of them may be double length key |
String |
calculatePVV(EncryptedPIN pinUnderKd1,
SecureDESKey kd1,
SecureDESKey pvkA,
SecureDESKey pvkB,
int pvkIdx)
Calculate PVV (VISA PIN Verification Value of customer selected PIN) NOTE: pvkA and pvkB should be single length keys
but at least one of them may be double length key |
String |
calculatePVV(EncryptedPIN pinUnderKd1,
SecureDESKey kd1,
SecureDESKey pvkA,
SecureDESKey pvkB,
int pvkIdx,
List<String> excludes)
Calculate PVV (VISA PIN Verification Value of customer selected PIN) NOTE: pvkA and pvkB should be single length keys
but at least one of them may be double length key |
protected String |
calculatePVVImpl(EncryptedPIN pinUnderLMK,
SecureDESKey pvkA,
SecureDESKey pvkB,
int pvkIdx,
List<String> excludes)
Your SMAdapter should override this method if it has this functionality |
protected String |
calculatePVVImpl(EncryptedPIN pinUnderKd1,
SecureDESKey kd1,
SecureDESKey pvkA,
SecureDESKey pvkB,
int pvkIdx,
List<String> excludes)
Your SMAdapter should override this method if it has this functionality |
String |
decryptPIN(EncryptedPIN pinUnderLmk)
Decrypts an Encrypted PIN (under LMK). |
protected String |
decryptPINImpl(EncryptedPIN pinUnderLmk)
Your SMAdapter should override this method if it has this functionality |
EncryptedPIN |
deriveIBMPIN(String accountNo,
SecureDESKey pvk,
String decTab,
String pinValData,
int minPinLen,
String offset)
Derive a PIN Using the IBM 3624 method That method derive pin from pin offset (not exacly that same but working). |
protected EncryptedPIN |
deriveIBMPINImpl(String accountNo,
SecureDESKey pvk,
String decTab,
String pinValData,
int minPinLen,
String offset)
Your SMAdapter should override this method if it has this functionality |
EncryptedPIN |
encryptPIN(String pin,
String accountNumber)
Encrypts a clear pin under LMK. |
EncryptedPIN |
encryptPIN(String pin,
String accountNumber,
boolean extract)
Encrypts a clear pin under LMK. |
protected EncryptedPIN |
encryptPINImpl(String pin,
String accountNumber)
Your SMAdapter should override this method if it has this functionality |
void |
eraseOldLMK()
Erase the key change storage area of memory It is recommended that this command is used after keys stored by the Host have been translated from old to new LMKs. |
protected void |
eraseOldLMKImpl()
Erase the key change storage area of memory It is recommended that this command is used after keys stored by the Host have been translated from old to new LMKs. |
byte[] |
exportKey(SecureDESKey key,
SecureDESKey kek)
Exports secure key to encryption under a KEK (Key-Encrypting Key). |
protected byte[] |
exportKeyImpl(SecureDESKey key,
SecureDESKey kek)
Your SMAdapter should override this method if it has this functionality |
EncryptedPIN |
exportPIN(EncryptedPIN pinUnderLmk,
SecureDESKey kd2,
byte destinationPINBlockFormat)
Exports a PIN from encryption under LMK to encryption under a KD (Data Key). |
protected EncryptedPIN |
exportPINImpl(EncryptedPIN pinUnderLmk,
SecureDESKey kd2,
byte destinationPINBlockFormat)
Your SMAdapter should override this method if it has this functionality |
byte[] |
generateARPC(MKDMethod mkdm,
SKDMethod skdm,
SecureDESKey imkac,
String accoutNo,
String acctSeqNo,
byte[] arqc,
byte[] atc,
byte[] upn,
ARPCMethod arpcMethod,
byte[] arc,
byte[] propAuthData)
Genarate Authorisation Response Cryptogram (ARPC) |
protected byte[] |
generateARPCImpl(MKDMethod mkdm,
SKDMethod skdm,
SecureDESKey imkac,
String accountNo,
String acctSeqNo,
byte[] arqc,
byte[] atc,
byte[] upn,
ARPCMethod arpcMethod,
byte[] arc,
byte[] propAuthData)
Your SMAdapter should override this method if it has this functionality |
byte[] |
generateCBC_MAC(byte[] data,
SecureDESKey kd)
Generates CBC-MAC (Cipher Block Chaining Message Authentication Code) for some data. |
protected byte[] |
generateCBC_MACImpl(byte[] data,
SecureDESKey kd)
Your SMAdapter should override this method if it has this functionality |
byte[] |
generateEDE_MAC(byte[] data,
SecureDESKey kd)
Generates EDE-MAC (Encrypt Decrypt Encrypt Message Message Authentication Code) for some data. |
protected byte[] |
generateEDE_MACImpl(byte[] data,
SecureDESKey kd)
Your SMAdapter should override this method if it has this functionality |
SecureDESKey |
generateKey(short keyLength,
String keyType)
Generates a random DES Key. |
byte[] |
generateKeyCheckValue(SecureDESKey kd)
Generates key check value. |
protected byte[] |
generateKeyCheckValueImpl(SecureDESKey kd)
Your SMAdapter should override this method if it has this functionality |
protected SecureDESKey |
generateKeyImpl(short keyLength,
String keyType)
Your SMAdapter should override this method if it has this functionality |
EncryptedPIN |
generatePIN(String accountNumber,
int pinLen)
Generate random pin under LMK |
EncryptedPIN |
generatePIN(String accountNumber,
int pinLen,
List<String> excludes)
Generate random pin under LMK with exclude list |
protected EncryptedPIN |
generatePINImpl(String accountNumber,
int pinLen,
List<String> excludes)
Your SMAdapter should override this method if it has this functionality |
byte[] |
generateSM_MAC(MKDMethod mkdm,
SKDMethod skdm,
SecureDESKey imksmi,
String accountNo,
String acctSeqNo,
byte[] atc,
byte[] arqc,
byte[] data)
Generate Secure Message MAC over suppiled message data This method is used by issuer to generate MAC over message data send from the issuer back to the card |
protected byte[] |
generateSM_MACImpl(MKDMethod mkdm,
SKDMethod skdm,
SecureDESKey imksmi,
String accountNo,
String acctSeqNo,
byte[] atc,
byte[] arqc,
byte[] data)
Your SMAdapter should override this method if it has this functionality |
Logger |
getLogger()
|
String |
getName()
|
String |
getRealm()
|
static SMAdapter |
getSMAdapter(String name)
|
SecureDESKey |
importKey(short keyLength,
String keyType,
byte[] encryptedKey,
SecureDESKey kek,
boolean checkParity)
Imports a key from encryption under a KEK (Key-Encrypting Key) to protection under the security module. |
protected SecureDESKey |
importKeyImpl(short keyLength,
String keyType,
byte[] encryptedKey,
SecureDESKey kek,
boolean checkParity)
Your SMAdapter should override this method if it has this functionality |
EncryptedPIN |
importPIN(EncryptedPIN pinUnderDuk,
KeySerialNumber ksn,
SecureDESKey bdk)
Imports a PIN from encryption under a transaction key to encryption under LMK. |
EncryptedPIN |
importPIN(EncryptedPIN pinUnderKd1,
SecureDESKey kd1)
Imports a PIN from encryption under KD (Data Key) to encryption under LMK. |
protected EncryptedPIN |
importPINImpl(EncryptedPIN pinUnderDuk,
KeySerialNumber ksn,
SecureDESKey bdk)
Your SMAdapter should override this method if it has this functionality |
protected EncryptedPIN |
importPINImpl(EncryptedPIN pinUnderKd1,
SecureDESKey kd1)
Your SMAdapter should override this method if it has this functionality |
void |
setConfiguration(Configuration cfg)
|
void |
setLogger(Logger logger,
String realm)
|
void |
setName(String name)
associates this SMAdapter with a name using NameRegistrar |
SecureDESKey |
translateKeyFromOldLMK(SecureDESKey kd)
Translate key from encryption under the LMK held in “key change storage” to encryption under a new LMK. |
protected SecureDESKey |
translateKeyFromOldLMKImpl(SecureDESKey kd)
Translate key from encryption under the LMK held in “key change storage” to encryption under a new LMK. |
EncryptedPIN |
translatePIN(EncryptedPIN pinUnderDuk,
KeySerialNumber ksn,
SecureDESKey bdk,
SecureDESKey kd2,
byte destinationPINBlockFormat)
Translates a PIN from encryption under a transaction key to encryption under a KD (Data Key). |
EncryptedPIN |
translatePIN(EncryptedPIN pinUnderKd1,
SecureDESKey kd1,
SecureDESKey kd2,
byte destinationPINBlockFormat)
Translates a PIN from encrytion under KD1 to encryption under KD2. |
org.javatuples.Pair<EncryptedPIN,byte[]> |
translatePINGenerateSM_MAC(MKDMethod mkdm,
SKDMethod skdm,
SecureDESKey imksmi,
String accountNo,
String acctSeqNo,
byte[] atc,
byte[] arqc,
byte[] data,
EncryptedPIN currentPIN,
EncryptedPIN newPIN,
SecureDESKey kd1,
SecureDESKey imksmc,
SecureDESKey imkac,
byte destinationPINBlockFormat)
Translate PIN and generate MAC over suppiled message data This method is used by issuer to: translate standard ATM PIN block format encrypted under zone or terminal key kd1 to an application specific PIN block
format, encrypted under a confidentiality session key, derived from
imksmc
generate MAC over suppiled message data and translated
PIN block |
protected org.javatuples.Pair<EncryptedPIN,byte[]> |
translatePINGenerateSM_MACImpl(MKDMethod mkdm,
SKDMethod skdm,
SecureDESKey imksmi,
String accountNo,
String acctSeqNo,
byte[] atc,
byte[] arqc,
byte[] data,
EncryptedPIN currentPIN,
EncryptedPIN newPIN,
SecureDESKey kd1,
SecureDESKey imksmc,
SecureDESKey imkac,
byte destinationPINBlockFormat)
Your SMAdapter should override this method if it has this functionality |
protected EncryptedPIN |
translatePINImpl(EncryptedPIN pinUnderDuk,
KeySerialNumber ksn,
SecureDESKey bdk,
SecureDESKey kd2,
byte destinationPINBlockFormat)
Your SMAdapter should override this method if it has this functionality |
protected EncryptedPIN |
translatePINImpl(EncryptedPIN pinUnderKd1,
SecureDESKey kd1,
SecureDESKey kd2,
byte destinationPINBlockFormat)
Your SMAdapter should override this method if it has this functionality |
boolean |
verifyARQC(MKDMethod mkdm,
SKDMethod skdm,
SecureDESKey imkac,
String accoutNo,
String acctSeqNo,
byte[] arqc,
byte[] atc,
byte[] upn,
byte[] transData)
Verify Application Cryptogram (ARQC or TC/AAC) Authorization Request Cryptogram (ARQC) - Online authorization Transaction certificate (TC) - Offline approval Application Authentication Cryptogram (AAC) - Offline decline |
byte[] |
verifyARQCGenerateARPC(MKDMethod mkdm,
SKDMethod skdm,
SecureDESKey imkac,
String accoutNo,
String acctSeqNo,
byte[] arqc,
byte[] atc,
byte[] upn,
byte[] transData,
ARPCMethod arpcMethod,
byte[] arc,
byte[] propAuthData)
Verify Application Cryptogram (ARQC or TC/AAC) and Genarate Authorisation Response Cryptogram (ARPC) Authorization Request Cryptogram (ARQC) - Online authorization Transaction certificate (TC) - Offline approval Application Authentication Cryptogram (AAC) - Offline decline |
protected byte[] |
verifyARQCGenerateARPCImpl(MKDMethod mkdm,
SKDMethod skdm,
SecureDESKey imkac,
String accountNo,
String acctSeqNo,
byte[] arqc,
byte[] atc,
byte[] upn,
byte[] transData,
ARPCMethod arpcMethod,
byte[] arc,
byte[] propAuthData)
Your SMAdapter should override this method if it has this functionality |
protected boolean |
verifyARQCImpl(MKDMethod mkdm,
SKDMethod skdm,
SecureDESKey imkac,
String accountNo,
String acctSeqNo,
byte[] arqc,
byte[] atc,
byte[] upn,
byte[] transData)
Your SMAdapter should override this method if it has this functionality |
boolean |
verifyCVC3(SecureDESKey imkcvc3,
String accountNo,
String acctSeqNo,
byte[] atc,
byte[] upn,
byte[] data,
MKDMethod mkdm,
String cvc3)
Verify a Dynamic Card Verification Code 3 (CVC3) |
protected boolean |
verifyCVC3Impl(SecureDESKey imkcvc3,
String accountNo,
String acctSeqNo,
byte[] atc,
byte[] upn,
byte[] data,
MKDMethod mkdm,
String cvc3)
Your SMAdapter should override this method if it has this functionality |
boolean |
verifyCVV(String accountNo,
SecureDESKey cvkA,
SecureDESKey cvkB,
String cvv,
Date expDate,
String serviceCode)
Verify a Card Verification Code/Value NOTE: cvkA and cvkB should be single
length keys but at least one of them may be double length key |
protected boolean |
verifyCVVImpl(String accountNo,
SecureDESKey cvkA,
SecureDESKey cvkB,
String cvv,
Date expDate,
String serviceCode)
Your SMAdapter should override this method if it has this functionality |
boolean |
verifydCVV(String accountNo,
SecureDESKey imkac,
String dcvv,
Date expDate,
String serviceCode,
byte[] atc,
MKDMethod mkdm)
Verify a Dynamic Card Verification Value (CVV) The EMV "Track 2 Equivalent Data", provided in the authorisation message and originating from the contactless smart card, is the source for the following data elements used in this function: accountNo
expDate
serviceCode
atc
dCVV |
protected boolean |
verifydCVVImpl(String accountNo,
SecureDESKey imkac,
String dcvv,
Date expDate,
String serviceCode,
byte[] atc,
MKDMethod mkdm)
Your SMAdapter should override this method if it has this functionality |
boolean |
verifyIBMPINOffset(EncryptedPIN pinUnderKd1,
SecureDESKey kd1,
SecureDESKey pvk,
String offset,
String decTab,
String pinValData,
int minPinLen)
Verify an PIN Offset using the IBM 3624 method |
protected boolean |
verifyIBMPINOffsetImpl(EncryptedPIN pinUnderKd,
SecureDESKey kd,
SecureDESKey pvk,
String offset,
String decTab,
String pinValData,
int minPinLen)
Your SMAdapter should override this method if it has this functionality |
boolean |
verifyPVV(EncryptedPIN pinUnderKd1,
SecureDESKey kd1,
SecureDESKey pvkA,
SecureDESKey pvkB,
int pvki,
String pvv)
Verify PVV (VISA PIN Verification Value of an LMK encrypted PIN) NOTE: pvkA and pvkB should be single
length keys but at least one of them may be double length key |
protected boolean |
verifyPVVImpl(EncryptedPIN pinUnderKd,
SecureDESKey kd,
SecureDESKey pvkA,
SecureDESKey pvkB,
int pvki,
String pvv)
Your SMAdapter should override this method if it has this functionality |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
|---|
protected Logger logger
protected String realm
protected Configuration cfg
| Constructor Detail |
|---|
public BaseSMAdapter()
public BaseSMAdapter(Configuration cfg,
Logger logger,
String realm)
throws ConfigurationException
ConfigurationException| Method Detail |
|---|
public void setConfiguration(Configuration cfg)
throws ConfigurationException
setConfiguration in interface Configurablecfg - Configuration object
ConfigurationException
public void setLogger(Logger logger,
String realm)
setLogger in interface LogSourcepublic Logger getLogger()
getLogger in interface LogSourcepublic String getRealm()
getRealm in interface LogSourcepublic void setName(String name)
name - name to registerNameRegistrarpublic String getName()
public static SMAdapter getSMAdapter(String name)
throws NameRegistrar.NotFoundException
name -
NameRegistrar.NotFoundExceptionNameRegistrar
public SecureDESKey generateKey(short keyLength,
String keyType)
throws SMException
SMAdapter
generateKey in interface SMAdapterkeyLength - bit length of the key to be generated (LENGTH_DES, LENGTH_DES3_2KEY...)keyType - type of the key to be generated (TYPE_ZMK, TYPE_TMK...etc)
SMException
public byte[] generateKeyCheckValue(SecureDESKey kd)
throws SMException
SMAdapter
generateKeyCheckValue in interface SMAdapterkd - SecureDESKey with untrusted or fake Key Check Value
SMException
public SecureDESKey importKey(short keyLength,
String keyType,
byte[] encryptedKey,
SecureDESKey kek,
boolean checkParity)
throws SMException
SMAdapter
importKey in interface SMAdapterkeyLength - bit length of the key to be imported (LENGTH_DES, LENGTH_DES3_2KEY...etc)keyType - type of the key to be imported (TYPE_ZMK, TYPE_TMK...etc)encryptedKey - key to be imported encrypted under KEKkek - the key-encrypting keycheckParity - if true, the key is not imported unless it has adjusted parity
SMException - if the parity of the imported key is not adjusted AND checkParity = true
public byte[] exportKey(SecureDESKey key,
SecureDESKey kek)
throws SMException
SMAdapter
exportKey in interface SMAdapterkey - the secure key to be exportedkek - the key-encrypting key
SMException
public EncryptedPIN encryptPIN(String pin,
String accountNumber,
boolean extract)
throws SMException
SMAdapter
encryptPIN in interface SMAdapterpin - clear pin as entered by card holderaccountNumber - if extract is false then account number, including BIN and the check digit
or if parameter extract is true then 12 right-most digits of the account number, excluding the check digitextract - true to extract 12 right-most digits off the account number
SMException
public EncryptedPIN encryptPIN(String pin,
String accountNumber)
throws SMException
SMAdapter
encryptPIN in interface SMAdapterpin - clear pin as entered by card holderaccountNumber - account number, including BIN and the check digit
SMException
public String decryptPIN(EncryptedPIN pinUnderLmk)
throws SMException
SMAdapter
decryptPIN in interface SMAdapterSMException
public EncryptedPIN importPIN(EncryptedPIN pinUnderKd1,
SecureDESKey kd1)
throws SMException
SMAdapter
importPIN in interface SMAdapterpinUnderKd1 - the encrypted PINkd1 - Data Key under which the pin is encrypted
SMException
public EncryptedPIN translatePIN(EncryptedPIN pinUnderKd1,
SecureDESKey kd1,
SecureDESKey kd2,
byte destinationPINBlockFormat)
throws SMException
SMAdapter
translatePIN in interface SMAdapterpinUnderKd1 - pin encrypted under KD1kd1 - Data Key (also called session key) under which the pin is encryptedkd2 - the destination Data Key 2 under which the pin will be encrypteddestinationPINBlockFormat - the PIN Block Format of the exported encrypted PIN
SMException
public EncryptedPIN importPIN(EncryptedPIN pinUnderDuk,
KeySerialNumber ksn,
SecureDESKey bdk)
throws SMException
SMAdapter
importPIN in interface SMAdapterpinUnderDuk - pin encrypted under a transaction keyksn - Key Serial Number (also called Key Name, in ANSI X9.24) needed to derive the transaction keybdk - Base Derivation Key, used to derive the transaction key underwhich the pin is encrypted
SMException
public EncryptedPIN translatePIN(EncryptedPIN pinUnderDuk,
KeySerialNumber ksn,
SecureDESKey bdk,
SecureDESKey kd2,
byte destinationPINBlockFormat)
throws SMException
SMAdapter
translatePIN in interface SMAdapterpinUnderDuk - pin encrypted under a DUKPT transaction keyksn - Key Serial Number (also called Key Name, in ANSI X9.24) needed to derive the transaction keybdk - Base Derivation Key, used to derive the transaction key underwhich the pin is encryptedkd2 - the destination Data Key (also called session key) under which the pin will be encrypteddestinationPINBlockFormat - the PIN Block Format of the translated encrypted PIN
SMException
public EncryptedPIN exportPIN(EncryptedPIN pinUnderLmk,
SecureDESKey kd2,
byte destinationPINBlockFormat)
throws SMException
SMAdapter
exportPIN in interface SMAdapterpinUnderLmk - pin encrypted under LMKkd2 - the destination data key (also called session key) under which the pin will be encrypteddestinationPINBlockFormat - the PIN Block Format of the exported encrypted PIN
SMException
public EncryptedPIN generatePIN(String accountNumber,
int pinLen)
throws SMException
SMAdapter
generatePIN in interface SMAdapteraccountNumber - The 12 right-most digits of the account number excluding the check digitpinLen - length of the pin, usually in range 4-12.
Value 0 means that default length is assumed by HSM (usually 4)
SMException
public EncryptedPIN generatePIN(String accountNumber,
int pinLen,
List<String> excludes)
throws SMException
SMAdapter
generatePIN in interface SMAdapteraccountNumber - The 12 right-most digits of the account number excluding the check digitpinLen - length of the pin, usually in range 4-12.
Value 0 means that default length is assumed by HSM (usually 4)excludes - list of pins which won't be generated.
Each pin has to be pinLen length
SMException
public String calculatePVV(EncryptedPIN pinUnderLMK,
SecureDESKey pvkA,
SecureDESKey pvkB,
int pvkIdx)
throws SMException
SMAdapterpvkA and pvkB should be single length keys
but at least one of them may be double length key
calculatePVV in interface SMAdapterpinUnderLMK - PIN under LMKpvkA - first key PVK in PVK pairpvkB - second key PVK in PVK pairpvkIdx - index of the PVK, in range 0-6, if not present 0 is assumed
SMException - if PIN is on exclude list WeakPINException is thrown
public String calculatePVV(EncryptedPIN pinUnderLMK,
SecureDESKey pvkA,
SecureDESKey pvkB,
int pvkIdx,
List<String> excludes)
throws SMException
SMAdapterpvkA and pvkB should be single length keys
but at least one of them may be double length key
calculatePVV in interface SMAdapterpinUnderLMK - PIN under LMKpvkA - first key PVK in PVK pairpvkB - second key PVK in PVK pairpvkIdx - index of the PVK, in range 0-6, if not present 0 is assumedexcludes - list of pins which won't be generated.
Each pin has to be pinLen length
SMException
public String calculatePVV(EncryptedPIN pinUnderKd1,
SecureDESKey kd1,
SecureDESKey pvkA,
SecureDESKey pvkB,
int pvkIdx)
throws SMException
SMAdapterpvkA and pvkB should be single length keys
but at least one of them may be double length key
calculatePVV in interface SMAdapterpinUnderKd1 - the encrypted PINkd1 - Data Key under which the pin is encryptedpvkA - first key PVK in PVK pairpvkB - second key PVK in PVK pairpvkIdx - index of the PVK, in range 0-6, if not present 0 is assumed
SMException
public String calculatePVV(EncryptedPIN pinUnderKd1,
SecureDESKey kd1,
SecureDESKey pvkA,
SecureDESKey pvkB,
int pvkIdx,
List<String> excludes)
throws SMException
SMAdapterpvkA and pvkB should be single length keys
but at least one of them may be double length key
calculatePVV in interface SMAdapterpinUnderKd1 - the encrypted PINkd1 - Data Key under which the pin is encryptedpvkA - first key PVK in PVK pairpvkB - second key PVK in PVK pairpvkIdx - index of the PVK, in range 0-6, if not present 0 is assumedexcludes - list of pins which won't be generated.
Each pin has to be pinLen length
WeakPINException - if passed PIN is on excludes list
SMException
public boolean verifyPVV(EncryptedPIN pinUnderKd1,
SecureDESKey kd1,
SecureDESKey pvkA,
SecureDESKey pvkB,
int pvki,
String pvv)
throws SMException
SMAdapterpvkA and pvkB should be single
length keys but at least one of them may be double length key
verifyPVV in interface SMAdapterpinUnderKd1 - pin block under kd1kd1 - Data Key (also called session key) under which the pin is encrypted (ZPK or TPK)pvkA - first PVK in PVK pairpvkB - second PVK in PVK pairpvki - index of the PVK, in range 0-6, if not present 0 is assumedpvv - (VISA PIN Verification Value)
SMException
public String calculateIBMPINOffset(EncryptedPIN pinUnderLmk,
SecureDESKey pvk,
String decTab,
String pinValData,
int minPinLen)
throws SMException
SMAdapter
calculateIBMPINOffset in interface SMAdapterpinUnderLmk - PIN under LMKpvk - accepts single, double, triple size key length.
Single key length is recomendateddecTab - decimalisation table. Accepts plain text and encrypted
decimalisation table depending to HSM configurationpinValData - pin validation data. User-defined data consisting of hexadecimal
characters and the character N, which indicates to the HSM where
to insert the last 5 digits of the account number. Usualy it consists
the first digits of the card numberminPinLen - pin minimal length
SMException
public String calculateIBMPINOffset(EncryptedPIN pinUnderLmk,
SecureDESKey pvk,
String decTab,
String pinValData,
int minPinLen,
List<String> excludes)
throws SMException
SMAdapter
calculateIBMPINOffset in interface SMAdapterpinUnderLmk - PIN under LMKpvk - accepts single, double, triple size key length.
Single key length is recomendateddecTab - decimalisation table. Accepts plain text and encrypted
decimalisation table depending to HSM configurationpinValData - pin validation data. User-defined data consisting of hexadecimal
characters and the character N, which indicates to the HSM where
to insert the last 5 digits of the account number. Usualy it consists
the first digits of the card numberminPinLen - pin minimal lengthexcludes - list of pins which won't be generated.
Each pin has to be pinLen length
WeakPINException - if passed PIN is on excludes list
SMException
public String calculateIBMPINOffset(EncryptedPIN pinUnderKd1,
SecureDESKey kd1,
SecureDESKey pvk,
String decTab,
String pinValData,
int minPinLen)
throws SMException
SMAdapter
calculateIBMPINOffset in interface SMAdapterkd1 - Data Key under which the pin is encryptedpvk - accepts single, double, triple size key length.
Single key length is recomendateddecTab - decimalisation table. Accepts plain text and encrypted
decimalisation table depending to HSM configurationpinValData - pin validation data. User-defined data consisting of hexadecimal
characters and the character N, which indicates to the HSM where
to insert the last 5 digits of the account number. Usualy it consists
the first digits of the card numberminPinLen - pin minimal length
SMException
public String calculateIBMPINOffset(EncryptedPIN pinUnderKd1,
SecureDESKey kd1,
SecureDESKey pvk,
String decTab,
String pinValData,
int minPinLen,
List<String> excludes)
throws SMException
SMAdapter
calculateIBMPINOffset in interface SMAdapterkd1 - Data Key under which the pin is encryptedpvk - accepts single, double, triple size key length.
Single key length is recomendateddecTab - decimalisation table. Accepts plain text and encrypted
decimalisation table depending to HSM configurationpinValData - pin validation data. User-defined data consisting of hexadecimal
characters and the character N, which indicates to the HSM where
to insert the last 5 digits of the account number. Usualy it consists
the first digits of the card numberminPinLen - pin minimal lengthexcludes - list of pins which won't be generated.
Each pin has to be pinLen length
WeakPINException - if passed PIN is on excludes list
SMException
public boolean verifyIBMPINOffset(EncryptedPIN pinUnderKd1,
SecureDESKey kd1,
SecureDESKey pvk,
String offset,
String decTab,
String pinValData,
int minPinLen)
throws SMException
SMAdapter
verifyIBMPINOffset in interface SMAdapterpinUnderKd1 - pin block under kd1kd1 - Data Key (also called session key) under which the pin is encrypted (ZPK or TPK)pvk - accepts single, double, triple size key length.
Single key length is recomendatedoffset - IBM PIN OffsetdecTab - decimalisation table. Accepts plain text and encrypted
decimalisation table depending to HSM configurationpinValData - pin validation data. User-defined data consisting of hexadecimal
characters and the character N, which indicates to the HSM where
to insert the last 5 digits of the account number. Usualy it consists
the first digits of the card numberminPinLen - min pin length
SMException
public EncryptedPIN deriveIBMPIN(String accountNo,
SecureDESKey pvk,
String decTab,
String pinValData,
int minPinLen,
String offset)
throws SMException
SMAdapter
deriveIBMPIN in interface SMAdapteraccountNo - the 12 right-most digits of the account number excluding the check digitpvk - accepts single, double, triple size key length.
Single key length is recomendateddecTab - decimalisation table. Accepts plain text and encrypted
decimalisation table depending to HSM configurationpinValData - pin validation data. User-defined data consisting of hexadecimal
characters and the character N, which indicates to the HSM where
to insert the last 5 digits of the account number. Usualy it consists
the first digits of the card numberminPinLen - min pin lengthoffset - IBM PIN Offset
SMException
public String calculateCVV(String accountNo,
SecureDESKey cvkA,
SecureDESKey cvkB,
Date expDate,
String serviceCode)
throws SMException
SMAdaptercvkA and cvkB should be single
length keys but at least one of them may be double length key
calculateCVV in interface SMAdapteraccountNo - The account number including BIN and the check digitcvkA - the first CVK in CVK paircvkB - the second CVK in CVK pairexpDate - the card expiration dateserviceCode - the card service code
Service code should be:
SMException
public boolean verifyCVV(String accountNo,
SecureDESKey cvkA,
SecureDESKey cvkB,
String cvv,
Date expDate,
String serviceCode)
throws SMException
SMAdaptercvkA and cvkB should be single
length keys but at least one of them may be double length key
verifyCVV in interface SMAdapteraccountNo - The account number including BIN and the check digitcvkA - the first CVK in CVK paircvkB - the second CVK in CVK paircvv - Card Verification Code/ValueexpDate - the card expiration dateserviceCode - the card service code
Service code should be:
SMException
public boolean verifydCVV(String accountNo,
SecureDESKey imkac,
String dcvv,
Date expDate,
String serviceCode,
byte[] atc,
MKDMethod mkdm)
throws SMException
SMAdapteraccountNo
expDate
serviceCode
atc
dCVV
verifydCVV in interface SMAdapteraccountNo - The account number including BIN and the check digitimkac - the issuer master key for generating and verifying Application Cryptogramsdcvv - dynamic Card Verification ValueexpDate - the card expiration dateserviceCode - the card service codeatc - application transactin counter. This is used for ICC Master
Key derivation. A 2 byte value must be supplied.mkdm - ICC Master Key Derivation Method. If null specified
is assumed MKDMethod.OPTION_A
SMException
public boolean verifyCVC3(SecureDESKey imkcvc3,
String accountNo,
String acctSeqNo,
byte[] atc,
byte[] upn,
byte[] data,
MKDMethod mkdm,
String cvc3)
throws SMException
SMAdapterThe EMV "Track 2 Equivalent Data", provided in the authorisation message and originating from the contactless smart card, is the source for the following data elements used in this function:
accountNo
expDate
serviceCode
atc
unpredictable number
cvc3
verifyCVC3 in interface SMAdapterimkcvc3 - the issuer master key for generating and verifying CVC3accountNo - The account number including BIN and the check digitacctSeqNo - account sequence number, 2 decimal digitsatc - application transactin counter. This is used for ICC Master
Key derivation. A 2 byte value must be supplied.upn - unpredictable number. This is used for Session Key Generation
A 4 byte value must be supplied.data - track datamkdm - ICC Master Key Derivation Method. If null specified
is assumed MKDMethod.OPTION_Acvc3 - dynamic Card Verification Code 3
SMException
public boolean verifyARQC(MKDMethod mkdm,
SKDMethod skdm,
SecureDESKey imkac,
String accoutNo,
String acctSeqNo,
byte[] arqc,
byte[] atc,
byte[] upn,
byte[] transData)
throws SMException
SMAdapter
verifyARQC in interface SMAdaptermkdm - ICC Master Key Derivation Method. For skdm equals
SKDMethod.VSDC and SKDMethod.MCHIP this parameter
is ignored and MKDMethod.OPTION_A is always used.skdm - Session Key Derivation Methodimkac - the issuer master key for generating and verifying Application CryptogramsaccoutNo - account number including BIN and check digitacctSeqNo - account sequence number, 2 decimal digitsarqc - ARQC/TC/AAC. A 8 byte value must be supplied.atc - application transactin counter. This is used for Session
Key Generation. A 2 byte value must be supplied.
For skdm equals SKDMethod.VSDC is not used.upn - unpredictable number. This is used for Session Key Generation
A 4 byte value must be supplied. For skdm equals
SKDMethod.VSDC is not used.transData - transaction data (without padding). Transaction data
elements and them order is dependend to proper cryptogram version
SMException
public byte[] generateARPC(MKDMethod mkdm,
SKDMethod skdm,
SecureDESKey imkac,
String accoutNo,
String acctSeqNo,
byte[] arqc,
byte[] atc,
byte[] upn,
ARPCMethod arpcMethod,
byte[] arc,
byte[] propAuthData)
throws SMException
SMAdapter
generateARPC in interface SMAdaptermkdm - ICC Master Key Derivation Method. For skdm equals
SKDMethod.VSDC and SKDMethod.MCHIP this parameter
is ignored and MKDMethod.OPTION_A is always used.skdm - Session Key Derivation Methodimkac - the issuer master key for generating and verifying Application CryptogramsaccoutNo - account number including BIN and check digitacctSeqNo - account sequence number, 2 decimal digitsarqc - ARQC/TC/AAC. A 8 byte value must be supplied.atc - application transactin counter. This is used for Session
Key Generation. A 2 byte value must be supplied.
For skdm equals SKDMethod.VSDC is not used.upn - unpredictable number. This is used for Session Key Generation
A 4 byte value must be supplied. For skdm equals
SKDMethod.VSDC is not used.arpcMethod - ARPC calculating method. For skdm equals
SKDMethod.VSDC, SKDMethod.MCHIP,
SKDMethod.AEPIS_V40 only ARPCMethod.METHOD_1 is validarc - the Authorisation Response Code. A 2 byte value must be supplied.
For arpcMethod equals ARPCMethod.METHOD_2 it is
csu - Card Status Update. Then a 4 byte value must be supplied.propAuthData - Proprietary Authentication Data. Up to 8 bytes.
Contains optional issuer data for transmission to the card in
the Issuer Authentication Data of an online transaction.
It may by used only for arpcMethod equals
ARPCMethod.METHOD_2 in other case is ignored.
arpcMethod equals
ARPCMethod.METHOD_2 4 bytes ARPC
SMException
public byte[] verifyARQCGenerateARPC(MKDMethod mkdm,
SKDMethod skdm,
SecureDESKey imkac,
String accoutNo,
String acctSeqNo,
byte[] arqc,
byte[] atc,
byte[] upn,
byte[] transData,
ARPCMethod arpcMethod,
byte[] arc,
byte[] propAuthData)
throws SMException
SMAdapter
verifyARQCGenerateARPC in interface SMAdaptermkdm - ICC Master Key Derivation Method. For skdm equals
SKDMethod.VSDC and SKDMethod.MCHIP this parameter
is ignored and MKDMethod.OPTION_A is always used.skdm - Session Key Derivation Methodimkac - the issuer master key for generating and verifying Application CryptogramsaccoutNo - account number including BIN and check digitacctSeqNo - account sequence number, 2 decimal digitsarqc - ARQC/TC/AAC. A 8 byte value must be supplied.atc - application transactin counter. This is used for Session
Key Generation. A 2 byte value must be supplied.
For skdm equals SKDMethod.VSDC is not used.upn - unpredictable number. This is used for Session Key Generation
A 4 byte value must be supplied. For skdm equals
SKDMethod.VSDC is not used.transData - transaction data (without padding). Transaction data
elements and them order is dependend to proper cryptogram versionarpcMethod - ARPC calculating method. For skdm equals
SKDMethod.VSDC, SKDMethod.MCHIP,
SKDMethod.AEPIS_V40 only ARPCMethod.METHOD_1 is validarc - the Authorisation Response Code. A 2 byte value must be supplied.
For arpcMethod equals ARPCMethod.METHOD_2 it is
csu - Card Status Update. Then a 4 byte value must be supplied.propAuthData - Proprietary Authentication Data. Up to 8 bytes.
Contains optional issuer data for transmission to the card in
the Issuer Authentication Data of an online transaction.
It may by used only for arpcMethod equals
ARPCMethod.METHOD_2 in other case is ignored.
arpcMethod equals ARPCMethod.METHOD_2
4 bytes ARPC, null in other case
SMException
public byte[] generateSM_MAC(MKDMethod mkdm,
SKDMethod skdm,
SecureDESKey imksmi,
String accountNo,
String acctSeqNo,
byte[] atc,
byte[] arqc,
byte[] data)
throws SMException
SMAdapter
generateSM_MAC in interface SMAdaptermkdm - ICC Master Key Derivation Method. For skdm equals
SKDMethod.VSDC and SKDMethod.MCHIP this parameter
is ignored and MKDMethod.OPTION_A is always used.skdm - Session Key Derivation Methodimksmi - the issuer master key for Secure Messaging IntegrityaccountNo - account number including BIN and check digitacctSeqNo - account sequence number, 2 decimal digitsatc - application transactin counter. This is used for Session
Key Generation. A 2 byte value must be supplied.
For skdm equals SKDMethod.VSDC is not used.
Second usage is as part of data which will be mackedarqc - ARQC/TC/AAC. A 8 byte value must be supplied.
For skdm equals SKDMethod.MCHIP RAND should
be suppiled. RAND is ARQC incremeted by 1 (with overflow) after
each script command for that same ATC valuedata - for which MAC will be generated. Should contain
APDU command e.g. PIN Unblock, Application block/unblock
with some additional application dependent data
SMException
public org.javatuples.Pair<EncryptedPIN,byte[]> translatePINGenerateSM_MAC(MKDMethod mkdm,
SKDMethod skdm,
SecureDESKey imksmi,
String accountNo,
String acctSeqNo,
byte[] atc,
byte[] arqc,
byte[] data,
EncryptedPIN currentPIN,
EncryptedPIN newPIN,
SecureDESKey kd1,
SecureDESKey imksmc,
SecureDESKey imkac,
byte destinationPINBlockFormat)
throws SMException
SMAdapterkd1 to an application specific PIN block
format, encrypted under a confidentiality session key, derived from
imksmc
data and translated
PIN block
translatePINGenerateSM_MAC in interface SMAdaptermkdm - ICC Master Key Derivation Method. For skdm equals
SKDMethod.VSDC and SKDMethod.MCHIP this parameter
is ignored and MKDMethod.OPTION_A is always used.skdm - Session Key Derivation Methodimksmi - the issuer master key for Secure Messaging IntegrityaccountNo - account number including BIN and check digitacctSeqNo - account sequence number, 2 decimal digitsatc - application transactin counter. This is used for Session
Key Generation. A 2 byte value must be supplied.
For skdm equals SKDMethod.VSDC is not used.
Second usage is as part of data which will be mackedarqc - ARQC/TC/AAC. A 8 byte value must be supplied.
For skdm equals SKDMethod.MCHIP RAND should
be suppiled. RAND is ARQC incremeted by 1 (with overflow) after
each script command for that same ATC valuedata - for which MAC will be generated. Should contain APDU
command PIN Change with some additional application dependent datacurrentPIN - encrypted under kd1 current PIN. Used when
destinationPINBlockFormat equals SMAdapter.FORMAT42newPIN - encrypted under kd1 new PIN.kd1 - Data Key (also called transport key) under which the source pin is encryptedimksmc - the issuer master key for Secure Messaging Confidentialityimkac - the issuer master key for generating and verifying
Application Cryptograms. Used when destinationPINBlockFormat equals
SMAdapter.FORMAT41 or SMAdapter.FORMAT42 in other cases is ignoreddestinationPINBlockFormat - the PIN Block Format of the translated encrypted PIN
SMAdapter.FORMAT34 Standard EMV PIN Block
SMAdapter.FORMAT35 Europay/Mastercard
SMAdapter.FORMAT41 Visa/Amex format without using Current PIN
SMAdapter.FORMAT42 Visa/Amex format using Current PIN
SMException
public byte[] generateCBC_MAC(byte[] data,
SecureDESKey kd)
throws SMException
SMAdapter
generateCBC_MAC in interface SMAdapterdata - the data to be MACedkd - the key used for MACing
SMException
public byte[] generateEDE_MAC(byte[] data,
SecureDESKey kd)
throws SMException
SMAdapter
generateEDE_MAC in interface SMAdapterdata - the data to be MACedkd - the key used for MACing
SMException
public SecureDESKey translateKeyFromOldLMK(SecureDESKey kd)
throws SMException
SMAdapter
translateKeyFromOldLMK in interface SMAdapterkd - the key encrypted under old LMK
SMException - if the parity of the imported key is not adjusted AND checkParity = true
public void eraseOldLMK()
throws SMException
SMAdapter
eraseOldLMK in interface SMAdapterSMException
protected SecureDESKey generateKeyImpl(short keyLength,
String keyType)
throws SMException
keyLength - keyType -
SMException
protected byte[] generateKeyCheckValueImpl(SecureDESKey kd)
throws SMException
kd -
SMException
protected SecureDESKey importKeyImpl(short keyLength,
String keyType,
byte[] encryptedKey,
SecureDESKey kek,
boolean checkParity)
throws SMException
keyLength - keyType - encryptedKey - kek -
SMException
protected byte[] exportKeyImpl(SecureDESKey key,
SecureDESKey kek)
throws SMException
key - kek -
SMException
protected EncryptedPIN encryptPINImpl(String pin,
String accountNumber)
throws SMException
pin - accountNumber -
SMException
protected String decryptPINImpl(EncryptedPIN pinUnderLmk)
throws SMException
pinUnderLmk -
SMException
protected EncryptedPIN importPINImpl(EncryptedPIN pinUnderKd1,
SecureDESKey kd1)
throws SMException
pinUnderKd1 - kd1 -
SMException
protected EncryptedPIN translatePINImpl(EncryptedPIN pinUnderKd1,
SecureDESKey kd1,
SecureDESKey kd2,
byte destinationPINBlockFormat)
throws SMException
pinUnderKd1 - kd1 - kd2 - destinationPINBlockFormat -
SMException
protected EncryptedPIN importPINImpl(EncryptedPIN pinUnderDuk,
KeySerialNumber ksn,
SecureDESKey bdk)
throws SMException
pinUnderDuk - ksn - bdk -
SMException
protected EncryptedPIN translatePINImpl(EncryptedPIN pinUnderDuk,
KeySerialNumber ksn,
SecureDESKey bdk,
SecureDESKey kd2,
byte destinationPINBlockFormat)
throws SMException
pinUnderDuk - ksn - bdk - kd2 - destinationPINBlockFormat -
SMException
protected EncryptedPIN exportPINImpl(EncryptedPIN pinUnderLmk,
SecureDESKey kd2,
byte destinationPINBlockFormat)
throws SMException
pinUnderLmk - kd2 - destinationPINBlockFormat -
SMException
protected EncryptedPIN generatePINImpl(String accountNumber,
int pinLen,
List<String> excludes)
throws SMException
accountNumber - pinLen - excludes -
SMException
protected String calculatePVVImpl(EncryptedPIN pinUnderLMK,
SecureDESKey pvkA,
SecureDESKey pvkB,
int pvkIdx,
List<String> excludes)
throws SMException
pinUnderLMK - pvkA - pvkB - pvkIdx -
SMException
protected String calculatePVVImpl(EncryptedPIN pinUnderKd1,
SecureDESKey kd1,
SecureDESKey pvkA,
SecureDESKey pvkB,
int pvkIdx,
List<String> excludes)
throws SMException
pinUnderKd1 - kd1 - pvkA - pvkB - pvkIdx -
SMException
protected boolean verifyPVVImpl(EncryptedPIN pinUnderKd,
SecureDESKey kd,
SecureDESKey pvkA,
SecureDESKey pvkB,
int pvki,
String pvv)
throws SMException
pinUnderKd - kd - pvkA - pvkB - pvki - pvv -
SMException
protected String calculateIBMPINOffsetImpl(EncryptedPIN pinUnderLmk,
SecureDESKey pvk,
String decTab,
String pinValData,
int minPinLen,
List<String> excludes)
throws SMException
pinUnderLmk - pvk - decTab - pinValData - minPinLen - excludes -
SMException
protected String calculateIBMPINOffsetImpl(EncryptedPIN pinUnderKd1,
SecureDESKey kd1,
SecureDESKey pvk,
String decTab,
String pinValData,
int minPinLen,
List<String> excludes)
throws SMException
pinUnderKd1 - kd1 - pvk - decTab - pinValData - minPinLen - excludes -
SMException
protected boolean verifyIBMPINOffsetImpl(EncryptedPIN pinUnderKd,
SecureDESKey kd,
SecureDESKey pvk,
String offset,
String decTab,
String pinValData,
int minPinLen)
throws SMException
pinUnderKd - kd - pvk - offset - decTab - pinValData - minPinLen -
SMException
protected EncryptedPIN deriveIBMPINImpl(String accountNo,
SecureDESKey pvk,
String decTab,
String pinValData,
int minPinLen,
String offset)
throws SMException
accountNo - pvk - decTab - pinValData - minPinLen - offset -
SMException
protected String calculateCVVImpl(String accountNo,
SecureDESKey cvkA,
SecureDESKey cvkB,
Date expDate,
String serviceCode)
throws SMException
accountNo - cvkA - cvkB - expDate - serviceCode -
SMException
protected boolean verifyCVVImpl(String accountNo,
SecureDESKey cvkA,
SecureDESKey cvkB,
String cvv,
Date expDate,
String serviceCode)
throws SMException
accountNo - cvkA - cvkB - cvv - expDate - serviceCode -
SMException
protected boolean verifydCVVImpl(String accountNo,
SecureDESKey imkac,
String dcvv,
Date expDate,
String serviceCode,
byte[] atc,
MKDMethod mkdm)
throws SMException
accountNo - imkac - dcvv - expDate - serviceCode - atc - mkdm -
SMException
protected boolean verifyCVC3Impl(SecureDESKey imkcvc3,
String accountNo,
String acctSeqNo,
byte[] atc,
byte[] upn,
byte[] data,
MKDMethod mkdm,
String cvc3)
throws SMException
imkcvc3 - accountNo - acctSeqNo - atc - upn - data - mkdm - cvc3 -
SMException
protected boolean verifyARQCImpl(MKDMethod mkdm,
SKDMethod skdm,
SecureDESKey imkac,
String accountNo,
String acctSeqNo,
byte[] arqc,
byte[] atc,
byte[] upn,
byte[] transData)
throws SMException
mkdm - skdm - imkac - accountNo - acctSeqNo - arqc - atc - upn - transData -
SMException
protected byte[] generateARPCImpl(MKDMethod mkdm,
SKDMethod skdm,
SecureDESKey imkac,
String accountNo,
String acctSeqNo,
byte[] arqc,
byte[] atc,
byte[] upn,
ARPCMethod arpcMethod,
byte[] arc,
byte[] propAuthData)
throws SMException
mkdm - skdm - imkac - accountNo - acctSeqNo - arqc - atc - upn - arpcMethod - arc - propAuthData -
SMException
protected byte[] verifyARQCGenerateARPCImpl(MKDMethod mkdm,
SKDMethod skdm,
SecureDESKey imkac,
String accountNo,
String acctSeqNo,
byte[] arqc,
byte[] atc,
byte[] upn,
byte[] transData,
ARPCMethod arpcMethod,
byte[] arc,
byte[] propAuthData)
throws SMException
mkdm - skdm - imkac - accountNo - acctSeqNo - arqc - atc - upn - arpcMethod - arc - propAuthData -
SMException
protected byte[] generateSM_MACImpl(MKDMethod mkdm,
SKDMethod skdm,
SecureDESKey imksmi,
String accountNo,
String acctSeqNo,
byte[] atc,
byte[] arqc,
byte[] data)
throws SMException
mkdm - skdm - imksmi - accountNo - acctSeqNo - atc - arqc - data -
SMException
protected org.javatuples.Pair<EncryptedPIN,byte[]> translatePINGenerateSM_MACImpl(MKDMethod mkdm,
SKDMethod skdm,
SecureDESKey imksmi,
String accountNo,
String acctSeqNo,
byte[] atc,
byte[] arqc,
byte[] data,
EncryptedPIN currentPIN,
EncryptedPIN newPIN,
SecureDESKey kd1,
SecureDESKey imksmc,
SecureDESKey imkac,
byte destinationPINBlockFormat)
throws SMException
mkdm - skdm - imksmi - accountNo - acctSeqNo - atc - arqc - data - currentPIN - newPIN - kd1 - imksmc - imkac - destinationPINBlockFormat -
SMException
protected byte[] generateCBC_MACImpl(byte[] data,
SecureDESKey kd)
throws SMException
data - kd -
SMException
protected byte[] generateEDE_MACImpl(byte[] data,
SecureDESKey kd)
throws SMException
data - kd -
SMException
protected SecureDESKey translateKeyFromOldLMKImpl(SecureDESKey kd)
throws SMException
kd - the key encrypted under old LMK
SMException - if the parity of the imported key is not adjusted AND checkParity = true
protected void eraseOldLMKImpl()
throws SMException
SMException
|
||||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | |||||||||