Quantcast
Channel: Thales Simulator Library
Viewing all 332 articles
Browse latest View live

New Post: Generate ZMK components with GC command

August 29, 2013, 4:07 am
$
0
0
Hi

I was having similar issues and saw in the guide that gg is superseded by 'A4'

I think that if you generate with GC then you have to combine with A4

-H
Search

New Post: Help on BC command

August 29, 2013, 7:52 am
$
0
0
I need help to understand the use of the command "BC", with respect to the parameter "PIN - The PIN from the Host database encrypted under LMK pair
02-03 "as it should be passed, or rather, where it comes from?

New Post: Generate ZMK components with GC command

September 3, 2013, 10:55 pm
$
0
0
Hello,

It is difficult to change the code of my host from GG to A4.

Even so, I have tried to manually send the A4 command as written below but I get the error A527:

A43000U + COMP1 + COMP2 + COMP3

New Post: M0 command

September 17, 2013, 1:21 pm
$
0
0
Can please someone clarify if the M0 command is supported? Looking back here, sound the answer is no.

Downloaded latest beta version and development version. Getting a message:

Request: 0000M0001100BU845897A154C4C6A00F2D1F350AB2C7D900100000000000001234
Parsing header and code of message 0000M0001100BU845897A154C4C6A00F2D1F350AB2C7D900100000000000001234...
Searching for implementor of M0...
No implementor for M0.
Disconnecting client.
Client disconnected.

Tks

R.

New Post: PVV generation

September 19, 2013, 3:51 am
$
0
0
Hey Guys,
Have new Challenge ...We had PIN encryption happening earlier with IBM method ..but now want to switch to PVV method ..

I have clear PIN , card number and PVK..

What command should be used to generate PVV value (PIN offset) so that clear PIN value remain unchanged .


Cheers :)

New Post: PVV generation

September 24, 2013, 8:28 pm
$
0
0
Hi,

I am having the same problem needing to transfer the PIN from an old card to a new card (we currently have an ESM which provides calculating PVV from IBM offset but we are retiring it and that's where I came from).

What I did is using EE command with PIN offset to get the encrypted PIN, when trying to use DG command to generate a PVV for the PIN,
I got a DH14 error which means PIN encrypted under LMK pair 02-03 is invalid from the error code section of the manual.

NG (decrypt the PIN) then BA (encrypt the PIN with new card number) would work however the two commands are not authorized in our enviroment (and I don't think they want to authorise them).

Thanks,
David

New Post: PVV generation

September 24, 2013, 9:02 pm
$
0
0
Thanks David .

I got a problem Solved .


I was having clear PIN with IBM method ...used BA to encrypt the PIN and DG to generate PVV (Visa Method) with encrypted PIN..I think u need BA if u want to generate PVV but not Sure .

I have done earlier the requirement to transfer PIN from one acct/card to another card with IBM method and used below commands. Not aware now, y we dcrypted and encrypted ..It was long back..

But here also you can't go away from BA & NG

EE - to generate PIN
NG- Dcrypt the PIN
BA- Encrypt PIN
DE-PIN offset calculation

New Post: PVV generation

September 24, 2013, 9:40 pm
$
0
0
Thanks Jassi,

I will see if I can get our local Thales support to have a look whether there's another way of doing it or there can be only two way out:
  1. Authorize BA and NG if possible.
  2. Let our customers know we are not doing it anymore.
Cheers,
David
Search

New Post: Clear ZMK Components

September 26, 2013, 8:36 am
$
0
0
Hi guys,

I have the following keys:
  • PVKA under LMK: XXXX XXXX XXXX XXXX
  • PVKB under LMK: XXXX XXXX XXXX XXXX
  • PVKA under ZMK: XXXX XXXX XXXX XXXX
  • PVKB under ZMK: XXXX XXXX XXXX XXXX
  • CVKA Under LMK: XXXX XXXX XXXX XXXX
  • CVKB Under LMK: XXXX XXXX XXXX XXXX
  • CVKA Under ZMK: XXXX XXXX XXXX XXXX
  • CVKB Under ZMK: XXXX XXXX XXXX XXXX
  • ZMK Under LMK: XXXX XXXX XXXX XXXX
  • ZMK encrypted component
    Component 1: XXXX XXXX XXXX XXXX
    Component 2: XXXX XXXX XXXX XXXX
    Component 3: XXXX XXXX XXXX XXXX
I need the three clear components for the ZMK, how can i get this keys?

ZMK clear component?
Component 1:
Component 2:
Component 3:

Thanks.

New Post: BA Command Result Vs EE Command Result

October 1, 2013, 7:31 pm
$
0
0
Hi Everyone,

I have used the command 'EE' with the PAN, OFFSET, PVK, Decimalization Table, Security Code and received the Response Derived PIN Encrypted using LMK in the EF Reply Message from HSM.
'Derived PIN Encrypted under LMK 02-03' as per the Programmer Manual of Thales

But I realy know the Clear PIN say 123456 of the Card and use the BA command to decrypt the Clear PIN using the above PAN used in the EE Command.

Then I got the Reply from HSM.

PIN Encrypted Under LMK 02-03
But the Results of the above 2 commands are not the same. Can u please clarify the difference between the results of those two commands.

Thank u

New Post: Pin encryption with ZPK

October 26, 2013, 8:14 am
$
0
0
lsyeong wrote:
Hi Nick, Thanks. Will go thru again. Regards,Sean
Hi Isyeong,

I knew it has been more than one year since your last reply.
But could you share with me the solution for your problem ?

I'm facing the same problem right now.
Someone told me that I should use "clear" key to encrypt pin on Internet Banking, so the encrypted pin can be decrypted by HSM.
He told me that I can use "encrypted" key, only if I have another HSM on Internet Banking side.

Thank you

New Post: BA Command Result Vs EE Command Result

October 29, 2013, 12:29 am
$
0
0
Dear ,
Currently i m also using EE command but facing some issues

Actually in Command

'Message Header' = [27600000]
[None an 002 M] : 'Command Code' = [EE]
[16H/1A+32H/1A+48H M] : 'PVK' = '9FFFFFFFFFFFFFFF'
[None Hex 012 M] : 'Offset' = [6772FFFFFFFF]
[None n 002 M] : 'Check Length' = [04]
[None n 012 M] : 'Account Number' = [123243461600]
[None n 016 M] : 'Decimalization Table' = [0123456789078910]
[None an 012 M] : 'PIN Validation Data' = [1243501014N8]


In PVK, we have only 16bye in command but in my base code (provided by third party), it is expectiong 32Byte .. Is it dependent on HSM configuration .. after 16byte PVK... i m sending 16 spaces to make it 32 .

I have modified the data..It may seem wrong ..Just want to check if I can send 16 byte PVK value..or it will depend on some configuration

New Post: How to Generate TPK (LMK) and TPK (TMK) using the HC host command

October 29, 2013, 2:19 am
$
0
0
Hi,

I need to obtain the TPK (LMK) and TPK (TMK) by sending the TMK (LMK) value using the HC command. I can connect to the simulator using the below code. However now I need to know how to send HC command along with TMK (LMK) value to the simulator and I am expecting a response of TPK (LMK) and TPK (TMK). Following is my code to connect to simulator:

string strthalesIPAddressOrHostName = "XX.XX.XX.XX";
            int intthalesPort = XXXX;
            ThalesSim.Core.TCP.WorkerClient thales;
            string strHostCommandString;

            thales = new ThalesSim.Core.TCP.WorkerClient(new System.Net.Sockets.TcpClient(strthalesIPAddressOrHostName, intthalesPort));
            thales.InitOps();

    // After connecting to the Simulator, How to send HC command with TMK (LMK) value and I want a response back of TPK (LMK) and TPK (TMK) 


            // disconnect from HSM
            thales.TermClient();
Can you please provide me with the HC command or code that I need to include above to Generate/Obtain TPK (LMK) and TPK (TMK)

Thanks.

New Post: HOW TO GENERATE (DERIVE) AN IPEK (IKEY) on Payshield 9000

November 19, 2013, 6:09 am
$
0
0
Hi Guys,

I'm getting problems to derive (or create) and IPEK based on a BDK already generated.

I already read all the syntax about the A0 command for Payshield 9000, but when I try to send it using the simulator I'm getting response 29.
So, not sure if the simulator is currently supporting A0 for deriving an IPEK from BDK.

For more clarification, the following is the command I'm sending and the response I'm getting:

Input to HSM : 0000A0A302U0EDCC6D6966ADC1A3C83FE89F63BBD483FFFF9876543333E
Output from HSM : 0000A129

Sim App events output:

Request: 0000A0A302U0EDCC6D6966ADC1A3C83FE89F63BBD483FFFF9876543333E
Parsing header and code of message 0000A0A302U0EDCC6D6966ADC1A3C83FE89F63BBD483FFFF9876543333E...
Searching for implementor of A0...
Found implementor ThalesSim.Core.HostCommands.BuildIn.GenerateKey_A0, instantiating...
Calling AcceptMessage()...
Calling ConstructResponse()...
Calling ConstructResponseAfterOperationComplete()...
Attaching header/response code to response...
Sending: 0000A129
Calling Terminate()...
Implementor to Nothing
Client disconnected.

Can you guys give me some light here?


Thanks!!

New Post: DES encryption on PIN Block creation

November 20, 2013, 12:00 am
$
0
0
Hi, i'm newbie on HSM field, i don't know about this until i get this project.
i will write app on java language that act like ATM.

after reading on this board, i think i need this step :
for the first time, i need to create pin block, it's constructed by pin XOR PAN ( both in ISO 9564 format 0)
then encrypted in DES/ECB/NoPadding with TAK as key.
but, DES encryption give more than 16 Hexchar as result.
i look at DES.vb (byteDESEncrypt()) @this link , and found this code :

csMyCryptoStream = New CryptoStream(outStream, desProvider.CreateEncryptor(bKey, bNullVector), CryptoStreamMode.Write)
csMyCryptoStream.Write(bData, 0, 8)

in my mind,
result from encryption is more than 16 hexcar but it grab from first byte until 8th byte,
so converted to Hex is 16 hexcar as result.
is it right ?

please advice if i'm in wrong direction.

note : i use thales sim V0.9.6
Search

New Post: IMPORTING PVK Keys using the Simulator

November 21, 2013, 12:48 am
$
0
0
Hi, I am trying to import PVK keys from our HSM test environment using the simulator. When i am trying to generate cards, i am getting "cannot generate pvv." error message. How can i check if i am importing the correct keys? Your response will be of great help. Thank you.

-des

Created Unassigned: XOR issue on forming keys with the encrypted components [12527]

November 29, 2013, 3:43 am
$
0
0
Hi,


I am new to HSM,I am testing with the console and host commands. I am using the standard LMK test Pair set. When command sent to form key with the encrypted components , the XOR of two components are not matching with result from the response. Please help.

1) Generated TMK double lenght (2) components
2) Formed the Key with Encrypted components respectively.
3) But the result XORing the two components are incorrect in the output result of Simulator. Command comparing with the result of manual XOR is done with the two components not matching.
5) CheckSum value matching.

Sample TMK Components :

Generating TMK :

command = "0000A00002U";

COMPONENT 1 CLEAR : 2934C8795E64946B8CB98C044380B0F7
Key generated (LMK): U7225E13B5D8C83C6DD1A10CB838D4CEC

COMPONENT 2 CLEAR : EFAE9DDFA18C3134641C58168F0815D5
Key generated (LMK): U2FF54082F1A7E9B43585FBE55AE15EAB


Form Key from the Encrypted components :

command ="0000A42002UU7225E13B5D8C83C6DD1A10CB838D4CECU2FF54082F1A7E9B43585FBE55AE15EAB";


=== [A4], starts 13:39:54.124 =======
[Key,Value]=[Key Component #1,7225E13B5D8C83C6DD1A10CB838D4CEC]
[Key,Value]=[Key Component #2,2FF54082F1A7E9B43585FBE55AE15EAB]
[Key,Value]=[Key Component Scheme #1,U]
[Key,Value]=[Key Component Scheme #2,U]
[Key,Value]=[Key Scheme (LMK),X]
[Key,Value]=[Key Type,002]
[Key,Value]=[Number of Components,2]

Component 1 (clear): 2934C8795E64946B8CB98C044380B0F7
Component 2 (clear): EFAE9DDFA18C3134641C58168F0815D5
Key (clear): C79B54A7FEE9A45EE9A4D513CD89A423
Check value: 2AC28D
=== [A4], ends 13:39:54.158 =======

Key (clear): C79B54A7FEE9A45EE9A4D513CD89A423


ACTUAL RESULT OF XOR FROM MANUAL PROCESS:

TMK Clear Key:
C69A55A6FFE8A55FE8A5D412CC88A522
K1 CheckSum : : 2A C2 8D


Please help.

Regards,
Vijayan

New Post: Pin Mailer Printing using the Simulator

December 1, 2013, 10:07 pm
$
0
0
Hi,

I would like to ask how to print pin mailers (serial port) using the Thales Simulator?

Thank you.

Reviewed: Version 0.9.6 (Dec 03, 2013)

December 3, 2013, 2:13 am
$
0
0
Rated 5 Stars (out of 5) - work as expected.

New Post: multiple threads on single tcp connection?

December 4, 2013, 7:47 am
$
0
0
A question on scaling:

Our implementation receives front end calls, and sends CI command to HSM for PIN translation under ZPK. It is working very well on single sequential requests.

Now we will have higher volume of requests, and asking guidance on building the scalability from messages arriving from a thread pool. Currently we use a static WorkerClient with MessageArrived delegate event handler.

As the responses from HSM do not carry any source request reference number, how is it possible to tie back the CJ response to the original request?

In light of this, we see these available options:
1) open new tcp connection for each front end call, or

2) keep open a single tcp connection
  • by using a synchronous blocking receive mode, or
  • with async delegate by building an internal queueing mechanism
I'd be connecting to an RG7900 in production, but simply unsure of its per translation latency and/or tcp client connection scalability (i see the simulator is set to 5 clients by default).

Many Thanks
Tozzi
Viewing all 332 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>