Revision History CCA Release 2.54
Eleventh Edition, April, 2004, CCA Support Program,
Release 2.52
This revision to the February, 2004, edition of the IBM 4758 CCA Basic Services
Reference and Guide for the IBM 4758 Models 002 and 023, Release 2.52,
replaces the February, 2004, Release 2.51 edition. Incorporated changes include:
Addition of a second set of issuer-master key parameters with revised
processing in the PIN_Change/Unblock (CSNBPCU) verb. The processing
changes are further described in “VISA and EMV-Related Smart Card Formats
and Processes” on page E-17.
Documentation of the RESETBAT rule-array keyword in the
Cryptographic_Facility_Control verb (CSUACFC) you use to reset the indication
of a low battery. This capability was added with Release 2.41.
In Appendix A, removal of return code 12, reason code 093.
Release 2.52 is only available for the IBM eServer iSeries. This manual includes
changes for Release 2.41 and Release 2.51 users as described in the following
sections.
Tenth Edition, February 2004, CCA Support Program,
Release 2.51
This tenth edition of the IBM 4758 CCA Basic Services Reference and Guide
Release 2.51 for the IBM 4758 Models 002 and 023 technology describes the
Common Cryptographic Architecture (CCA) application programming interface (API)
that is supported by the PCI Cryptographic Coprocessor feature available with
IBM eServer iSeries and OS/400 Option 35, CCA CSP.
The manual also includes updates and corrections to the previous editions for
Release 2.50, Release 2.41 and earlier. The revision bar, as shown at the left,
marks important changes and extensions to material previously published in the
Ninth Edition of the Basic Services manual.
Release 2.51 for the IBM eServer iSeries includes these additional and modified
EMV-smart-card-related capabilities enhancing the earlier Release 2.50:
1. Addition of the tree format key-diversification system, defined in the EMV 2000
document, Annex A1.3, to the Diversified_Key_Generate and
PIN_Change/Unblock verbs.
2. The double-length issuer-master-key in the Diversified_Key_Generate and
PIN_Change/Unblock verbs must have unequal halves.
3. The issuer-master-key control-vector encoding is extended to support use of
the DALL combination in the PIN_Change/Unblock verb.
4. The key-generating key control-vector encoding is extended to support use of
DDATA, DMAC, and DMV encodings provided the control vector for the
generated key has a conforming control vector.
5. Extension of the Message Authentication Code (MAC) MAC_Generate and
MAC_Verify verbs to support EMV-required post-padding of a message.
6. Corrected the order of the parameters on the Secure_Messaging_for_PINs
verb. The PIN_encrypting_key_identifier follows the input_PIN_block
parameter.
Release 2.50 incorporated these capabilities and changes:
xvi IBM 4758 CCA Basic Services, Release 2.54, February 2005