Support User Manuals

IBM 2 Computer Hardware User Manual

Open as PDF

of 508

CCA Release 2.54 Secure_Messaging_for_Keys

Secure_Messaging_for_Keys (CSNBSKY)

Platform/

Product

OS/2 AIX Win NT/

2000

OS/400

IBM 4758-23 X

Use the Secure_Messaging_for_Keys verb to decrypt a key you supply for

incorporation into a text block you also supply. The text block is then encrypted

within the verb to preserve the security of the key value. The encrypted text block,

normally the “value” field in a TLV

2

item, can be incorporated into a message sent

to an EMV smart card.

The processing is consistent with the specifications provided in these documents:

 EMV 2000 Integrated Circuit Card Specification for Payment Systems Version

4.0 (EMV4.0) Book 2

 Design VISA Integrated Circuit Card Specification Manual.

You specify:

 Whether the text block shall be CBC or ECB encrypted.

 The input_key to be included within the encrypted text block. The input_key

can be an internal key (encrypted under the master key), or an external key, in

which case you also provide the IMPORTER or EXPORTER key required to

decipher the input_key. You also specify the length of this key using the

key_field_length variable.

 The key to encipher the “secure message” text block, the secmsg_key.

 The clear_text to be encrypted along with its length and the offset within the

block for placement of the decrypted input_key. The text you supply must be a

multiple of eight bytes.

You also supply the encryption initialization_vector and the variable for

receiving the initialization vector for encrypting additional message text. The

verb design presumes that the supplied text is a portion of a larger message

you are preparing for an EMV smart card. The encrypted text must be on an

8-byte boundary within the complete message. The initialization_vector would

normally be the encrypted eight bytes just prior to the text prepared within this

verb.

 The variable to receive the enciphered_text.

The Secure_Messaging_for_Keys verb:

 Recovers the input key.

 Places the deciphered input-key value within the supplied text at the specified

offset.

 Encrypts the supplied text. In CBC mode, uses the supplied

initialization_vector and also returns the value to be supplied as the initialization

vector when enciphering subsequent data for the EMV card message (the

output_chaining_vector).

2

TLV (Tag, Length, Value) is defined in ISO 7816-4

Chapter 8. Financial Services Support Verbs

8-59

previous next