IBM 2 Computer Hardware User Manual


  Open as PDF
of 508
 
CCA Release 2.54
Providing Security for PINs ............................ 8-6
Using Specific Key Types and Key-Usage Bits to Help Ensure PIN
Security
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-7
Supporting Multiple PIN-Calculation Methods
.................. 8-8
PIN-Calculation Methods
. . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-8
Data_Array . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-8
Supporting Multiple PIN-Block Formats and PIN-Extraction Methods ... 8-10
PIN Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-10
PIN-Extraction Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-12
Personal Account Number (PAN) ...................... 8-13
Working With EMV Smart Cards .......................... 8-13
Clear_PIN_Encrypt (CSNBCPE) . . . . . . . . . . . . . . . . . . . . . . . . . . 8-15
Clear_PIN_Generate (CSNBPGN) . . . . . . . . . . . . . . . . . . . . . . . . . 8-18
Clear_PIN_Generate_Alternate (CSNBCPA) . . . . . . . . . . . . . . . . . . . 8-21
CVV_Generate (CSNBCSG) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-27
CVV_Verify (CSNBCSV) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-30
Encrypted_PIN_Generate (CSNBEPG)
. . . . . . . . . . . . . . . . . . . . . . 8-33
Encrypted_PIN_Translate (CSNBPTR)
. . . . . . . . . . . . . . . . . . . . . . 8-37
Encrypted_PIN_Verify (CSNBPVR) . . . . . . . . . . . . . . . . . . . . . . . . 8-42
| Key_Encryption_Translate (CSNBKET) . . . . . . . . . . . . . . . . . . . . . . 8-49
PIN_Change/Unblock (CSNBPCU) . . . . . . . . . . . . . . . . . . . . . . . . . 8-52
Secure_Messaging_for_Keys (CSNBSKY) . . . . . . . . . . . . . . . . . . . . 8-59
Secure_Messaging_for_PINs (CSNBSPN) . . . . . . . . . . . . . . . . . . . . 8-62
SET_Block_Compose (CSNDSBC) . . . . . . . . . . . . . . . . . . . . . . . . 8-66
SET_Block_Decompose (CSNDSBD) . . . . . . . . . . . . . . . . . . . . . . . 8-70
Transaction_Validation (CSNBTRV) . . . . . . . . . . . . . . . . . . . . . . . . 8-75
Appendix A. Return Codes and Reason Codes ............... A-1
Return Codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-1
Reason Codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-1
Return Code 0 ................................... A-2
Return Code 4 ................................... A-3
Return Code 8 ................................... A-4
Return Code 12 .................................. A-10
Return Code 16 .................................. A-11
Appendix B. Data Structures . . . . . . . . . . . . . . . . . . . . . . . . . . B-1
Key Tokens . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-1
Master Key Verification Pattern ......................... B-1
Token-Validation Value and Record-Validation Value ............ B-2
Null Key-Token . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-2
DES Key-Tokens . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-3
Internal DES Key-Token ........................... B-3
External DES Key-Token ............................. B-5
RSA PKA Key-Tokens .............................. B-6
RSA Key-Token Sections ........................... B-7
PKA Key-Token Integrity ........................... B-8
Number Representation in PKA Key-Tokens ................ B-8
Chaining-Vector Records . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-20
Key-Storage Records . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-21
Key_Record_List Data Set ............................. B-25
Access-Control Data Structures .......................... B-28
Role Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . B-29
Basic Structure of a Role ........................... B-29
vi IBM 4758 CCA Basic Services, Release 2.54, February 2005
 previous next