|
Command: |
Generate a MAC on a response message to a terminal and the new Key Register value encrypted under the LMK. Also, generate new MAC residue under the LMK. |
|
Notes: |
The command is used to respond to requests from terminals at the acquirer Host. |
|
Field |
Length & Type |
Details |
|
COMMAND MESSAGE |
||
|
Message header |
m A |
(Subsequently returned to the Host unchanged). |
|
Command code |
2 A |
Value RO. |
|
Terminal key register |
16 H |
The terminal key register encrypted under LMK pair 14-15. |
|
Fields A & B |
16 H |
The A & B fields as defined in the Racal Security Scheme. |
|
ZPK or flag |
16H or |
The ZPK under which Auth Para is encrypted, or the character L if Auth Para is encrypted under the LMK. |
|
Auth Para |
16 H |
The authorization parameter either encrypted under ZPK or under LMK pair 14-15 (as indicated in the previous field). |
|
MAC residue |
8 H |
The MAC residue from the request message processing; encrypted under LMK 10. |
|
Message length |
2 H |
Value X’00 to X’A0 (decimal 160) indicating the length of the next field. This field should be set to X'00 and the next field omitted if extended length messages required. |
|
Message text |
n A |
The response message on which the response MAC should be calculated. Omitted if extended length messages are required. |
|
Delimiter |
1 C |
Optional. Value ";". Only present if extended length messages to be used. |
|
Extended Message Length |
4 H |
Optional. Only present if extended length messages are to be used. Defines the length of the next field. Maximum value is determined by the maximum size of the HSM input buffer. |
|
Extended Message Text |
n A |
Optional. Only present if extended length messages are to be used. The message to be authenticated as received from the terminal, but excluding the STX, ETX and LRC. The last 8 characters are assumed to be the MAC. An all zero account number cannot be used. |
|
End message delimiter |
1C |
Optional. Must be present if a message trailer is present. Value X’19. |
|
Message trailer |
n A |
Optional. Maximum length 32 characters. |
|
Field |
Length & Type |
Details |
|
RESPONSE MESSAGE |
||
|
Message header |
m A |
Returned to the Host unchanged. |
|
Response code |
2 A |
Value RP. |
|
Error code |
2 N |
00 : No errors 10 : Key register parity error 12 : No keys loaded in user storage 13 : LMK error; report to supervisor 15 : Error in input data 21 : Invalid user storage index 80 : Message length error |
|
MAC residue |
8 H |
The MAC residue encrypted under LMK 10. |
|
MAC |
8 H |
The generated MAC to be sent to the terminal. |
|
End message delimiter |
1C |
Present only if present in the command message. Value X’19. |
|
Message trailer |
n A |
Present only if present in the command message. Maximum length 32 characters. |