|
Command: |
To export a members chip card key set from the ESP for transport to the Europay KMC. |
|
Notes: |
Use of this command requires the optional ESP licence. Error code 67 will be returned if the command is not licensed. The output from this function is a double length key used to encrypt keys sent from the Europay KMC (BKEM) and a double length key used to MAC keys sent from the Europay KMC (BKAM) Some of the keys in the key set may be set to all zeroes to indicate they are not used. |
|
Field |
Length & Type |
Details | |
|
COMMAND MESSAGE |
|||
|
Message Header |
m A |
Will be returned to the Host unchanged | |
|
Command Code |
2 A |
Value R4 | |
|
Delimiter |
1 A |
Optional. If present the following field must be present. Value ;. | |
|
ESP Version |
1 A |
0 = September 2002 Specification 1 = April 2003 Specification (Version = 02 02) Only present if above Delimiter is present. | |
|
Member ID |
10 N |
Member ID number provided by the KMC PSS16 form sent by Europay to the member | |
|
Key Set Reference |
4 N |
Reference of the Magnetic Stripe Card Keys provided in this key set, as defined by the member | |
|
Floor Expiry Date for key set |
4 N |
Expiry Date in format MMYY | |
|
PAN Range for Key Set |
38 N |
Concatenation of 19 digits formed of PAN‑low left padded by 0s and 19 digits formed of PAN‑high left padded by 0s | |
|
Key Derivation Index |
3 N |
Index for the Key Set | |
|
Cryptogram Version Number |
1 B |
| |
|
IMKac |
1A + 32 H |
Double length IMKac, encrypted under LMK pair 28-29 Variant 1, using Key Encryption Scheme U | |
|
Extra IMKac Key Data |
Decision Matrix in case of Invalid Cryptogram |
3 N |
000 = Approved |
|
Decision Matrix in case of Impossible to validate cryptogram |
3 N |
000 = Approved | |
|
ICC Master Key Derivation |
1 N |
1 = M/Chip 2.x schemes 4 = M/Chip 4 scheme | |
|
Session Key Derivation |
1 N |
1 = M/Chip 2.x schemes 4 = M/Chip 4 scheme | |
|
ARQC/ARPC Algorithm ID |
1 N |
1 (reserved for future use) | |
|
Issuer Application Data Layout |
1 N |
1 = M/Chip Lite 2.1 and M/Chip 4 schemes 2 = M/Chip Select 2.0.5 scheme | |
|
H |
2 N |
Height of the tree. Only present if SKD = 4 | |
|
B |
2 N |
Branch of the tree. Only present if SKD = 4 | |
|
IMKsmi |
1A + 32 H |
Double length IMKsmi, encrypted under LMK pair 28-29 Variant 2, using Key Encryption Scheme U | |
|
Extra IMKsmI Key Data |
ICC Master Key Derivation |
1 N |
1 = M/Chip 2.x schemes 4 = M/Chip 4 scheme |
|
Session Key Derivation |
1 N |
1 = M/Chip 2.x schemes 4 = M/Chip 4 scheme | |
|
MAC Algorithm ID |
1 N |
1 (reserved for future use) | |
|
H |
2 N |
Height of the tree. Only present if SKD = 4 | |
|
B |
2 N |
Branch of the tree. Only present if SKD = 4 | |
|
IMKsmc |
1A + 32 H |
Double length IMKsmc encrypted under LMK pair 28-29 Variant 3, using Key Encryption Scheme U | |
|
Extra IMKsmc Key Data |
ICC Master Key Derivation Algorithm ID |
1 N |
1 = M/Chip 2.x schemes 4 = M/Chip 4 scheme |
|
Session Key Derivation Algorithm ID (SKD) |
1 N |
1 = M/Chip 2.x schemes 4 = M/Chip 4 scheme | |
|
Encryption Algorithm ID |
1 N |
1 (reserved for future use)
| |
|
H |
2 N |
Height of the tree. Only present if SKD = 4 | |
|
B |
2 N |
Branch of the tree. Only present if SKD = 4 | |
|
IMKidn |
1A + 32 H |
Double length IMKidn, encrypted under LMK pair 28-29 Variant 5, using Key Encryption Scheme U | |
|
Extra IMKIdn Key Data |
Decision Matrix in case of invalid cryptogram |
3 N |
000 = Approved |
|
Decision Matrix in case of Impossible to validate cryptogram |
3 N |
000 = Approved | |
|
ICC Master Key Derivation |
1 N |
1 = M/Chip 2.x schemes 4 = M/Chip 4 scheme | |
|
IDN Algorithm ID |
1 N |
1 (reserved for future use) | |
|
IMKdac
|
1A + 32 H |
Double length IMKdac, encrypted under LMK pair 28-29 Variant 4, using Key Encryption Scheme U | |
|
Extra IMKdac Key Data |
Decision Matrix in case of invalid cryptogram |
3 N |
000 = Approved |
|
Decision Matrix in case of Impossible to validate cryptogram |
3 N |
000 = Approved
| |
|
DAC Algorithm ID |
1 N |
1 (reserved for future use) | |
|
Transport Key ID |
4 N |
Key ID of the BKAM, BKEM used
| |
|
MAC algorithm |
1 N |
MAC algorithm to be used with BKAM,
| |
|
BKAM |
1A + 32 H |
BKAM encrypted under LMK pair 22-23, variant 6 | |
|
BKEM |
1A + 32 H |
BKEM encrypted under LMK pair 22-23, variant 5 | |
|
End Message Delimiter |
1 C
|
Optional. Must be present if a message trailer is present. Value X'19
| |
|
Message Trailer |
n A |
Optional. Maximum length 32 characters
| |
|
RESPONSE MESSAGE |
|||
|
Message Header |
m A |
Will be returned to the Host unchanged | |
|
Response Code |
2 A |
Value R5 | |
|
Error Code |
2 N |
00 - No error 10 IMKac parity error 11 IMKsmi parity error 50 IMKsmc parity error 8 BKAM parity error 9 BKEM parity error 15 Error in input data 51 Invalid MAC algorithm number 52 IMKidn parity error 53 IMKdac parity error 80 - Data length error | |
|
ESP Sequence Number |
16 H |
Sequence Number from the ESP
| |
|
Encrypted IMKac |
32 H |
BKEM Encrypted Key | |
|
IMKac Key Check Value |
3 B
|
| |
|
Encrypted IMKsmi |
32 H |
BKEM Encrypted Key | |
|
IMKsmi Key Check Value |
3 B
|
| |
|
Encrypted IMKsmc |
32 H |
BKEM Encrypted Key | |
|
IMKsmc Key Check Value |
3 B
|
| |
|
Encrypted IMKidn |
32 H |
BKEM Encrypted Key | |
|
IMKidn Key Check Value |
3 B
|
| |
|
Encrypted IMKdac |
32 H |
BKEM Encrypted Key | |
|
IMKdac Key Check Value |
3 B
|
| |
|
MAC |
16 H |
MAC calculated over key set data using BKAM | |
|
End Message Delimiter |
1 C
|
Will only be present if present in the command message. Value X'19 | |
|
Message Trailer |
n A
|
Will only be present if in the command message. Maximum length 32 characters | |