|
Command: |
To generate an Issuer RSA Key Set and return the Public Key in the form of a MasterCard/Europay-format Self-Signed Issuer Public Key Certificate. |
|
Notes: |
Use of this command requires the optional ESP licence. Error code 67 will be returned if the command is not licensed. Depending on key size, this function may take up to a minute or more to execute. This command may be used with either an odd Public Exponent or a Public Exponent = 2. Authorised State required. This command uses the Europay method of generating key pairs |
|
Field |
Length & Type |
Details | |
|
COMMAND MESSAGE |
|||
|
Message Header |
m A |
Will be returned to the Host unchanged | |
|
Command Code |
2 A |
Value J0 | |
|
Hash Identifier |
2 N |
Identifier of algorithm used to hash data. | |
|
Signature Identifier |
2 N |
Identifier of signature algorithm | |
|
Key Length
|
4 N |
Modulus length in bits (must be a multiple of 8) minimum value = 0400, maximum value = 2040 | |
|
Data Block
|
10 B |
Data block to be included in the Self-Signed Certificate (comprises Certificate Subject ID (5 bytes), Expiry Date (2 bytes) and Certificate Serial Number (3 bytes)). | |
|
Issuer Public Key Index |
3 B |
Issuer Public Key Index.
| |
|
Authentication Data
|
n A |
Optional; additional data to be included in the MAC calculation (must not include ;) | |
|
Delimiter |
1 A |
Delimiter to indicate end of Authentication Data field; value ; | |
|
Public Exponent Length
|
4 N |
Optional; length in bits of the Public Exponent; must be supplied if Public Exponent present in command message | |
|
Public Exponent |
n B |
Optional; if supplied then it must be odd or equal to 2; if not supplied then a default exponent of 65537 is assumed | |
|
End Message Delimiter |
1 C
|
Optional. Must be present if a message trailer is present. Value X'19 | |
|
Message Trailer |
n A |
Optional. Maximum length 32 characters | |
|
Field |
Length & Type |
Details |
RESPONSE MESSAGE |
|
Message Header |
m A |
Will be returned to the Host unchanged |
|
Response Code |
2 A |
Value J1 |
|
Error Code |
2 N |
00 - No error 04 - Key length error 05 - Invalid hash identifier 06 - Invalid signature identifier 07 - Public exponent length error 08 - Invalid public exponent 13 - LMK error report to Supervisor 15 - Error in input data 17 - HSM not in Authorised State 47 - DSP error report to Supervisor |
|
MAC |
4 B |
MAC on Public Key and Authentication Data calculated using LMK 36-37 |
|
Public Key |
n B |
Public Key, DER encoded in ASN.1 format (sequence of modulus and exponent) |
|
Certificate Length |
4 N |
Length in bytes of Self-Signed Certificate |
|
Self-Signed Issuer Public Key Certificate |
n B |
Self-Signed Issuer Public Key Certificate (the concatenation of the Clear Data and the Self-Signed Certificate).. |
|
Hash Length |
2 N |
Length in hex characters of hash result in next field. This length will depend on the hash algorithm specified in the command message. For SHA-1, this length will be 40. |
|
Hash Value |
n H |
Hash value of self signed Issuer Public Key data |
|
Private Key Length |
4 N |
Length (in bytes) of the Private Key field |
|
Private Key |
n B |
Private Key, encrypted using LMK pair 34-35 |
|
End Message Delimiter |
1 C |
Will only be present if present in the command message. Value X'19 |
|
Message Trailer |
n A
|
Will only be present if in the command message. Maximum length 32 characters |