|
Command: |
To validate a MasterCard/Europay-style Self-Signed Certification Authority (CA) Certificate. |
|
Notes: |
Use of this command requires the optional ESP licence. Error code 67 will be returned if the command is not licensed. Authorised State required. |
|
Field |
Length & Type |
Details | |
|
COMMAND MESSAGE |
|||
|
Message Header |
m A |
Will be returned to the Host unchanged | |
|
Command Code |
2 A |
Value “JO” | |
|
Certificate Length |
4 N |
Length (in bytes) of CA Self-Signed Certificate | |
|
CA Self-Signed Certificate |
n B |
CA Self-Signed Certificate (concatenation of the Clear Data and the Self-Signed Certificate). | |
|
Delimiter |
1 A |
Delimiter, value “;” | |
|
Authentication Data
|
n A |
Optional; additional data to be included in the MAC calculation (must not include “;”) | |
|
End Message Delimiter |
1 C
|
Optional. Must be present if a message trailer is present. Value X'19 | |
|
Message Trailer |
n A |
Optional. Maximum length 32 characters | |
|
Field |
Length & Type |
Details |
|
RESPONSE MESSAGE |
||
|
Message Header |
m A |
Will be returned to the Host unchanged |
|
Response Code |
2 A |
Value “JP” |
|
Error Code |
2 N |
00 - No error 02 - Hash validation failure 05 - Invalid hash algorithm 06 - Invalid public key algorithm indicator 08 - Invalid public key 13 - LMK error - report to Supervisor 15 - Error in input data 17 - HSM not in Authorised State 47 - DSP error - report to Supervisor 80 - Certificate length error 81 - Invalid header 82 - Invalid trailer 83 - Invalid certificate format 84 - Invalid subject ID 85 - Invalid public key data |
|
MAC
|
4 B |
MAC on Public Key and Authentication Data, calculated using LMK 36-37 |
|
Public Key
|
n B |
Public key, DER encoded in ASN.1 format (sequence of modulus, exponent) |
|
Hash Length |
2 N |
Length in hex characters of hash result in next field. This length will depend on the hash algorithm specified in the command message. For SHA-1, this length will be 40. |
|
Hash Value |
n H |
Hash value of self signed CA Public Key data |
|
Expiry Date |
2 D |
The Certificate Expiry Date (MMYY) recovered from the certificate. |
|
Certificate Serial Number |
3 B |
The Certificate Serial Number recovered from the certificate |
|
End Message Delimiter |
1 C
|
Will only be present if present in the command message. Value X'19 |
|
Message Trailer |
n A
|
Will only be present if in the command message. Maximum length 32 characters |