/// <summary>
/// Process request.
/// </summary>
/// <returns>Response message.</returns>
public override StreamResponse ConstructResponse()
{
var mr = new StreamResponse();
KeyTypeCode ktc = null;
if (!ValidateKeyTypeCode(_keyTypeCode, mr, ref ktc))
{
return(mr);
}
var lmkKs = KeyScheme.Unspecified;
if (!ValidateKeySchemeCode(_lmkScheme, mr, ref lmkKs))
{
return(mr);
}
var clearComps = new HexKeyThales[_iNbrComponents];
var clearKey = string.Empty;
for (var i = 1; i <= _iNbrComponents; i++)
{
clearComps[i - 1] = new HexKeyThales(ktc, false, _comps[i - 1]);
if (!clearComps[i - 1].ClearKey.IsParityOk(Parity.Odd))
{
mr.Append(ErrorCodes.ER_10_SOURCE_KEY_PARITY_ERROR);
return(mr);
}
clearKey = !string.IsNullOrEmpty(clearKey) ? clearKey.XorHex(clearComps[i - 1].ClearKey) : clearComps[i - 1].ClearKey;
}
clearKey = clearKey.MakeParity(Parity.Odd);
var cryptKey = new HexKeyThales(ktc, true, clearKey);
for (var i = 1; i <= _iNbrComponents; i++)
{
Log.InfoFormat("Component {0} (clear): {1}", i, clearComps[i - 1].ClearKey);
}
Log.InfoFormat("Key (clear): {0}", clearKey);
Log.InfoFormat("Check value: {0}", cryptKey.CheckValue);
mr.Append(ErrorCodes.ER_00_NO_ERROR);
if (lmkKs == KeyScheme.DoubleLengthKeyVariant || lmkKs == KeyScheme.TripleLengthKeyVariant)
{
mr.Append(cryptKey.KeyVariant);
}
else
{
mr.Append(cryptKey.KeyAnsi);
}
mr.Append(cryptKey.CheckValue.Substring(0, 6));
return(mr);
}
/// <summary>
/// Process request.
/// </summary>
/// <returns>Response message.</returns>
public override StreamResponse ConstructResponse()
{
var mr = new StreamResponse();
KeyTypeCode ktc = null;
if (!ValidateKeyTypeCode(_keyType, mr, ref ktc))
{
return(mr);
}
var zmkKs = KeyScheme.Unspecified;
if (!ValidateKeySchemeCode(_zmkScheme, mr, ref zmkKs))
{
return(mr);
}
if (!ValidateAuthStateRequirement(KeyFunction.Export, ktc.Pair, ktc.Variant, mr))
{
return(mr);
}
var zmk = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair04_05), false, _zmk);
if (!zmk.ClearKey.IsParityOk(Parity.Odd))
{
mr.Append(ErrorCodes.ER_10_SOURCE_KEY_PARITY_ERROR);
return(mr);
}
var key = new HexKeyThales(ktc, false, _key);
if (!key.ClearKey.IsParityOk(Parity.Odd))
{
mr.Append(ErrorCodes.ER_11_DESTINATION_KEY_PARITY_ERROR);
return(mr);
}
var cryptKey = zmk.EncryptWithScheme(zmkKs.GetKeySchemeChar() + key.ClearKey);
Log.InfoFormat("ZMK (clear): {0}", zmk.ClearKey);
Log.InfoFormat("Key (clear): {0}", key.ClearKey);
Log.InfoFormat("Key (ZMK): {0}", cryptKey);
Log.InfoFormat("Check value: {0}", key.CheckValue);
mr.Append(ErrorCodes.ER_00_NO_ERROR);
mr.Append(zmkKs != KeyScheme.Unspecified && zmkKs != KeyScheme.SingleLengthKey
? zmkKs.GetKeySchemeChar()
: string.Empty);
mr.Append(cryptKey);
mr.Append(key.CheckValue.Substring(0, 6));
return(mr);
}
/// <summary>
/// Process request.
/// </summary>
/// <returns>Response message.</returns>
public override StreamResponse ConstructResponse()
{
var mr = new StreamResponse();
KeyTypeCode ktc = null;
if (!ValidateKeyTypeCode(_keyType, mr, ref ktc))
{
return(mr);
}
var lmk = KeyScheme.Unspecified;
if (!ValidateKeySchemeCode(_lmkScheme, mr, ref lmk))
{
return(mr);
}
if (!ValidateAuthStateRequirement(KeyFunction.Import, ktc.Pair, ktc.Variant, mr))
{
return(mr);
}
var zmk = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair04_05), false, _zmk);
if (!zmk.ClearKey.IsParityOk(Parity.Odd))
{
mr.Append(ErrorCodes.ER_10_SOURCE_KEY_PARITY_ERROR);
return(mr);
}
var clearKey = zmk.DecryptWithScheme(_key, _atallaVariant);
var warnParity = !clearKey.IsParityOk(Parity.Odd);
var newKey = new HexKeyThales(ktc, true, clearKey);
var checkValue = newKey.CheckValue;
Log.InfoFormat("ZMK (clear): {0}", zmk.ClearKey);
Log.InfoFormat("Key (clear): {0}", clearKey);
Log.InfoFormat("Key (LMK): {0}", newKey.Key);
Log.InfoFormat("Check value: {0}", checkValue);
if (warnParity)
{
Log.WarnFormat("Key {0} does not have odd parity (would be {1})", clearKey, clearKey.MakeParity(Parity.Odd));
}
mr.Append(ErrorCodes.ER_00_NO_ERROR);
mr.Append(lmk == KeyScheme.DoubleLengthKeyVariant || lmk == KeyScheme.TripleLengthKeyVariant
? newKey.KeyVariant
: newKey.KeyAnsi);
mr.Append(newKey.CheckValue.Substring(0, 6));
return(mr);
}
/// <summary>
/// Process request.
/// </summary>
/// <returns>Response message.</returns>
public override StreamResponse ConstructResponse()
{
var mr = new StreamResponse();
var pvk = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair14_15), false, _pvkPair);
if (!pvk.ClearKey.IsParityOk(Parity.Odd))
{
mr.Append(ErrorCodes.ER_11_DESTINATION_KEY_PARITY_ERROR);
return(mr);
}
if (Convert.ToInt32(_checkLen) < 4)
{
mr.Append(ErrorCodes.ER_15_INVALID_INPUT_DATA);
return(mr);
}
var idx = _pinValData.IndexOf("N", StringComparison.Ordinal);
var expPinValData = _pinValData.Substring(0, idx);
expPinValData = expPinValData + _acct.Substring(_acct.Length - 5, 5);
expPinValData = expPinValData + _pinValData.Substring(idx + 1, (_pinValData.Length - (idx + 1)));
var cryptAcctNum = pvk.ClearHexKey.Encrypt(expPinValData);
var decimalised = cryptAcctNum.Decimalise(_decTable);
var naturalPin = decimalised.Substring(0, Convert.ToInt32(_checkLen));
var derivedPin =
naturalPin.AddWithoutCarry(_offsetValue.Substring(0, _offsetValue.IndexOf("F", StringComparison.Ordinal)));
var cryptPin = Encrypt.EncryptPinForHostStorage(derivedPin);
Log.InfoFormat("PVK (clear): {0}", pvk.ClearKey);
Log.InfoFormat("Natural PIN: {0}", naturalPin);
Log.InfoFormat("Derived PIN: {0}", derivedPin);
mr.Append(ErrorCodes.ER_00_NO_ERROR);
mr.Append(cryptPin);
return(mr);
}
/// <summary>
/// Process request.
/// </summary>
/// <returns>Response message.</returns>
public override StreamResponse ConstructResponse()
{
var mr = new StreamResponse();
var zpk = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair06_07), false, _targetKey);
if (!zpk.ClearKey.IsParityOk(Parity.Odd))
{
mr.Append(ErrorCodes.ER_10_SOURCE_KEY_PARITY_ERROR);
return(mr);
}
if (!_pbFormat.IsPinBlockFormatSupported())
{
mr.Append(ErrorCodes.ER_23_INVALID_PIN_BLOCK_FORMAT_CODE);
return(mr);
}
var pbformat = _pbFormat.GetPinBlockFormat();
var clearPin = Encrypt.DecryptPinUnderHostStorage(_pin);
if (clearPin.Length < 4 || clearPin.Length > 12)
{
mr.Append(ErrorCodes.ER_24_PIN_IS_FEWER_THAN_4_OR_MORE_THAN_12_DIGITS_LONG);
return(mr);
}
var clearPb = clearPin.GetPinBlock(_acct, pbformat);
var cryptPb = zpk.ClearHexKey.Encrypt(clearPb);
Log.InfoFormat("Clear ZPK: {0}", zpk.ClearKey);
Log.InfoFormat("Clear PIN: {0}", clearPin);
Log.InfoFormat("Clear PIN Block: {0}", clearPb);
Log.InfoFormat("Encrypted PIN Block: {0}", cryptPb);
mr.Append(ErrorCodes.ER_00_NO_ERROR);
mr.Append(cryptPb);
return(mr);
}
public void VerifyThalesKey(string thalesKey, string keyTypeCode, string expectedKey)
{
var key = new HexKeyThales(keyTypeCode, false, thalesKey);
Assert.AreEqual(expectedKey, key.ClearKey);
Assert.AreEqual(key.ClearKey, key.ClearHexKey.Key);
if (key.Key.StartsWithKeyScheme())
{
var scheme = key.Key.GetKeyScheme();
var otherKey = new HexKeyThales(keyTypeCode, true, key.ClearKey);
if (scheme == KeyScheme.DoubleLengthKeyAnsi || scheme == KeyScheme.TripleLengthKeyAnsi)
{
Assert.AreEqual(otherKey.KeyAnsi, thalesKey);
}
else
{
Assert.AreEqual(otherKey.KeyVariant, thalesKey);
}
}
}
/// <summary>
/// Process request.
/// </summary>
/// <returns>Response message.</returns>
public override StreamResponse ConstructResponse()
{
var mr = new StreamResponse();
KeyTypeCode ktc = null;
if (!ValidateKeyTypeCode(_keyType, mr, ref ktc))
{
return(mr);
}
var ks = KeyScheme.Unspecified;
if (!ValidateKeySchemeCode(_keyScheme, mr, ref ks))
{
return(mr);
}
var rndKey = string.Empty.RandomKey(ks, Parity.Odd);
var cryptKey = new HexKeyThales(ktc, true, rndKey);
Log.InfoFormat("Key generated (clear): {0}", rndKey);
Log.InfoFormat("Key generated (ANSI): {0}", cryptKey.KeyAnsi);
Log.InfoFormat("Key generated (Variant): {0}", cryptKey.KeyVariant);
AddPrinterData("CLEAR COMPONENT");
AddPrinterData(rndKey);
mr.Append(ErrorCodes.ER_00_NO_ERROR);
mr.Append(ks == KeyScheme.DoubleLengthKeyVariant || ks == KeyScheme.TripleLengthKeyVariant
? cryptKey.KeyVariant
: cryptKey.KeyAnsi);
_result = "OK";
return(mr);
}
public void TestThalesKeyCheckValue(string thalesKey, string keyTypeCode, string expectedKcv)
{
var key = new HexKeyThales(keyTypeCode, false, thalesKey);
Assert.AreEqual(expectedKcv, key.CheckValue);
}
/// <summary>
/// Process request.
/// </summary>
/// <returns>Response message.</returns>
public override StreamResponse ConstructResponse()
{
var mr = new StreamResponse();
var lmkKs = KeyScheme.Unspecified;
if (!string.IsNullOrEmpty(_lmkScheme))
{
if (!ValidateKeySchemeCode(_lmkScheme, mr, ref lmkKs))
{
return(mr);
}
}
else
{
lmkKs = _comps[0].Length >= 32 ? KeyScheme.DoubleLengthKeyAnsi : KeyScheme.SingleLengthKey;
}
if (string.IsNullOrEmpty(_keyCheckValue))
{
_keyCheckValue = "0";
}
var clearKeys = new HexKeyThales[8];
var clearKey = string.Empty;
for (var i = 1; i <= _iNbrComponents; i++)
{
if (!ConfigHelpers.InLegacyMode())
{
if (_comps[i - 1].Length % 16 != 0)
{
Log.Error("Legacy mode is off - key components must be in the form of 16H/32H only.");
mr.Append(ErrorCodes.ER_15_INVALID_INPUT_DATA);
return(mr);
}
}
clearKeys[i - 1] = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair04_05), false, _comps[i - 1]);
if (!clearKeys[i - 1].ClearKey.IsParityOk(Parity.Odd))
{
mr.Append(i == 1
? ErrorCodes.ER_10_SOURCE_KEY_PARITY_ERROR
: ErrorCodes.ER_11_DESTINATION_KEY_PARITY_ERROR);
return(mr);
}
clearKey = !string.IsNullOrEmpty(clearKey) ? clearKey.XorHex(clearKeys[i - 1].ClearKey) : clearKeys[i - 1].ClearKey;
}
clearKey = clearKey.MakeParity(Parity.Odd);
var cryptKey = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair04_05), true, clearKey);
for (var i = 1; i <= _iNbrComponents; i++)
{
Log.InfoFormat("Component #{0} (clear): {1}", i, clearKeys[i - 1].ClearKey);
}
Log.InfoFormat("Key (clear): {0}", clearKey);
Log.InfoFormat("Key (LMK): {0}",
lmkKs == KeyScheme.DoubleLengthKeyVariant ? cryptKey.KeyVariant : cryptKey.KeyAnsi);
Log.InfoFormat("Check value: {0}",
_keyCheckValue == "0" ? cryptKey.CheckValue : cryptKey.CheckValue.Substring(0, 6));
mr.Append(ErrorCodes.ER_00_NO_ERROR);
var returnedKey = lmkKs == KeyScheme.DoubleLengthKeyVariant
? cryptKey.KeyVariant
: lmkKs == KeyScheme.Unspecified
? cryptKey.KeyAnsi.StripKeyScheme()
: cryptKey.KeyAnsi;
mr.Append(string.IsNullOrEmpty(_lmkScheme) ? returnedKey.StripKeyScheme() : returnedKey);
mr.Append(_keyCheckValue == "0" ? cryptKey.CheckValue : cryptKey.CheckValue.Substring(0, 6));
return(mr);
}
/// <summary>
/// Process request.
/// </summary>
/// <returns>Response message.</returns>
public override StreamResponse ConstructResponse()
{
var mr = new StreamResponse();
var keyA = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair04_05), false, _keyA);
var keyB = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair04_05), false, _keyB);
var keyC = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair04_05), false, _keyC);
if (!keyA.ClearKey.IsParityOk(Parity.Odd))
{
mr.Append(ErrorCodes.ER_10_SOURCE_KEY_PARITY_ERROR);
return(mr);
}
if (!keyB.ClearKey.IsParityOk(Parity.Odd) || !keyC.ClearKey.IsParityOk(Parity.Odd))
{
mr.Append(ErrorCodes.ER_11_DESTINATION_KEY_PARITY_ERROR);
return(mr);
}
var ks = KeyScheme.Unspecified;
if (!string.IsNullOrEmpty(_keySchemeLmk))
{
if (!ValidateKeySchemeCode(_keySchemeLmk, mr, ref ks))
{
return(mr);
}
if (ks == KeyScheme.TripleLengthKeyAnsi || ks == KeyScheme.TripleLengthKeyVariant)
{
mr.Append(ErrorCodes.ER_26_INVALID_KEY_SCHEME);
return(mr);
}
}
else
{
ks = keyA.ClearHexKey.Scheme;
_keyCheckValue = "0";
}
var clearKey = keyA.ClearKey.XorHex(keyB.ClearKey.XorHex(keyC.ClearKey));
clearKey = clearKey.MakeParity(Parity.Odd);
var cryptKey = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair04_05), true, clearKey);
Log.InfoFormat("Component A (clear): {0}", keyA.ClearKey);
Log.InfoFormat("Component B (clear): {0}", keyB.ClearKey);
Log.InfoFormat("Component C (clear): {0}", keyC.ClearKey);
Log.InfoFormat("Key (clear): {0}", clearKey);
Log.InfoFormat("Key (LMK): {0}",
ks == KeyScheme.DoubleLengthKeyVariant ? cryptKey.KeyVariant: cryptKey.KeyAnsi);
Log.InfoFormat("Check value: {0}",
_keyCheckValue == "0" ? cryptKey.CheckValue : cryptKey.CheckValue.Substring(0, 6));
mr.Append(ErrorCodes.ER_00_NO_ERROR);
mr.Append(ks == KeyScheme.DoubleLengthKeyVariant ? cryptKey.KeyVariant: cryptKey.KeyAnsi);
mr.Append(_keyCheckValue == "0" ? cryptKey.CheckValue : cryptKey.CheckValue.Substring(0, 6));
return(mr);
}
/// <summary>
/// Process request.
/// </summary>
/// <returns>Response message.</returns>
public override StreamResponse ConstructResponse()
{
var mr = new StreamResponse();
KeyTypeCode ktc = null;
if (!ValidateKeyTypeCode(_keyType, mr, ref ktc))
{
return(mr);
}
var ks = KeyScheme.Unspecified;
if (!ValidateKeySchemeCode(_keyScheme, mr, ref ks))
{
return(mr);
}
var zmkKs = KeyScheme.Unspecified;
if (!string.IsNullOrEmpty(_zmkScheme))
{
if (!ValidateKeySchemeCode(_zmkScheme, mr, ref zmkKs))
{
return(mr);
}
}
if (!ValidateAuthStateRequirement(KeyFunction.Generate, ktc.Pair, ktc.Variant, mr))
{
return(mr);
}
var rndKey = string.Empty.RandomKey(ks);
var thalesRndKey = new HexKeyThales(ktc, true, rndKey);
Log.InfoFormat("Key generated (clear): {0}", rndKey);
Log.InfoFormat("Key generated (LMK, ANSI): {0}", thalesRndKey.KeyAnsi);
Log.InfoFormat("Key generated (LMK, Variant): {0}", thalesRndKey.KeyVariant);
Log.InfoFormat("Check value: {0}", thalesRndKey.CheckValue);
mr.Append(ErrorCodes.ER_00_NO_ERROR);
mr.Append(ks == KeyScheme.DoubleLengthKeyAnsi || ks == KeyScheme.TripleLengthKeyAnsi
? thalesRndKey.KeyAnsi
: thalesRndKey.KeyVariant);
if (!string.IsNullOrEmpty(_zmk) && _modeFlag == "1")
{
var zmk = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair04_05), false, _zmk);
if (!zmk.ClearKey.IsParityOk(Parity.Odd))
{
mr.Append(ErrorCodes.ER_10_SOURCE_KEY_PARITY_ERROR);
return(mr);
}
var cryptUnderZmk = zmk.EncryptWithScheme(zmkKs.GetKeySchemeChar() + rndKey);
Log.InfoFormat("ZMK (clear): {0}", zmk.ClearKey);
Log.InfoFormat("Key under ZMK: {0}", zmkKs.GetKeySchemeChar() + cryptUnderZmk);
mr.Append(zmkKs.GetKeySchemeChar() + cryptUnderZmk);
}
mr.Append(thalesRndKey.CheckValue.Substring(0, 6));
return(mr);
}
/// <summary>
/// Process request.
/// </summary>
/// <returns>Response message.</returns>
public override StreamResponse ConstructResponse()
{
var mr = new StreamResponse();
var zpk = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair06_07), false, _zpk);
if (!zpk.ClearKey.IsParityOk(Parity.Odd))
{
mr.Append(ErrorCodes.ER_10_SOURCE_KEY_PARITY_ERROR);
return(mr);
}
var pvk = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair14_15), false, _pvkPair);
if (!pvk.ClearKey.IsParityOk(Parity.Odd))
{
mr.Append(ErrorCodes.ER_11_DESTINATION_KEY_PARITY_ERROR);
return(mr);
}
if (Convert.ToInt32(_checkLen) < 4)
{
mr.Append(ErrorCodes.ER_15_INVALID_INPUT_DATA);
return(mr);
}
if (!_pbFormat.IsPinBlockFormatSupported())
{
mr.Append(ErrorCodes.ER_23_INVALID_PIN_BLOCK_FORMAT_CODE);
return(mr);
}
var pbFormat = _pbFormat.GetPinBlockFormat();
var clearPb = zpk.ClearHexKey.Decrypt(_pinBlock);
var clearPin = clearPb.GetPin(_acct, pbFormat);
if (clearPin.Length < 4 || clearPin.Length > 12)
{
mr.Append(ErrorCodes.ER_24_PIN_IS_FEWER_THAN_4_OR_MORE_THAN_12_DIGITS_LONG);
return(mr);
}
var idx = _pinValData.IndexOf("N", StringComparison.Ordinal);
var expPinValData = _pinValData.Substring(0, idx);
expPinValData = expPinValData + _acct.Substring(_acct.Length - 5, 5);
expPinValData = expPinValData + _pinValData.Substring(idx + 1, _pinValData.Length - idx - 1);
var cryptAcctNum = pvk.ClearHexKey.Encrypt(expPinValData);
var decimalisedAcctNum = cryptAcctNum.Decimalise(_decTable);
var naturalPin = decimalisedAcctNum.Substring(0, Convert.ToInt32(_checkLen));
var derivedPin =
naturalPin.AddWithoutCarry(_offsetValue.Substring(0, _offsetValue.IndexOf("F", StringComparison.Ordinal)));
Log.InfoFormat("PVK (clear): {0}", pvk.ClearKey);
Log.InfoFormat("Expected Natural PIN: {0}", naturalPin);
Log.InfoFormat("Expected Derived PIN: {0}", derivedPin);
mr.Append(derivedPin != clearPin ? ErrorCodes.ER_01_VERIFICATION_FAILURE : ErrorCodes.ER_00_NO_ERROR);
return(mr);
}
