/// <summary> /// Process request. /// </summary> /// <returns>Response message.</returns> public override StreamResponse ConstructResponse() { var mr = new StreamResponse(); KeyTypeCode ktc = null; if (!ValidateKeyTypeCode(_keyTypeCode, mr, ref ktc)) { return(mr); } var lmkKs = KeyScheme.Unspecified; if (!ValidateKeySchemeCode(_lmkScheme, mr, ref lmkKs)) { return(mr); } var clearComps = new HexKeyThales[_iNbrComponents]; var clearKey = string.Empty; for (var i = 1; i <= _iNbrComponents; i++) { clearComps[i - 1] = new HexKeyThales(ktc, false, _comps[i - 1]); if (!clearComps[i - 1].ClearKey.IsParityOk(Parity.Odd)) { mr.Append(ErrorCodes.ER_10_SOURCE_KEY_PARITY_ERROR); return(mr); } clearKey = !string.IsNullOrEmpty(clearKey) ? clearKey.XorHex(clearComps[i - 1].ClearKey) : clearComps[i - 1].ClearKey; } clearKey = clearKey.MakeParity(Parity.Odd); var cryptKey = new HexKeyThales(ktc, true, clearKey); for (var i = 1; i <= _iNbrComponents; i++) { Log.InfoFormat("Component {0} (clear): {1}", i, clearComps[i - 1].ClearKey); } Log.InfoFormat("Key (clear): {0}", clearKey); Log.InfoFormat("Check value: {0}", cryptKey.CheckValue); mr.Append(ErrorCodes.ER_00_NO_ERROR); if (lmkKs == KeyScheme.DoubleLengthKeyVariant || lmkKs == KeyScheme.TripleLengthKeyVariant) { mr.Append(cryptKey.KeyVariant); } else { mr.Append(cryptKey.KeyAnsi); } mr.Append(cryptKey.CheckValue.Substring(0, 6)); return(mr); }
/// <summary> /// Process request. /// </summary> /// <returns>Response message.</returns> public override StreamResponse ConstructResponse() { var mr = new StreamResponse(); KeyTypeCode ktc = null; if (!ValidateKeyTypeCode(_keyType, mr, ref ktc)) { return(mr); } var zmkKs = KeyScheme.Unspecified; if (!ValidateKeySchemeCode(_zmkScheme, mr, ref zmkKs)) { return(mr); } if (!ValidateAuthStateRequirement(KeyFunction.Export, ktc.Pair, ktc.Variant, mr)) { return(mr); } var zmk = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair04_05), false, _zmk); if (!zmk.ClearKey.IsParityOk(Parity.Odd)) { mr.Append(ErrorCodes.ER_10_SOURCE_KEY_PARITY_ERROR); return(mr); } var key = new HexKeyThales(ktc, false, _key); if (!key.ClearKey.IsParityOk(Parity.Odd)) { mr.Append(ErrorCodes.ER_11_DESTINATION_KEY_PARITY_ERROR); return(mr); } var cryptKey = zmk.EncryptWithScheme(zmkKs.GetKeySchemeChar() + key.ClearKey); Log.InfoFormat("ZMK (clear): {0}", zmk.ClearKey); Log.InfoFormat("Key (clear): {0}", key.ClearKey); Log.InfoFormat("Key (ZMK): {0}", cryptKey); Log.InfoFormat("Check value: {0}", key.CheckValue); mr.Append(ErrorCodes.ER_00_NO_ERROR); mr.Append(zmkKs != KeyScheme.Unspecified && zmkKs != KeyScheme.SingleLengthKey ? zmkKs.GetKeySchemeChar() : string.Empty); mr.Append(cryptKey); mr.Append(key.CheckValue.Substring(0, 6)); return(mr); }
/// <summary> /// Process request. /// </summary> /// <returns>Response message.</returns> public override StreamResponse ConstructResponse() { var mr = new StreamResponse(); KeyTypeCode ktc = null; if (!ValidateKeyTypeCode(_keyType, mr, ref ktc)) { return(mr); } var lmk = KeyScheme.Unspecified; if (!ValidateKeySchemeCode(_lmkScheme, mr, ref lmk)) { return(mr); } if (!ValidateAuthStateRequirement(KeyFunction.Import, ktc.Pair, ktc.Variant, mr)) { return(mr); } var zmk = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair04_05), false, _zmk); if (!zmk.ClearKey.IsParityOk(Parity.Odd)) { mr.Append(ErrorCodes.ER_10_SOURCE_KEY_PARITY_ERROR); return(mr); } var clearKey = zmk.DecryptWithScheme(_key, _atallaVariant); var warnParity = !clearKey.IsParityOk(Parity.Odd); var newKey = new HexKeyThales(ktc, true, clearKey); var checkValue = newKey.CheckValue; Log.InfoFormat("ZMK (clear): {0}", zmk.ClearKey); Log.InfoFormat("Key (clear): {0}", clearKey); Log.InfoFormat("Key (LMK): {0}", newKey.Key); Log.InfoFormat("Check value: {0}", checkValue); if (warnParity) { Log.WarnFormat("Key {0} does not have odd parity (would be {1})", clearKey, clearKey.MakeParity(Parity.Odd)); } mr.Append(ErrorCodes.ER_00_NO_ERROR); mr.Append(lmk == KeyScheme.DoubleLengthKeyVariant || lmk == KeyScheme.TripleLengthKeyVariant ? newKey.KeyVariant : newKey.KeyAnsi); mr.Append(newKey.CheckValue.Substring(0, 6)); return(mr); }
/// <summary> /// Process request. /// </summary> /// <returns>Response message.</returns> public override StreamResponse ConstructResponse() { var mr = new StreamResponse(); var pvk = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair14_15), false, _pvkPair); if (!pvk.ClearKey.IsParityOk(Parity.Odd)) { mr.Append(ErrorCodes.ER_11_DESTINATION_KEY_PARITY_ERROR); return(mr); } if (Convert.ToInt32(_checkLen) < 4) { mr.Append(ErrorCodes.ER_15_INVALID_INPUT_DATA); return(mr); } var idx = _pinValData.IndexOf("N", StringComparison.Ordinal); var expPinValData = _pinValData.Substring(0, idx); expPinValData = expPinValData + _acct.Substring(_acct.Length - 5, 5); expPinValData = expPinValData + _pinValData.Substring(idx + 1, (_pinValData.Length - (idx + 1))); var cryptAcctNum = pvk.ClearHexKey.Encrypt(expPinValData); var decimalised = cryptAcctNum.Decimalise(_decTable); var naturalPin = decimalised.Substring(0, Convert.ToInt32(_checkLen)); var derivedPin = naturalPin.AddWithoutCarry(_offsetValue.Substring(0, _offsetValue.IndexOf("F", StringComparison.Ordinal))); var cryptPin = Encrypt.EncryptPinForHostStorage(derivedPin); Log.InfoFormat("PVK (clear): {0}", pvk.ClearKey); Log.InfoFormat("Natural PIN: {0}", naturalPin); Log.InfoFormat("Derived PIN: {0}", derivedPin); mr.Append(ErrorCodes.ER_00_NO_ERROR); mr.Append(cryptPin); return(mr); }
/// <summary> /// Process request. /// </summary> /// <returns>Response message.</returns> public override StreamResponse ConstructResponse() { var mr = new StreamResponse(); var zpk = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair06_07), false, _targetKey); if (!zpk.ClearKey.IsParityOk(Parity.Odd)) { mr.Append(ErrorCodes.ER_10_SOURCE_KEY_PARITY_ERROR); return(mr); } if (!_pbFormat.IsPinBlockFormatSupported()) { mr.Append(ErrorCodes.ER_23_INVALID_PIN_BLOCK_FORMAT_CODE); return(mr); } var pbformat = _pbFormat.GetPinBlockFormat(); var clearPin = Encrypt.DecryptPinUnderHostStorage(_pin); if (clearPin.Length < 4 || clearPin.Length > 12) { mr.Append(ErrorCodes.ER_24_PIN_IS_FEWER_THAN_4_OR_MORE_THAN_12_DIGITS_LONG); return(mr); } var clearPb = clearPin.GetPinBlock(_acct, pbformat); var cryptPb = zpk.ClearHexKey.Encrypt(clearPb); Log.InfoFormat("Clear ZPK: {0}", zpk.ClearKey); Log.InfoFormat("Clear PIN: {0}", clearPin); Log.InfoFormat("Clear PIN Block: {0}", clearPb); Log.InfoFormat("Encrypted PIN Block: {0}", cryptPb); mr.Append(ErrorCodes.ER_00_NO_ERROR); mr.Append(cryptPb); return(mr); }
public void VerifyThalesKey(string thalesKey, string keyTypeCode, string expectedKey) { var key = new HexKeyThales(keyTypeCode, false, thalesKey); Assert.AreEqual(expectedKey, key.ClearKey); Assert.AreEqual(key.ClearKey, key.ClearHexKey.Key); if (key.Key.StartsWithKeyScheme()) { var scheme = key.Key.GetKeyScheme(); var otherKey = new HexKeyThales(keyTypeCode, true, key.ClearKey); if (scheme == KeyScheme.DoubleLengthKeyAnsi || scheme == KeyScheme.TripleLengthKeyAnsi) { Assert.AreEqual(otherKey.KeyAnsi, thalesKey); } else { Assert.AreEqual(otherKey.KeyVariant, thalesKey); } } }
/// <summary> /// Process request. /// </summary> /// <returns>Response message.</returns> public override StreamResponse ConstructResponse() { var mr = new StreamResponse(); KeyTypeCode ktc = null; if (!ValidateKeyTypeCode(_keyType, mr, ref ktc)) { return(mr); } var ks = KeyScheme.Unspecified; if (!ValidateKeySchemeCode(_keyScheme, mr, ref ks)) { return(mr); } var rndKey = string.Empty.RandomKey(ks, Parity.Odd); var cryptKey = new HexKeyThales(ktc, true, rndKey); Log.InfoFormat("Key generated (clear): {0}", rndKey); Log.InfoFormat("Key generated (ANSI): {0}", cryptKey.KeyAnsi); Log.InfoFormat("Key generated (Variant): {0}", cryptKey.KeyVariant); AddPrinterData("CLEAR COMPONENT"); AddPrinterData(rndKey); mr.Append(ErrorCodes.ER_00_NO_ERROR); mr.Append(ks == KeyScheme.DoubleLengthKeyVariant || ks == KeyScheme.TripleLengthKeyVariant ? cryptKey.KeyVariant : cryptKey.KeyAnsi); _result = "OK"; return(mr); }
public void TestThalesKeyCheckValue(string thalesKey, string keyTypeCode, string expectedKcv) { var key = new HexKeyThales(keyTypeCode, false, thalesKey); Assert.AreEqual(expectedKcv, key.CheckValue); }
/// <summary> /// Process request. /// </summary> /// <returns>Response message.</returns> public override StreamResponse ConstructResponse() { var mr = new StreamResponse(); var lmkKs = KeyScheme.Unspecified; if (!string.IsNullOrEmpty(_lmkScheme)) { if (!ValidateKeySchemeCode(_lmkScheme, mr, ref lmkKs)) { return(mr); } } else { lmkKs = _comps[0].Length >= 32 ? KeyScheme.DoubleLengthKeyAnsi : KeyScheme.SingleLengthKey; } if (string.IsNullOrEmpty(_keyCheckValue)) { _keyCheckValue = "0"; } var clearKeys = new HexKeyThales[8]; var clearKey = string.Empty; for (var i = 1; i <= _iNbrComponents; i++) { if (!ConfigHelpers.InLegacyMode()) { if (_comps[i - 1].Length % 16 != 0) { Log.Error("Legacy mode is off - key components must be in the form of 16H/32H only."); mr.Append(ErrorCodes.ER_15_INVALID_INPUT_DATA); return(mr); } } clearKeys[i - 1] = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair04_05), false, _comps[i - 1]); if (!clearKeys[i - 1].ClearKey.IsParityOk(Parity.Odd)) { mr.Append(i == 1 ? ErrorCodes.ER_10_SOURCE_KEY_PARITY_ERROR : ErrorCodes.ER_11_DESTINATION_KEY_PARITY_ERROR); return(mr); } clearKey = !string.IsNullOrEmpty(clearKey) ? clearKey.XorHex(clearKeys[i - 1].ClearKey) : clearKeys[i - 1].ClearKey; } clearKey = clearKey.MakeParity(Parity.Odd); var cryptKey = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair04_05), true, clearKey); for (var i = 1; i <= _iNbrComponents; i++) { Log.InfoFormat("Component #{0} (clear): {1}", i, clearKeys[i - 1].ClearKey); } Log.InfoFormat("Key (clear): {0}", clearKey); Log.InfoFormat("Key (LMK): {0}", lmkKs == KeyScheme.DoubleLengthKeyVariant ? cryptKey.KeyVariant : cryptKey.KeyAnsi); Log.InfoFormat("Check value: {0}", _keyCheckValue == "0" ? cryptKey.CheckValue : cryptKey.CheckValue.Substring(0, 6)); mr.Append(ErrorCodes.ER_00_NO_ERROR); var returnedKey = lmkKs == KeyScheme.DoubleLengthKeyVariant ? cryptKey.KeyVariant : lmkKs == KeyScheme.Unspecified ? cryptKey.KeyAnsi.StripKeyScheme() : cryptKey.KeyAnsi; mr.Append(string.IsNullOrEmpty(_lmkScheme) ? returnedKey.StripKeyScheme() : returnedKey); mr.Append(_keyCheckValue == "0" ? cryptKey.CheckValue : cryptKey.CheckValue.Substring(0, 6)); return(mr); }
/// <summary> /// Process request. /// </summary> /// <returns>Response message.</returns> public override StreamResponse ConstructResponse() { var mr = new StreamResponse(); var keyA = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair04_05), false, _keyA); var keyB = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair04_05), false, _keyB); var keyC = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair04_05), false, _keyC); if (!keyA.ClearKey.IsParityOk(Parity.Odd)) { mr.Append(ErrorCodes.ER_10_SOURCE_KEY_PARITY_ERROR); return(mr); } if (!keyB.ClearKey.IsParityOk(Parity.Odd) || !keyC.ClearKey.IsParityOk(Parity.Odd)) { mr.Append(ErrorCodes.ER_11_DESTINATION_KEY_PARITY_ERROR); return(mr); } var ks = KeyScheme.Unspecified; if (!string.IsNullOrEmpty(_keySchemeLmk)) { if (!ValidateKeySchemeCode(_keySchemeLmk, mr, ref ks)) { return(mr); } if (ks == KeyScheme.TripleLengthKeyAnsi || ks == KeyScheme.TripleLengthKeyVariant) { mr.Append(ErrorCodes.ER_26_INVALID_KEY_SCHEME); return(mr); } } else { ks = keyA.ClearHexKey.Scheme; _keyCheckValue = "0"; } var clearKey = keyA.ClearKey.XorHex(keyB.ClearKey.XorHex(keyC.ClearKey)); clearKey = clearKey.MakeParity(Parity.Odd); var cryptKey = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair04_05), true, clearKey); Log.InfoFormat("Component A (clear): {0}", keyA.ClearKey); Log.InfoFormat("Component B (clear): {0}", keyB.ClearKey); Log.InfoFormat("Component C (clear): {0}", keyC.ClearKey); Log.InfoFormat("Key (clear): {0}", clearKey); Log.InfoFormat("Key (LMK): {0}", ks == KeyScheme.DoubleLengthKeyVariant ? cryptKey.KeyVariant: cryptKey.KeyAnsi); Log.InfoFormat("Check value: {0}", _keyCheckValue == "0" ? cryptKey.CheckValue : cryptKey.CheckValue.Substring(0, 6)); mr.Append(ErrorCodes.ER_00_NO_ERROR); mr.Append(ks == KeyScheme.DoubleLengthKeyVariant ? cryptKey.KeyVariant: cryptKey.KeyAnsi); mr.Append(_keyCheckValue == "0" ? cryptKey.CheckValue : cryptKey.CheckValue.Substring(0, 6)); return(mr); }
/// <summary> /// Process request. /// </summary> /// <returns>Response message.</returns> public override StreamResponse ConstructResponse() { var mr = new StreamResponse(); KeyTypeCode ktc = null; if (!ValidateKeyTypeCode(_keyType, mr, ref ktc)) { return(mr); } var ks = KeyScheme.Unspecified; if (!ValidateKeySchemeCode(_keyScheme, mr, ref ks)) { return(mr); } var zmkKs = KeyScheme.Unspecified; if (!string.IsNullOrEmpty(_zmkScheme)) { if (!ValidateKeySchemeCode(_zmkScheme, mr, ref zmkKs)) { return(mr); } } if (!ValidateAuthStateRequirement(KeyFunction.Generate, ktc.Pair, ktc.Variant, mr)) { return(mr); } var rndKey = string.Empty.RandomKey(ks); var thalesRndKey = new HexKeyThales(ktc, true, rndKey); Log.InfoFormat("Key generated (clear): {0}", rndKey); Log.InfoFormat("Key generated (LMK, ANSI): {0}", thalesRndKey.KeyAnsi); Log.InfoFormat("Key generated (LMK, Variant): {0}", thalesRndKey.KeyVariant); Log.InfoFormat("Check value: {0}", thalesRndKey.CheckValue); mr.Append(ErrorCodes.ER_00_NO_ERROR); mr.Append(ks == KeyScheme.DoubleLengthKeyAnsi || ks == KeyScheme.TripleLengthKeyAnsi ? thalesRndKey.KeyAnsi : thalesRndKey.KeyVariant); if (!string.IsNullOrEmpty(_zmk) && _modeFlag == "1") { var zmk = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair04_05), false, _zmk); if (!zmk.ClearKey.IsParityOk(Parity.Odd)) { mr.Append(ErrorCodes.ER_10_SOURCE_KEY_PARITY_ERROR); return(mr); } var cryptUnderZmk = zmk.EncryptWithScheme(zmkKs.GetKeySchemeChar() + rndKey); Log.InfoFormat("ZMK (clear): {0}", zmk.ClearKey); Log.InfoFormat("Key under ZMK: {0}", zmkKs.GetKeySchemeChar() + cryptUnderZmk); mr.Append(zmkKs.GetKeySchemeChar() + cryptUnderZmk); } mr.Append(thalesRndKey.CheckValue.Substring(0, 6)); return(mr); }
/// <summary> /// Process request. /// </summary> /// <returns>Response message.</returns> public override StreamResponse ConstructResponse() { var mr = new StreamResponse(); var zpk = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair06_07), false, _zpk); if (!zpk.ClearKey.IsParityOk(Parity.Odd)) { mr.Append(ErrorCodes.ER_10_SOURCE_KEY_PARITY_ERROR); return(mr); } var pvk = new HexKeyThales(new KeyTypeCode(0, LmkPair.Pair14_15), false, _pvkPair); if (!pvk.ClearKey.IsParityOk(Parity.Odd)) { mr.Append(ErrorCodes.ER_11_DESTINATION_KEY_PARITY_ERROR); return(mr); } if (Convert.ToInt32(_checkLen) < 4) { mr.Append(ErrorCodes.ER_15_INVALID_INPUT_DATA); return(mr); } if (!_pbFormat.IsPinBlockFormatSupported()) { mr.Append(ErrorCodes.ER_23_INVALID_PIN_BLOCK_FORMAT_CODE); return(mr); } var pbFormat = _pbFormat.GetPinBlockFormat(); var clearPb = zpk.ClearHexKey.Decrypt(_pinBlock); var clearPin = clearPb.GetPin(_acct, pbFormat); if (clearPin.Length < 4 || clearPin.Length > 12) { mr.Append(ErrorCodes.ER_24_PIN_IS_FEWER_THAN_4_OR_MORE_THAN_12_DIGITS_LONG); return(mr); } var idx = _pinValData.IndexOf("N", StringComparison.Ordinal); var expPinValData = _pinValData.Substring(0, idx); expPinValData = expPinValData + _acct.Substring(_acct.Length - 5, 5); expPinValData = expPinValData + _pinValData.Substring(idx + 1, _pinValData.Length - idx - 1); var cryptAcctNum = pvk.ClearHexKey.Encrypt(expPinValData); var decimalisedAcctNum = cryptAcctNum.Decimalise(_decTable); var naturalPin = decimalisedAcctNum.Substring(0, Convert.ToInt32(_checkLen)); var derivedPin = naturalPin.AddWithoutCarry(_offsetValue.Substring(0, _offsetValue.IndexOf("F", StringComparison.Ordinal))); Log.InfoFormat("PVK (clear): {0}", pvk.ClearKey); Log.InfoFormat("Expected Natural PIN: {0}", naturalPin); Log.InfoFormat("Expected Derived PIN: {0}", derivedPin); mr.Append(derivedPin != clearPin ? ErrorCodes.ER_01_VERIFICATION_FAILURE : ErrorCodes.ER_00_NO_ERROR); return(mr); }