1. 技术文章
  2. ZPK Encryption ISO format 9594-1 Format 0

ZPK Encryption ISO format 9594-1 Format 0

人盡茶涼 提交于 2019-12-23 05:01:53

问题


I need to integrate our IVR with ATM switch. In this case IVR needs to send pin block formed in ISO format 9594-1 Format 0 only (Zone pin key – Pin encryption). WE have Clear component - 1 ,2, & 3 & ZMK - Key check value. I need to know steps to generate PIN Block format 0 using ZPK encryption. Also as I am beginner need to know the role played here of clear component & ZMK .


回答1:


Here is some javascript that will encrypt a pin into a Format-0 (PAN-free) pinblock. In this example it is creating a random DES ZPK (zone pin key), but you can use a fixed zone pin key if you wish. It is also using CryptoJS.

(I have an example in C# if you need it)

_createPinblockFromPin: function(pin) {

    var pinBlockString = "1" + pin.length.toString() + pin;
    while (pinBlockString.length < 16) {

        var r = encoding.b2h((Math.random() * 0x100) & 255);
        pinBlockString += r.toString(8).toUpperCase();
    }
    return pinBlockString;
}

_createZpk: function() {

    var key = CryptoJS.enc.Hex.stringify(CryptoJS.lib.WordArray.random(16));
    return key.toUpperCase();
}

_encryptPinBlock: function(clearPinBlockHex, zpkHex) {

    var clearPinBlock = CryptoJS.enc.Hex.parse(clearPinBlockHex);
    var key = CryptoJS.enc.Hex.parse(zpkHex);

    key.words[4] = key.words[0];
    key.words[5] = key.words[1];

    var iv = CryptoJS.lib.WordArray.create(64 / 8);
    var options = { iv: iv, mode: CryptoJS.mode.ECB, padding: CryptoJS.pad.NoPadding };
    var encrypted = CryptoJS.TripleDES.encrypt(clearPinBlock, key, options);
    var encryptedHex = encrypted.toString().toUpperCase();

    return encryptedHex;
}

Usage is:

var clearPinBlock = this._createPinblockFromPin(pin);
var clearZpk = this._createZpk();
var ePinBlock = this._encryptPinBlock(clearPinBlock, clearZpk);

Here is a c# example that used BouncyCastle.net

// create zpk
var keyGenParams = new KeyGenerationParameters(new SecureRandom(), 128);
var keyGen = new DesEdeKeyGenerator();
keyGen.Init(keyGenParams);
var zpk = keyGen.GenerateKey();
System.Diagnostics.Debug.WriteLine($"zpk->{DataFormatter.ToHexString(zpk)}");

// create pinblock
var random = new Random();
var pinString = $"1{pin.Length}{pin}";
while (pinString.Length < 16) pinString += random.Next(0, 9).ToString();
var pinBlock = DataFormatter.HexStringToByteArray(pinString);

System.Diagnostics.Debug.WriteLine($"clearPinBlock->{DataFormatter.ToHexString(pinBlock)}");

// encrypt pinblock
var pinBlockZpk = new byte[8];
var keyParam = new DesEdeParameters(zpk);
var desEngine1 = new DesEdeEngine();
desEngine1.Init(true, keyParam);
desEngine1.ProcessBlock(pinBlock, 0, pinBlockZpk, 0);
System.Diagnostics.Debug.WriteLine($"pinBlockZpk->  {DataFormatter.ToHexString(pinBlockZpk)}");

Note that DataFormatter.ToHexString() is just a utility to convert a byte[] to a hex string for diagnostics.



来源:https://stackoverflow.com/questions/45438642/zpk-encryption-iso-format-9594-1-format-0

标签
encryption
ivr
hsm
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!