The parameters for CSNBDPV.
- rule_array_count
-
| Direction: |
Input |
| Type: |
Integer |
A pointer to an integer variable containing the number of elements in the
rule_array variable. This value must be 0.
- rule_array
-
| Direction: |
Input |
| Type: |
String array |
A pointer to a string variable containing an array of keywords that control the processing
of the verb. Each element in the array must contain a valid keyword that is left-aligned and padded
on the right as needed with space characters. The keyword must be in eight bytes of contiguous
storage, left-aligned, and padded on the right with blanks. The rule_array
keywords are described in Table 1Table 1. Keywords for DK PIN Verify control information
Keywords for DK PIN Verify control information
| Keyword |
Description |
| PIN-block format (One, optional) |
| ISO-1 |
Specifies that the PIN block identified by the ISO_encrypted_PIN_block
parameter is in the ISO-1 format. This is the default. |
| ISO-4 |
Specifies that the PIN block identified by the ISO_encrypted_PIN_block
parameter is in the ISO-4 format. |
- PAN_data_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the PAN_data parameter. The value
must be in the range 10 - 19.
- PAN_data
-
| Direction: |
Input |
| Type: |
String |
The PAN data which the PIN is associated. The full account number, including check digit,
should be included.
- card_data_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the card_data parameter. The value
must be in the range 4 - 512.
- card_data
-
| Direction: |
Input |
| Type: |
String |
The time-invariant card data (CDp) and the time-sensitive card data (CDt) which, together
with the account number, specifies an individual card.
- PIN_reference_value_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the PIN_reference_value parameter.
This value must be 16.
- PIN_reference_value
-
| Direction: |
Input |
| Type: |
String |
The 16-byte PIN reference value for comparison to the calculated value.
- PRW_random_number_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the PRW_random_number parameter. The
value must be 4.
- PRW_random_number
-
| Direction: |
Input |
| Type: |
String |
The 4-byte random number associated with the PIN reference value.
- ISO_encrypted_PIN_block_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length of data in bytes in the
ISO_encrypted_PIN_block parameter. The value must be 8 for ISO-1 or 16 for
ISO-4.
- ISO_encrypted_PIN_block
-
| Direction: |
Input |
| Type: |
String |
A pointer to a string variable containing the encrypted PIN block in ISO-1 or ISO-4
format from which to extract the PIN.
- PRW_key_identifier_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the PRW_key_identifier parameter. If
the PRW_key_identifier contains a label, the length must be 64. Otherwise, the
value must be at least the actual token length, up to 725.
- PRW_key_identifier
-
| Direction: |
Input/Output |
| Type: |
String |
The identifier of the key to verify the PIN reference value. The key identifier is an
operational token or the key label of an operational token in key storage. The key algorithm of this
key must be AES, the key type must be PINPRW, and the key usage fields must indicate VERIFY, CMAC,
and DKPINOP. If the token supplied was encrypted under the old master key, the token is be
returned encrypted under the current master key.
- IPIN_encryption_key_identifier_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the
IPIN_encryption_key_identifier parameter. Set the value to 64 for an ISO-1
PIN-block, or a maximum of 3500 for an ISO-4 PIN-block. A key label must be at least 64 bytes, and
only the first 64 bytes of a key label are used.
- IPIN_encryption_key_identifier
-
| Direction: |
Input/Output |
| Type: |
String |
A pointer to a string variable containing an operational fixed-length Triple-DES key-token or the
key label of such a record in DES key-storage or, beginning with Release 5.4, an operational
variable-length AES key-token or the key label of such a record in AES key-storage. The key token
contains the inbound PIN encryption key used to recover the PIN from the ISO encrypted PIN
block.
If the PIN block is in ISO-1 format, the key token must have a key type of IPINENC. In addition,
the control vector must enable the verification of an encrypted PIN (EPINVER, CV bit 19 = B'1').
If the PIN block is in ISO-4 format, the key token must have a token algorithm of AES and a key
type of PINPROT. In addition, the key usage fields must have the encryption operation set so that
the key can be used for decryption but not encryption (DECRYPT), the encryption mode must be Cipher
Block Chaining (CBC), the common control usage set to no field format specification (NOFLDFMT), and
the inbound function usage set so that the key can be used to verify an encrypted PIN (EPINVER).