The parameters for CSNBAPG.
- rule_array_count
| Direction: |
Input |
| Type: |
Integer |
A pointer to an integer variable containing the number of elements in the
rule_array variable. This value must be 0, 1, or 2.
- rule_array
| Direction: |
Input |
| Type: |
String array |
The keywords that provide control information to the verb. The
rule_array keywords are described in Table 1.Table 1. Keywords for Authentication Parameter Generate control
information
Keywords for Authentication Parameter Generate control information
| Keyword |
Description |
| AP Protection Method (One, optional) |
| ENCRYPT |
Specifies that the AP value should be returned encrypted under the
AP_encrypting_key_identifier parameter. This is the default. |
| CLEAR |
Specifies that the AP value should be returned in the
clear. |
| AP Value Format (One,
optional) |
| BCD |
Specifies the output format of the AP as packed binary coded decimal. This is the
default. |
- inbound_PIN_encrypting_key_identifier_length
| Direction: |
Input |
| Type: |
Integer |
Length of the inbound_PIN_encrypting_key_identifier parameter in bytes.
This value must be 64 for CCA DES keys and labels. Otherwise, for TR-31
keys, the value must be at least the actual token length, up to 9992.
- inbound_PIN_encrypting_key_identifier
| Direction: |
Input |
| Type: |
String |
An operational CCA or TR-31 DES key token or the label of such
a token in key storage that is used to decrypt the inbound PIN block. For CCA keys, it must be a double length IPINENC
key. For TR-31 keys, the token must have the following attributes:
- TR-31 key usage: P0
- Algorithm: T
- TR-31 mode of key use: D
If the token supplied was encrypted under the old master key, the token is returned encrypted
under the current master key.
- encrypted_PIN_block
| Direction: |
Input |
| Type: |
String |
The ISO-0 PIN block encrypted with the inbound_PIN_encrypting_key_identifier.
The PIN within the PIN block must be a 5-digit value.
- issuer_domestic_code
| Direction: |
Input |
| Type: |
String |
A 5 byte alphanumeric character string.
- card_secure_code
| Direction: |
Input |
| Type: |
String |
An 8 byte string of digits grouped into two 4 byte sections.
The 4 digits in a section cannot all be zero, for example, the value 0000 is
invalid.
- PAN_data
| Direction: |
Input |
| Type: |
String |
The personal account number (PAN). Must be 12 characters long.
- AP_encrypting_key_identifier_length
| Direction: |
Input |
| Type: |
Integer |
The length of the AP_encrypting_key_identifier parameter in bytes. This
value is 64 when a label is supplied. When the key identifier is a key token, the value is the
length of the token. The maximum value is 9992. The value may be 0 when the
CLEAR rule_array keyword is specified.
- AP_encrypting_key_identifier
| Direction: |
Input |
| Type: |
String |
An internal CCA or TR-31 DES key token or the label of such a token in key storage used to encrypt the
AP_value. For a CCA token, it must be a double length DATA key. For a TR-31 token, it must have the following
attributes:
- TR-31 key usage: D0
- Algorithm: D or T
- TR-31 mode of key use: B or E
If the AP Protection Method was specified as CLEAR keyword in the
rule_array parameter, this parameter is ignored.
If the token supplied
was encrypted under the old master key, the token is returned encrypted under the current master
key.
- AP_value
| Direction: |
Output |
| Type: |
String |
An 8 byte character string containing the generated authentication
parameter.