The parameters for CSNBDPMT.
- rule_array_count
-
| Direction: |
Input |
| Type: |
Integer |
A pointer to an integer variable containing the number of elements in the
rule_array variable. This value must be 0.
- rule_array
-
| Direction: |
Input |
| Type: |
String array |
A pointer to a string variable containing an array of keywords that control the processing
of the verb. Each element in the array must contain a valid keyword that is left-aligned and padded
on the right with space characters. The keyword must be in eight bytes of contiguous storage,
left-aligned, and padded on the right with blanks. The rule_array keywords
are described in Table 1:Table 1. Keywords for DK PAN Modify in Transaction control information
Keywords for DK PAN Modify in Transaction control information
| Keyword |
Description |
| PIN-block format (One, optional) |
| ISO-1 |
Specifies that the PIN block identified by the ISO_encrypted_PIN_block
parameter is in the ISO-1 format. This is the default. |
| ISO-4 |
Specifies that the PIN block identified by the ISO_encrypted_PIN_block
parameter is in the ISO-4 format. |
- current_PAN_data_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the current_PAN_data parameter. The
value must be in the range 10 - 19.
- current_PAN_data
-
| Direction: |
Input |
| Type: |
String |
The current PAN data associated with the PIN. The full account number, including check
digit, should be included.
- new_PAN_data_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the new_PAN_data parameter. The value
must be in the range 10 - 19.
- new_PAN_data
| Direction: |
Output |
| Type: |
Integer |
The new PAN data to be associated with the PIN. The full account number, including check
digit, should be included.
- current_card_p_data_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the current_card_p_data parameter.
The value must be in the range 2 - 256.
- current_card_p_data
-
| Direction: |
Input |
| Type: |
String |
The time-invariant card data (CDp) of the current account, determined by the card issuer.
- current_card_t_data_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the current_card_t_data parameter.
The value must be in the range 2 - 256.
- current_card_t_data
-
| Direction: |
Input |
| Type: |
String |
The time-sensitive card data of the current account, determined by the card issuer.
- new_card_p_data_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the new_card_p_data parameter. The
value must be in the range 2 - 256.
- new_card_p_data
-
| Direction: |
Input |
| Type: |
String |
The time-invariant card data (CDp) of the current account, determined by the card issuer.
- new_card_t_data_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the new_card_t_data parameter. The
value must be in the range 2 - 256.
- new_card_t_data
-
| Direction: |
Input |
| Type: |
String |
The time-sensitive card data of the current account, determined by the card issuer.
- CMAC_FUS_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the CMAC_FUS parameter. The value
must be in the range 8 - 16.
- CMAC_FUS
-
| Direction: |
Input |
| Type: |
String |
The 8-byte to 16-byte MAC that was generated from the current and new PANs and card data
strings and PIN reference values. The MAC is generated using the DK PRW CMAC Generate service.
- ISO_encrypted_PIN_block_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length of data in bytes in the
ISO_encrypted_PIN_block parameter. The value must be 8 for ISO-1 or 16 for
ISO-4.
- ISO_encrypted_PIN_block
-
| Direction: |
Input |
| Type: |
String |
A pointer to a string variable containing the encrypted PIN block in ISO-1
or ISO-4 format from which to extract the PIN.
- current_PIN_reference_value_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the current_PIN_reference_value
parameter. The value must be 16.
- current_PIN_reference_value
-
| Direction: |
Input |
| Type: |
String |
The 16-byte PIN reference value for comparison to the calculated value.
- current_PRW_random_number_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the current_PRW_random_number
parameter. The value must be 4.
- current_PRW_random_number
-
| Direction: |
Input |
| Type: |
String |
The 4-byte random number associated with the PIN reference value.
- CMAC_FUS_key_identifier_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the CMAC_FUS_key_identifier
parameter. If CMAC_FUS_key_identifier contains a label, the length must be 64.
Otherwise, the value must be at least the actual token length, up to 725.
- CMAC_FUS_key_identifier
-
| Direction: |
Input |
| Type: |
String |
The identifier of the key to verify the CMAC_FUS value. The key
identifier is an operational token or the key label of an operational token in key storage. The key
algorithm of this key must be AES, the key type must be MAC, and the key usage fields must indicate
VERIFY, CMAC, and DKPINAD2. If the token supplied was encrypted under the old master key, the
token is returned encrypted under the current master key.
- IPIN_encryption_key_identifier_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the IPIN_encryption_key_identifier
parameter. Set the value to 64 for an ISO-1 PIN-block, or a maximum of 3500 for an ISO-4 PIN-block.
A key label must be at least 64 bytes, and only the first 64 bytes of a key label are used.
- IPIN_encryption_key_identifier
-
| Direction: |
Input |
| Type: |
String |
A pointer to a string variable containing an operational fixed-length Triple-DES key-token or the
key label of such a record in DES key-storage or, beginning with Release 5.4, an operational
variable-length AES key-token or the key label of such a record in AES key-storage. The key token
contains the inbound PIN encryption key used to recover the PIN from the ISO encrypted PIN
block.
If the PIN block is in ISO-1 format, the key token must have a key type of IPINENC. In addition,
the control vector must enable the verification of an encrypted PIN (EPINVER, CV bit 19 = B'1').
If the PIN block is in ISO-4 format, the key token must have a token algorithm of AES and a key
type of PINPROT. In addition, the key usage fields must have the encryption operation set so that
the key can be used for decryption but not encryption (DECRYPT). The encryption mode must be Cipher
Block Chaining (CBC), the common control usage set to no field format specification (NOFLDFMT), and
the inbound function usage set so that the key can be used to verify an encrypted PIN (EPINVER).
- PRW_key_identifier_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the PRW_key_identifier parameter. If
PRW_key_identifier contains a label, the length must be 64. Otherwise, the
value must be at least the actual token length, up to 725.
- PRW_key_identifier
-
| Direction: |
Input |
| Type: |
String |
The identifier of the key to verify the input PRW. The key identifier is an operational
token or the key label of an operational token in key storage. The key algorithm of this key must be
AES, the key type must be PINPRW, and the key usage fields must indicate VERIFY, CMAC, and DKPINOP.
If the token supplied was encrypted under the old master key, the token is returned encrypted
under the current master key.
- new_PRW_key_identifier_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the new_PRW_key_identifier parameter.
If new_PRW_key_identifier contains a label, the length must be 64. Otherwise,
the value must be at least the actual token length, up to 725.
- new_PRW_key_identifier
-
| Direction: |
Input |
| Type: |
String |
The identifier of the key to generate the new PRW. The key identifier is an operational
token or the key label of an operational token in key storage. The key algorithm of this key must be
AES, the key type must be PINPRW, and the key usage fields must indicate GENONLY, CMAC, and DKPINOP.
If the token supplied was encrypted under the old master key, the token is returned encrypted
under the current master key.
- new_PIN_reference_value_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the new_PIN_reference_value
parameter. The value must be at least 16. On output, it is set to 16.
- new_PIN_reference_value
-
| Direction: |
Input |
| Type: |
String |
The 16-byte new PIN reference value.
- new_PRW_random_number_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the new_PRW_random_number parameter.
The value must be at least 4. On output, it is set to 4.
- new_PRW_random_number
-
| Direction: |
Input |
| Type: |
String |
The 4-byte random number associated with the new PIN reference value.