The parameters for CSNBDPT.
- rule_array_count
-
| Direction: |
Input |
| Type: |
Integer |
A pointer to an integer variable containing the number of elements in the
rule_array variable. This value must be 0.
- rule_array
-
| Direction: |
Input |
| Type: |
String array |
There are no keywords for this service.
- card_p_data_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the card_p_data parameter. The
value must be in the range 2 - 256.
- card_p_data
-
| Direction: |
Input |
| Type: |
String |
The time-invariant card data (CDp), determined by the card issuer, which is used to
differentiate between multiple cards for one account.
- card_t_data_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the card_t_data parameter. The
value must be in the range 2 - 256.
- card_t_data
-
| Direction: |
Input |
| Type: |
String |
The time-sensitive card data, determined by the card issuer, which, together with the
account number and the card_p_data, specifies an individual
card.
- new_PAN_data_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the new_PAN_data parameter. The
value must be in the range 10 - 19.
- new_PAN_data
-
| Direction: |
Input |
| Type: |
String |
The new personal account number (in character string form) to which the PIN is
associated. The full account number, including check digit, should be included.
- new_card_p_data_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the new_card_p_data parameter.
The value must be in the range 2 - 256.
- new_card_p_data
-
| Direction: |
Input |
| Type: |
String |
The time-invariant card data (CDp), determined by the card issuer, which is used to
differentiate between multiple cards for one account.
- PIN_reference_value_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the PIN_reference_value
parameter. The value must be 16.
- PIN_reference_value
-
| Direction: |
Input |
| Type: |
String |
The 16-byte PIN reference value for comparison to the calculated value.
- PRW_random_number_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the PRW_random_number
parameter. The value must be 4.
- PRW_random_number
-
| Direction: |
Input |
| Type: |
String |
The 4-byte random number associated with the PIN reference value.
- current_encrypted_PIN_block_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the current_encrypted_PIN_block
parameter. The value must be 32.
- current_encrypted_PIN_block
-
| Direction: |
Input |
| Type: |
Integer |
The 32-byte encrypted PIN block in PBF-1 format of the current PIN.
- current_PIN_block_MAC_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the current_PIN_block_MAC
parameter. The value must be 8.
- current_PIN_block_MAC
-
| Direction: |
Input |
| Type: |
String |
The 8-byte MAC of the current encrypted PIN block and the
card_p_data.
- PRW_key_identifier_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the PRW_key_identifier
parameter. If PRW_key_identifier contains a label, the length
must be 64. Otherwise, the value must at least the actual token length, up to 725.
- PRW_key_identifier
-
| Direction: |
Input |
| Type: |
String |
The identifier of the PRW verifying key. The key identifier is an operational token
or the key label of an operational token in key storage. The key algorithm of this key
must be AES, the key type must be PINPRW, the key usage fields must indicate VERIFY,
CMAC, and DKPINOP.
If the token supplied was encrypted under the old master key, the token is returned
encrypted under the current master key.
- IPIN_encryption_key_identifier_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the
IPIN_encryption_key_identifier parameter. If the
IPIN_encryption_key_identifier contains a label, the length
must be 64. Otherwise, the value must be at least the actual token length, up to 725.
- IPIN_encryption_key_identifier
-
| Direction: |
Input/Output |
| Type: |
String |
The identifier of the key to decrypt the PIN block containing the current PIN. The
key identifier is an operational token or the key label of an operational token in key
storage. The key algorithm of this key must be AES, the key type must be PINPROT, and
the key usage fields must indicate DECRYPT, CBC, and DKPINOP.
If the token supplied was encrypted under the old master key, the token is returned
encrypted under the current master key.
- IEPB_MAC_key_identifier_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the IEPB_MAC_key_identifier
parameter. If the IEPB_MAC_key_identifier contains a label, the
length must be 64. Otherwise, the value must be at least the actual token length, up to
725.
- IEPB_MAC_key_identifier
-
| Direction: |
Input/Output |
| Type: |
String |
The identifier of the key to verify MAC of the inbound encrypted PIN block. The key
identifier is an operational token or the key label of an operational token in key
storage. The key algorithm of this key must be AES, the key type must be MAC, and the
key usage fields must indicate CMAC. VERIFY, and DKPINOP.
If the token supplied was encrypted under the old master key, the token is returned
encrypted under the current master key.
- OPIN_encryption_key_identifier_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the
OPIN_encryption_key_identifier parameter. If the
OPIN_encryption_key_identifier contains a label, the length
must be 64. Otherwise, the value must be at least the actual token length, up to 725.
- OPIN_encryption_key_identifier
-
| Direction: |
Input/Output |
| Type: |
String |
The identifier of the key to encrypt the new PIN block. The key identifier is an
operational token or the key label of an operational token in key storage. The key
algorithm of this key must be AES, the key type must be PINPROT, and the key usage
fields must indicate ENCRYPT, CBC, and DKPINAD1.
If the token supplied was encrypted under the old master key, the token is returned
encrypted under the current master key.
- OEPB_MAC_key_identifier_length
-
| Direction: |
Input |
| Type: |
Integer |
Specifies the length in bytes of the OEPB_MAC_key_identifier
parameter. If the OEPB_MAC_key_identifier contains a label, the
length must be 64. Otherwise, the value must be at least the actual token length, up to
725.
- OEPB_MAC_key_identifier
-
| Direction: |
Input/Output |
| Type: |
String |
The identifier of the key to generate the MAC of the new encrypted PIN block. The key
identifier is an operational token or the key label of an operational token in key
storage. The key algorithm of this key must be AES, the key type must be MAC, and the
key usage fields must indicate CMAC, GENONLY, and DKPINAD1.
If the token supplied was encrypted under the old master key, the token is returned
encrypted under the current master key.
- new_encrypted_PIN_block_length
-
| Direction: |
Input/Output |
| Type: |
Integer |
Specifies the length in bytes of the new_encrypted_PIN_block
parameter. The value must be at least 32. On output, it is set to 32.
- new_encrypted_PIN_block
-
| Direction: |
Output |
| Type: |
String |
The 32-byte encrypted new PIN block.
- new_PIN_block_MAC_length
-
| Direction: |
Input/Output |
| Type: |
Integer |
Specifies the length in bytes of the new_PIN_block_MAC
parameter. The value must be at least 8.
- new_PIN_block_MAC
-
| Direction: |
Output |
| Type: |
String |
The 8-byte MAC of the new encrypted PIN block.