Function Name Function Code Page
Terminal Master Key Generation
Key Mailer EE0E01 62
Initial Session Key Generation
IT_KEY_GEN EE0400 66
Rollover Session Key Generation
NT_KEY_GEN EE0401 69
Docutel Key Generation
D51-PPK-GEN 47 71
3624 Comms Key Generation
M-DPK-GEN 49 72
Terminal Verification
TERM_VER_2 EE0406 73
DUKPT BDK Generation
BDKGEN EE0408 74
Mark II Programmers Guide Chapter 8
Card Issuance (SHP Toolkit EMV) D
Request Content Length Attribute Description
EE0E01 3 h Function Code
Key Type 1 h Indicates the KM-variant with which the key K is encrypted
KVC Type 1 h 00: Standard Response Content Length Attribute Description
EE0E01 3 h Function Code rc 1 h Return Code
eKMvX(key) Var Key-Spec Encrypted key (Formats: 10, 11, 12, 13, 14)
KVC Var h KVC for the host stored key.
This function generates a random key for an EFT terminal. The available key types are; DPK, PPK, MPK, KIS, KIR, KTM, KPVV, KCVV. The key is supplied in the response, encrypted by a variant of the Domain Master Key (KM), for host storage and subsequent use with other functions (e.g.
Generate session keys). The key is also printed in split form on two envelopes (A and B) for subsequent entry into the terminal.
Notes:
The key-types 10, 13 under the Response Content, are generated when using the Legacy option.
The key-types 10, 11, 12, 13, 14 under the Response Content, are generated based on the chosen operation on console and FM. See, section Function Modifier Values.
The function is controlled by an associated set of console operations that determine various options, including the key type and whether the generated key is single or double length.
FM Function Modifier = x0, x1,x2,x3,
x0 nB in position shown, no additional fields x1 nB moves below nA, no additional fields x2 nB in position shown, additional fields present x3 nB moves below nA, additional fields present
The Host Key Protection using Function Modifier can be in the range of x0, where x= 0, 1, or 2.
Mark II Programmers Guide Chapter 8 EFT Terminal Functions
nA Number of text fields to print on the ‘A’ envelope (max.10).
Line No. This is the number of the line on which the ‘Data’ is to be printed.
It must be in the range of 1 to 40.
Column No. This is the number of the column from which the ‘Data’ is to be printed. It must be in the range of 1 to 120.
Data This is a variable length field that contains the data to be printed.
nB Number of text fields to print on the ‘B’ envelope (max.10).
Key Type This field specifies the type of key that is to be printed and confirms the key type as input at the console. It indicates the KM-variant with which the key is encrypted, as follows:
00: DPK 03: KIS 08: KPVV
01: PPK 04: KIR 09: KCVV 02: MPK 05: KTM
In order to use the value input at the console, with no confirmation, this field must be set to X’FF’.
If key type specified in this field conflicts with that entered at the console, the function will fail with rc = X’28’
This field is only present with FM value 02 and 03.
KVC Type Specifies the method used to calculate the KVC. Initially only a value of zero is supported, indicating the use of the standard method. This field is only present with FM value 02 and 03.
eKMvX(key) “key” may be any of DPK, PPK, MPK, KIS, KIR, KTM, KPVV, KCVV
The particular variant used “X” is dependant upon the key type.
See the section Variants in Chapter 2 Function Construction for details.
Generated key formats are 10, 11, 12, 13, and 14.
ESMID Part of the SHP Toolkit MK2 function call. The ESMID is a pointer to a NULL terminated string that identifies the name of the SafeNet HSM (ESM) to which functions are directed. The SafeNet HSM name is set using the wincommsconfig utility provided as part of the SHP Toolkit product suite.
rc Returns value 28 if the Key Type field conflicts with the key type entered at the console
KVC Key Verification Code of the printed key calculated using the method specified in request field KVC Type. This field is only present with FM value 02 and 03.
Note that each optional item to be printed is defined by appending a set of the fields ‘Line no.’,
‘Column no.’, and ‘Data’ to the host request. Each ‘Data’ character must be printed within the area defined by the size of the key mailer envelope. Also, each ‘Data’ character must not overprint any other defined area (including other defined ‘Data’ areas).
Return code Error condition
02 Illegal Function Code (that is, the Key Mailer facility was not enabled when the
Mark II Programmers Guide Chapter 8 EFT Terminal Functions
0B Printer is not operable.
NOTE
The console operator must exit the key print parameters display in order for the function to execute correctly. An error code of 0B may otherwise be returned.
SHP Toolkit MK2
SHP Toolkit MK2 supports the function when used with FM = 01 03 . int EFT_EE0E01_KeyMailer(
Mark II Programmers Guide Chapter 8 EFT Terminal Functions
_IN UCHAR *LineNo1b,
_IN UCHAR *ColumnNo1b,
_IN EFTBUFFER *Data1b,
_IN UCHAR *LineNo2b,
_IN UCHAR *ColumnNo2b,
_IN EFTBUFFER *Data2b,
_IN UCHAR *LineNo3b,
_IN UCHAR *ColumnNo3b,
_IN EFTBUFFER *Data3b,
_IN UCHAR *LineNo4b,
_IN UCHAR *ColumnNo4b,
_IN EFTBUFFER *Data4b,
_IN UCHAR *LineNo5b,
_IN UCHAR *ColumnNo5b,
_IN EFTBUFFER *Data5b,
_IN UCHAR *LineNo6b,
_IN UCHAR *ColumnNo6b,
_IN EFTBUFFER *Data6b,
_IN UCHAR *LineNo7b,
_IN UCHAR *ColumnNo7b,
_IN EFTBUFFER *Data7b,
_IN UCHAR *LineNo8b,
_IN UCHAR *ColumnNo8b,
_IN EFTBUFFER *Data8b,
_IN UCHAR *LineNo9b,
_IN UCHAR *ColumnNo9b,
_IN EFTBUFFER *Data9b,
_IN UCHAR *LineNo10b,
_IN UCHAR *ColumnNo10b,
_IN EFTBUFFER *Data10b,
_IN UCHAR *KeyType,
_IN UCHAR *KvcType,
OUT KEYSPEC *eKMvX_KEY,
_OUT EFTBUFFER *KVC_Key );
Mark II Programmers Guide Chapter 8 EFT Terminal Functions