Appendix d. command examples – MagTek Bluetooth MagneSafe V5 Swipe Reader User Manual
Page 75
67
APPENDIX D. COMMAND EXAMPLES
This Appendix gives examples of command sequences and cryptographic operations. The intent is to clarify
any ambiguities the user might find in the body of the document. Each example shows a sequence as it actually
runs, thus the user can check algorithms against the examples to assure they are computing correctly.
Example 1: Changing from Security Level 3 to Security Level 4:
; This script demonstrates changing from Security Level 3 to Security Level 4.
; It assumes the reader is at Security Level 3 with the ANSI X9.24 Example
; key loaded and the KSN counter set to 2.
09 00 ; Get current KSN (should be FFFF9876543210E00002)
Request : CMND=09, LEN=00, DATA=
Response : RC= 00, LEN=0A, DATA=FF FF 98 76 54 32 10 E0 00 02
; For KSN 2, MAC Key: C46551CEF9FDDBB0 AA9AD834130DC4C7
;
; The command to change Security Level looks like: 15 05 04 nnnnnnnn
; where nnnnnnnn is the MAC.
;
; The data to be MACd is: 15 05 04
; Data to be MACd must be in blocks of eight bytes, so we left justify and
; zero fill the block to get: 15 05 04 00 00 00 00 00 (This is the block to MAC)
; For convenience show it as the compacted form: 1505040000000000
;
; The MAC algorithm run with this data uses the following cryptographic
; operations:
;
; Single DES Encrypt the data to be MACd with the left half of the MAC Key:
; 1505040000000000 1DES Enc with C46551CEF9FDDBB0 = 735323A914B9482E
;
; Single DES Decrypt the result with the right half of the MAC Key:
; 735323A914B9482E 1DES Dec with AA9AD834130DC4C7 = 390E2E2AC8CB4EE6
;
; Single DES Encrypt the result with the left half of the MAC Key:
; 390E2E2AC8CB4EE6 1DES Enc with C46551CEF9FDDBB0 = D9B7F3D8064C4B26
;
; The leftmost four bytes of the final result are the MAC = D9B7F3D8
;
; Send the MACd Set Security Level command
15 05 04 D9B7F3D8
Request : CMND=15, LEN=05, DATA=04 D9 B7 F3 D8
Response : RC= 00, LEN=00, DATA=
02 00 ; Reset so changes take effect
Request : CMND=02, LEN=00, DATA=
Response : RC= 00, LEN=00, DATA=
Delay : (waited 5 seconds)
09 00 ; Get current KSN (should be FFFF9876543210E00003)
Request : CMND=09, LEN=00, DATA=
Response : RC= 00, LEN=0A, DATA=FF FF 98 76 54 32 10 E0 00 03
15 00 ; Get current Security Level (Should be 04)
Request : CMND=15, LEN=00, DATA=
Response : RC= 00, LEN=01, DATA=04