PUT XAUTH KEY

Command Description

The PUT XAUTH KEY command is used to initialize or update the TDES or AES XAUTH keys.

Instance: ACA

Access Condition: PIN or XAUTH1, see VERIFY PIN for PIN authentication and EXTERNAL AUTHENTICATION XAUTH key 1 for XAUTH authentication

Command Message

The following table lists the coding for the PUT XAUTH KEY command message.

CLA

00h

INS

D8h

P1

Key index:

01h: XAUTH key 1

P2

00h

Lc
  • 1Dh to set a TDES key,

  • 15h to set an AES key,

  • 04h to remove the key

Data Field

Key data, see Coding of the Data Field for PUT XAUTH KEY

Le

Empty

Coding of the Data Field for PUT XAUTH KEY

Length Value Description

01h

00h

RFU

01h
  • 03h (TDES ECB)

  • 08h (128-AES ECB)

Algorithm Identifier

01h

  • 0 bytes to remove the corresponding key, in this case the following bytes are absent

  • 19h to put a new TDES key value

  • 11h to put a new AES key value

Length of Key Data Value Field

 

01h
  • 18h for TDES key

  • 10h for AES key

Length of the real Key Data Value

10h or 18h

Key value

Key value

01h

00h

Length of Key check value

Response Message

Data Field Returned in the Response Message

The response message is always empty.

Processing State Returned in the Response Message

The following table lists the processing state returned in the response message.

Status Meaning

6982h

Access condition not satisfied: the PIN or the XAUTH1 key has not been authenticated

9000h

Successful Execution