Table of Contents |
---|
Objectives, PKI901:
- All necessary settings loading after PKI loading : Certificates Ready; RKI-KEK Ready; Secure Key(s) (Optionally) Ready (i.e. After the process of PKI001 → PKI002 → PKI003 done)
- Non-PKI stuffs loading functions support - Example: TransArmor Certificates.
- EMV L2 Customized Settings support - Example: Encryption Mode(MSR/MSD; EMV) Enable
- Customized ViVOTech2 IDG Commands Frame Send/Recv Loader.
Objectives - 2nd, PKI901.White List Editor:
- To provide the editor of SMFG+SMSG white list (timestamp version) send frame.
User Guide - PKI901
Version | Date | Comments | Approved |
---|---|---|---|
| Add RS232 interface & troubleshooting support | ||
|
|
User Guide - PKI901, White List Editor Version
(Branch from PKI901 V1.01.007)
Version | Date | Comments | Approved |
---|---|---|---|
PKI901_WhiteListEditor_UserGuide.txt - Draft 01 |
| Initial Draft Version | |
Supported Platforms:
NEO 2.0
AR 3.0.0
Note 01 - What are PEM, CRT, CER, and DER ?
Ref Link : http://www.gtopia.org/blog/2010/02/der-vs-crt-vs-cer-vs-pem-certificates/
Supported Model List
- Function Matrix Information. 502 - Wiki : PKI901PKI
- Trans Armor definitions.
Product | Comment |
---|---|
VP5300 |
SPTP2-988-33-2C-0C (Production) PEM download : PEM_SPTP2-988-33-2C-0C.7z | |
IDT-CERT-P-2-T01 rev A | Cert;Prod;TransArmor;Root;2048 |
IDT-CERT-P-2-T02 rev A | Cert;Prod;TransArmor;CA;2048 |
|
|
SPTP2-988-33-2CD-0C (Demo) PEM Download : PEM_SPTP2-988-33-2CD-0C.7z | |
IDT-CERT-P-2-T01 rev A | Cert;Prod;TransArmor;Root;2048 |
IDT-CERT-T-2-T02 rev 50 | Cert;Test;TransArmor;CA;2048 |
|
Removed request. |
When to use PKI901 ?
Stage 01.Production Assembly →
Stage 02.Run TS for Production Test, PASSED →
Stage 03.PKI Process (PKI001~003 or more), Download default IDTech Certificates and default IDTech Keys →
Stage 04.Run (*01) PKI901 (Customized Configurations) Tool. → Done.
Note *01. Shanghai Team developed the Configuration Mode in Universal TS (UTS).
Note 02. Please reference Part Number List in the confluence page: 502 - Wiki : PKI901PKI
ToDo List
1.PID XML Config File Supports.
File Name: "NEO2_Devices.xml"
External / Reference Libraries
Item | Description |
---|---|
OpenSSL | OpenSSL tool ("openssl.exe") is used for PEM to DER openssl x509 -outform der -in CERTIFICATE.pem -out CERTIFICATE.der Note: if Visual C++ Redistributable Packages is required, please download it from Microsoft website. |
TA Certificate Check Command |
Download List 2 - PKI901 for white list version
Ver | Ref IDG Commands | Production Cert Name List TA Root CA Cert: TACA TA Interm CA Cert: TACAP1 Demo Cert Name List |
---|
Download List 2 - PKI901 for white list version
Ver | Date | Description | Approved | |
---|---|---|---|---|
V 1.01. | 007008 | |||
| 1.Fixed issues. 1.a white list one entry parsing issue in PAN/BIN or AID List. 1.b Unsigned data structure issue. 1.b.1 old: <Main><Sub><(*), 2 bytes><(*) 2 bytes><time stamp><(*)2 bytes, TLV data size><TLVs(white list)><(*) 2 bytes><RSA.SHA1-Dev Signed data, 256 bytes> 1.b.2 correct: <Main><Sub><time stamp><TLVs(white list)> 2.Functions Added 2.1 ViVOTech2 Send Frame in #09 ================== Running Steps
==(Part II - Make Binary File to be signed, A02)== 1.A PIN(PAN) WhiteList Tag Invalid : DFEE21 Correct : DFEF21
1.B AID WhiteList Tag Invalid : DFEE22 Correct : DFEF22 | |||
V1.01.007 | ||||
| 1.Fixed issues. 1.a white list one entry parsing issue in PAN/BIN or AID List. 1.b Unsigned data structure issue. 1.b.1 old: <Main><Sub><(*), 2 bytes><(*) 2 bytes><time stamp><(*)2 bytes, TLV data size><TLVs(white list)><(*) 2 bytes><RSA.SHA1-Dev Signed data, 256 bytes> 1.b.2 correct: <Main><Sub><time stamp><TLVs(white list)> 2.Functions Added 2.1 ViVOTech2 Send Frame in #09 ================== Running Steps | |||
| Tab Pan A01, V1.01.008Tab Pane A02PKI901_WhiteListEditor_UserGuide.txt UI Items:
@Kevin Vo white list examples |
Download List
UMFG/SMFG RKI IDG Command Spec which contains white list relatives. RE Discuss Whitelist - UMFG.SMFG.RKI -IDG Cmd.msg |
Download List
Ver | Date | Description | Approved by PN List / Version | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
V 1.01.007 | TE-823
Jira Legacy | | |||||||||||||
server | ID TECH - JIRA | ||||||||||||||
columnIds | issuekey,summary,issuetype,created,updated,duedate,assignee,reporter,priority,status,resolution | ||||||||||||||
columns | key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution | ||||||||||||||
serverId | 5c72af4b-e2b8-3562-b028-6bcef8f5fab0 | key | TE-593
|
Jira Legacy | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
|
- 1.New P/N
IDVV-580801PD-KT - VP6300 : TA Cert Root+Interm, Encryption Mode ON Set/Check
IDVV-581821PD-KT - VP6300 : TA Cert Root+Interm
IDVV-580801 : TA Cert Root+Interm
IDVV-580801-C1 : TA Cert Root+Interm
IDVV-580821 : TA Cert Root+Interm
- 2.Updated P/N :
+TransArmor Injection
IDVV-580801P : TA Cert Root+Interm
IDVV-580801CP : TA Cert Root+Interm
IDVV-580801PD : TA Cert Root+Interm(Demo)
[+] SPTP2-988-33-2C-EC : TA Cert Root+Interm
[+] SPTP2-988-33-2CD-EC: TA Cert Root+Interm (Interm = Demo Version)
1.P/N List Updated
[+] 80152001-003 - VP5300 : TA Cert Root+Interm
[+] 80152001-005 - VP5300 : TA Cert Root+Interm
------------------
[+] 80152001-004 - VP5300 : TA Cert Root+Interm (Demo:Mid)
[+] 80152001-006 - VP5300 : TA Cert Root+Interm (Demo:Mid)
- V 1.01.007-C05, 2019 May 14. goofy.liu
1.Adding Tx/Rx Retrying to prevent from broken send frame.
Using thread-safe mechanism.
- 1.P/N List
[M] IDVV-580801-TL, Script File Check
before all kind of EMV L2 commands being executed...
(a)Adding 04-0A Reset to Default and System Upexecution.
(b)Adding Waiting Timer for the DUT system up
(c)Adding Connection / Disconnection command b
- 1.P/N List
[M] IDVV-580801-TL, Script File Check
mode scope : [QC]+ [QC-US]
Adding DFEE38(08) + 5F2A(0949) checks in System Groups...
group scope: 00, 80, 90, A0, B0, C0, D0,
- 1.P/N List Updated
[M] IDVV-580801-TL
Removed MSR/MSD/EMV Security Flag Check in the script file.
- 1.P/N List Updated
[+] IDVV-580801-TL,
Global TLVs Set & Checks, Turkish
A. Set Turkish Language: Change tag DFEE38 to “08”
B. Set Turkish Currency: Change tag 5F2A for all groups and AIDs to “0949”.
V 1.01.006
goofy.liuV 1.01.006-C01, 2019 Aug 14. goofy.liu
1.P/N Updated, [X] = Removed
[X]IDEM-841RPD - : TA Cert Interm, TA Cert DEK. [X]TA Cert Root-N/A
[X]IDEM-851RPD - : TA Cert Interm, TA Cert DEK. [X]TA Cert Root-N/A
[X]IDEM-241RP - Augusta
[X]IDEM-241RPD - Augusta
[X]IDEM-251RP - Augusta
[X]IDEM-251RPD - Augusta
[X]IDEM-841RP - Augusta S
[X]IDEM-841RPD - Augusta S
[X]IDEM-851RP - Augusta S
[X]IDEM-851RPD - Augusta S
2.Updated UI Display
a. PASS, S/N
FAIL, S/N
V 1.01.005
- 1.P/N Updated
[+] IDVV-580909CP, TransArmor-RI, Non-SRED, Encryption Mode ON(EMV+MSD/MSR)
A.Product: VP6300
[FWInfo] = VP6300 FW v1.00.048.0319 Test
USB Boot Loader Version : 31 2E 31 32, 1.12
[+]IDVV-580801PD, IDVV-580909CP, and IDVV-580909CP-US.
C7-36, C7-37 for Encryption Mode Set/Check
V1.01.004
- IDVV-581801P - VP6300 : TA Cert Root, TA Cert Interm
- IDVV-581821P - VP6300 : TA Cert Root, TA Cert Interm
- IDVV-581821PD - VP6300 : TA Cert Root, TA Cert Interm
- SPTP2-988-33-2C-0C - VP5300 : TA Cert Root, TA Cert Interm
- SPTP2-988-33-2C-0C-J1 - VP5300 : TA Cert Root, TA Cert Interm
- SPTP2-988-33-2CD-0C - VP5300 : TA Cert Root, TA Cert Interm
- IDEM-841RPD - : TA Cert Interm, TA Cert DEK. [X]TA Cert Root-N/A
- IDEM-851RPD - : TA Cert Interm, TA Cert DEK. [X]TA Cert Root-N/A
- IDEM-241RP - Augusta
- IDEM-241RPD - Augusta
- IDEM-251RP - Augusta
- IDEM-251RPD - Augusta
- IDEM-841RP - Augusta S
- IDEM-841RPD - Augusta S
- IDEM-851RP - Augusta S
- IDEM-851RPD - Augusta S
V 1.01.004-C01, 2019 June 12. goofy.liu, FW:
- 1.Updated P/N List.
(+)SPTP2-988-33-2C-0C-J1, for VP5300.
TransArmor CA Root + Interm Download.
To be noted that ..
this P/N’s TA Certificates = SPTP2-988-33-2C-0C’s.
V1.01.003
V1.01.002
1.Add sleep time to slow send data speed
2.Fix load certificate multiple times issue
3.Skip empty folder
4.Fix check error when load multiple certificate files
CRC32:0c0fd8b1
V1.01.001
1.NGA format support
2.Add Augusta/Augusta S TransArmor certificate files
CRC32:c2be7a8a
V 1.00.009
- IDEM-241RP : TA Cert Interm, TA Cert DEK. No TA Cert Root
- IDEM-241RPD : TA Cert Interm, TA Cert DEK. No TA Cert Root
- IDEM-251RP : TA Cert Interm, TA Cert DEK. No TA Cert Root
- IDEM-251RPD : TA Cert Interm, TA Cert DEK. No TA Cert Root
- IDEM-841RPD : TA Cert Interm, TA Cert DEK. No TA Cert Root
- IDEM-851RPD : TA Cert Interm, TA Cert DEK. No TA Cert Root
- IDVV-581801P - VP6300 : TA Cert Root, TA Cert Interm
- IDVV-581821P - VP6300 : TA Cert Root, TA Cert Interm
- IDVV-581821PD - VP6300 : TA Cert Root, TA Cert Interm
- SPTP2-988-33-2CD-0C - VP5300: TA Cert Root, TA Cert Interm
- SPTP2-988-33-2C-0C - VP5300 : TA Cert Root, TA Cert Interm
- 1.Updated P/N List for Augusta (S).
(+) IDEM-241RP - : TA Cert Interm, TA Cert DEK. [X]TA Cert Root-N/A
(+) IDEM-241RPD - : TA Cert Interm, TA Cert DEK. [X]TA Cert Root-N/A
(+) IDEM-251RP - : TA Cert Interm, TA Cert DEK. [X]TA Cert Root-N/A
(+) IDEM-251RPD - : TA Cert Interm, TA Cert DEK. [X]TA Cert Root-N/A
- 2.USB VID:PID List Updated
---[USB KB PID]---
(+) 3810 = Augusta
(+) 3910 = Augusta S
---[USB HID PID]---
(+) 3820 = Augusta
(+) 3830 = Augusta CPR TTK
(+) 3920 = Augusta S
- 1.Updated P/N List
(-) IDVV-581801P-US
(+) IDEM-841RPD - : TA Cert Interm, TA Cert DEK. [X]TA Cert Root-N/A
(+) IDEM-851RPD - : TA Cert Interm, TA Cert DEK. [X]TA Cert Root-N/A
- 2.Updated USB HID/KB PID
2.A HID Type
August - 0x3820
August S - 0x3920
August S CPR(TTK) - 0x3830
2.B KB Type
August - 0x3810
August S - 0x3910
V 1.00.008
- IDVV-581801P - VP6300 : TA Root Cert, TA Interm Cert
- IDVV-581801P-US, USAT-S : TA Root Cert, TA Interm Cert
- IDVV-581821P - VP6300 : TA Root Cert, TA Interm Cert
- IDVV-581821PD - VP6300 : TA Root Cert, TA Interm Cert
- SPTP2-988-33-2CD-0C - VP5300: TA Root Cert, TA Interm Cert
- SPTP2-988-33-2C-0C - VP5300 : TA Root Cert, TA Interm Cert
Mindy Yang
RE VP6300 USAT-SPKI901 V1.00.008-C02 Released.msg
- SHA-512:
C419D29410E95B27C84BFBF765094875605993B4BF484A0687A471089CE3861C9957CD554D39456CC9D34E9C7D7A3FF9ED68AA4FD1310121C1A725B87B012AC3
- 1.Updated P/N List
(+) IDVV-581801P - VP6300 : TA Root Cert, TA Interm Cert
(M) IDVV-580801-US - VP6300 USAT : App Data Tx/Rx List Updated.
- 2.PID Updated
(+) =4442, USAT
Mindy Yang
RE PKI901VP6300USAT V1.00.008-C01 Released Resent V02.msg
- SHA-512:
5B2D18257A68799759A424AACF4AF3E5CEA26C1D00FA12B04A6C725EC169E646D46559A156C83D4D595EBF7D27CF97F90DB4D6604FD7EC7D2D125D7AC1C22BD0
V 1.00.007
- IDVV-580801-US - VP6300 USAT: Contact L2 Configuration (AppData,Terminal,and CAKeys)
- IDVV-581821P - VP6300 : TA Root Cert, TA Interm Cert
- IDVV-581821PD - VP6300 : TA Root Cert, TA Interm Cert
- SPTP2-988-33-2CD-0C - VP5300: TA Root Cert, TA Interm Cert
- SPTP2-988-33-2C-0C - VP5300 : TA Root Cert, TA Interm Cert
- 1.Updated P/N List
- IDMR-PBT71 - VP3310 BLE : PCD Antenna Parameters
- IDMR-PBT71D - VP3310 BLE : PCD Antenna Parameters
- 1.Updated P/N List
- IDMR-PBT71 - VP3310 BLE : PCD Antenna Parameters
- IDMR-PBT71D - VP3310 BLE : PCD Antenna Parameters
M IDVV-580801-US - VP6300 USAT: Contact L2 Configuration (Terminal Data)
- Note01:
- = removed item
M = Modified item
- Note02:
Updated CT_TerminalData.txt : TerminalData _4C_v02.txt
- 1.Updated P/N List
+ IDVV-580801-US - VP6300 USAT: Contact L2 Configuration (AppData,Terminal,and CAKeys)
+ IDMR-PBT71 - VP3310 BLE : PCD Antenna Parameters
+ IDMR-PBT71D - VP3310 BLE : PCD Antenna Parameters
- Note01 : IDVV-580801-US CT Config Files (AppData,TerminalData,and CAKeys)
https://idtechproducts.atlassian.idtechproducts.comnet/confluencewiki/download/attachments/4063417359021677/IDVV-580801-US_CFG_CT_L2.zip?version=1&modificationDate=1545192731089&api=v2
- Note02 : PCD Antenna EMV L1 Parameters tool, for PN5180 and AS3911.
https://idtechproducts.atlassian.idtechproducts.comnet/confluencewiki/download/attachments/5659350359031281/LabSDK_EMVL1_V1.00.019.zip?version=1&modificationDate=1544510982989&api=v2
V 1.00.006
- 1.Fixed USB-HID Connection Problem.
- 2.Fixed Certificates Error Info Messages.
V 1.00.005
- 1.Read Trans Armor Certificates after Cert Injection.
- 2.Display the 1st UUT injected TA Certs.
The 2nd and later UUT TA Cert Information is
automatically verified depending on 1st UUT's.
- 3.Default Communication Interface = RS232.
- 4.Add Retrying Tx/Rx to preventing from Failed Injection.
V 1.00.004
- V 1.00.004-C02, 2018 Aug 23
1.Fixed RS232->USB-HID toggling problem.
2.Fixed RS232 no closed after running done.
- 1.Add RS232 Support.
How to toggle interface between USB-HID and RS232 ?
Press mouse right key on the [RUN - XXX] Button before running..
V 1.00.003
1.Remove TA Data Cert.
[-] PEM\SPTP2-988-33-2CD-0C\IDT-CERT-T-2-T03.PEM
Removed Request e-mail
V 1.00.002
1.Add Part Number Support, for VP5300
2.Rename exe file to PKI901_TA_CertTool.exe
3.Add Tool Instruction Document (i.e. User Guide)
801XXXXX-TI-Rev 53_VP5300_TA_CertTool.docx
V1.00.001
1.Initial Version
2.USB-HID Interface ONLY
Operation Steps:
Click [Select Files] →
select file (PEM; txt;), multiple selection support →
Click [Run] -->
PASS / FAIL
White List Download Tool
Version | Comment | Approved by |
---|---|---|
V 1.00.010 | ||
old: RS232 new: USB-HID To cycle these interfaces by performing right-clicking mouse @ Run button.
| ||
goofy.liu Will.Feng (Deactivated)
(+)2018_ICSWhiteList - old style white list (+)2019_ICSWhiteList - new style white list Kevin Vo White List Load Request RE Update TA_Loader_V1.00.001-C01.msg Update TA_Loader_V1.00.001-C01.msg Comment: The new commands are 9309 and 9119. The length is included in the text file. You have to add the IDG header and CRC at the end. The new software should be compatible with the old and new files. You can compare the first two bytes to determine if old or new format file. If 0C00, then old format, else new format. Something like that. The IDG Command to retrieve white list information. 2C-53, to retrieve white list information. |