Host cmd A6 might rtn 10 "ZMK parity error"

Feb 12, 2011 at 2:47 PM

Hi,

I found a problem with the simulator.
I hope you have an oppertuity to look look at it.

Using host command A6 to import keys in some cases code 10 "ZMK parity error" is returned

lab_ZMK:
For testing purposes I have used a lab_ZMK where the components had parity errors. See below.
lab_Key:
I used a common lab_key to import for different purposes as ZPK, PVK, CVK and others. See below.


Key import as ZPK and PVK works OK on Thales 8000 and on ThalesSim.
ZPK single length (left half) works OK
IZPK20HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH001HHHHHHA6001U26DA187ADCF2AFFE30F18176AF8411CCF19AD0FC127170E7ZTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT'
IZPK20HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH001HHHHHHA700A3D6EBD6048C98C1E6C86CTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT'

ZPK double length works OK
IZPK20HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH001HHHHHHA6001U26DA187ADCF2AFFE30F18176AF8411CCXF19AD0FC127170E75E89730C9A4F7051UTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT'
IZPK20HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH001HHHHHHA700UBC2E0CEFDED25D57EC358B97DCE05899FE7A33TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT'


Key import as CVK and MDK:s (ac, mac, enc, dac).
Works OK on Thales 8000 but return 10 on ThalesSim.
CVK single length (left half) fail with code 10.
ICVK20HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH001HHHHHHA6402U26DA187ADCF2AFFE30F18176AF8411CCF19AD0FC127170E7ZTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT'
ICVK20HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH001HHHHHHA710TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT'

CVK double length fail with code 10
ICVK20HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH001HHHHHHA6402U26DA187ADCF2AFFE30F18176AF8411CCXF19AD0FC127170E75E89730C9A4F7051UTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT'
ICVK20HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH001HHHHHHA710TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT'

Keys used:

lab_ZMK       KCV
Comp1    0123456789ABCDEF123456789ABCDEF0 AE40DE Parity error
comp2    123456789ABCDEF023456789ABCDEF01 295B8F Parity error
xor:
lab_ZMK(clear)  1317131F1317131F317131F1317131F1 489F62 Parity error
lab_ZMK(tstLMK)U26DA187ADCF2AFFE30F18176AF8411CC 489F62 
(I think the import of ZMK was made on HSM800 but I am not completly sure.)

lab_KEY  
Comp1    23456789ABCDEF013456789ABCDEF012 2864F9
Comp2    456789ABCDEF0123456789ABCDEF0123 349C12
xor:
lab_KEY(clear)  6622EE226622EE227131F1317131F131 FE7A33 PARITY ERROR
lab_KEY(clear)  6723EF236723EF237031F1317031F131 FE7A33 PARITY CORRECTED

lab_KEY(labZMK) F19AD0FC127170E75E89730C9A4F7051 FE7A33 PARITY ERROR
  78793769D40295F0DBF36996203E51EE FE7A33 PARITY CORRECTED


Thanks

Coordinator
Feb 13, 2011 at 12:10 AM

That's all a bit complicated. Can you post the exact A6 command send to the simulator along with the response and traces?

Feb 13, 2011 at 12:21 PM

Hi,

Thanks for your quick response.
Below is the result from import of CVK (Single- and double length):

//Thanks

-- My data sent to the Simulator
Single length lab_key:
ICVK20HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH001HHHHHHA6402U26DA187ADCF2AFFE30F18176AF8411CCF19AD0FC127170E7ZTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT'
Double length lab_key:
ICVK20HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH001HHHHHHA6402U26DA187ADCF2AFFE30F18176AF8411CCXF19AD0FC127170E75E89730C9A4F7051UTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT


== Application Events box: ==

No LMK storage file specified, creating new keys
Searching for host command implementors...
Searching for console command implementors...
Starting up the TCP listening thread...
Starting up the Console TCP listening thread...
Startup complete
Client from 127.0.0.1:4553 is connected
Client: 127.0.0.1:4553
Request: ICVK20HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH001HHHHHHA6402U26DA187ADCF2AFFE30F18176AF8411CCF19AD0FC127170E7ZTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT
Parsing header and code of message ICVK20HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH001HHHHHHA6402U26DA187ADCF2AFFE30F18176AF8411CCF19AD0FC127170E7ZTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT...
Searching for implementor of A6...
Found implementor ThalesSim.Core.HostCommands.BuildIn.ImportKey_A6, instantiating...
Calling AcceptMessage()...
Calling ConstructResponse()...
Calling ConstructResponseAfterOperationComplete()...
Attaching header/response code to response...
Sending: ICVK20HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH001HHHHHHA710TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT
Calling Terminate()...
Implementor to Nothing
Client: 127.0.0.1:4553
Request: ICVK20HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH001HHHHHHA6402U26DA187ADCF2AFFE30F18176AF8411CCF19AD0FC127170E7ZTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT
Parsing header and code of message ICVK20HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH001HHHHHHA6402U26DA187ADCF2AFFE30F18176AF8411CCF19AD0FC127170E7ZTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT...
Searching for implementor of A6...
Found implementor ThalesSim.Core.HostCommands.BuildIn.ImportKey_A6, instantiating...
Calling AcceptMessage()...
Calling ConstructResponse()...
Calling ConstructResponseAfterOperationComplete()...
Attaching header/response code to response...
Sending: ICVK20HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH001HHHHHHA710TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT
Calling Terminate()...
Implementor to Nothing

== Command events box:
=== [A6], starts 13:04:33.296 =======
[Key,Value]=[Key,F19AD0FC127170E7]
[Key,Value]=[Key Scheme LMK,Z]
[Key,Value]=[Key Type,402]
[Key,Value]=[ZMK,26DA187ADCF2AFFE30F18176AF8411CC]
[Key,Value]=[ZMK Scheme,U]

=== [A6],   ends 13:04:33.437 =======

=== [A6], starts 13:05:07.750 =======
[Key,Value]=[Key,F19AD0FC127170E7]
[Key,Value]=[Key Scheme LMK,Z]
[Key,Value]=[Key Type,402]
[Key,Value]=[ZMK,26DA187ADCF2AFFE30F18176AF8411CC]
[Key,Value]=[ZMK Scheme,U]

=== [A6],   ends 13:05:07.765 =======


== Data received box: ==

127.0.0.1:4553
49 43 56 4B 32 30 48 48 | ICVK20HH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 30 30 31 48 48 48 48 | H001HHHH
48 48 41 36 34 30 32 55 | HHA6402U
32 36 44 41 31 38 37 41 | 26DA187A
44 43 46 32 41 46 46 45 | DCF2AFFE
33 30 46 31 38 31 37 36 | 30F18176
41 46 38 34 31 31 43 43 | AF8411CC
46 31 39 41 44 30 46 43 | F19AD0FC
31 32 37 31 37 30 45 37 | 127170E7
5A 19 54 54 54 54 54 54 | ZTTTTTT
54 54 54 54 54 54 54 54 | TTTTTTTT
54 54 54 54 54 54 54 54 | TTTTTTTT
54 54 54 54 54 54 54 54 | TTTTTTTT
54 54                   | TT

127.0.0.1:4553
49 43 56 4B 32 30 48 48 | ICVK20HH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 30 30 31 48 48 48 48 | H001HHHH
48 48 41 36 34 30 32 55 | HHA6402U
32 36 44 41 31 38 37 41 | 26DA187A
44 43 46 32 41 46 46 45 | DCF2AFFE
33 30 46 31 38 31 37 36 | 30F18176
41 46 38 34 31 31 43 43 | AF8411CC
46 31 39 41 44 30 46 43 | F19AD0FC
31 32 37 31 37 30 45 37 | 127170E7
5A 19 54 54 54 54 54 54 | ZTTTTTT
54 54 54 54 54 54 54 54 | TTTTTTTT
54 54 54 54 54 54 54 54 | TTTTTTTT
54 54 54 54 54 54 54 54 | TTTTTTTT
54 54                   | TT


== Data sent box: ==

127.0.0.1:4553
49 43 56 4B 32 30 48 48 | ICVK20HH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 30 30 31 48 48 48 48 | H001HHHH
48 48 41 37 31 30 19 54 | HHA710T
54 54 54 54 54 54 54 54 | TTTTTTTT
54 54 54 54 54 54 54 54 | TTTTTTTT
54 54 54 54 54 54 54 54 | TTTTTTTT
54 54 54 54 54 54 54    | TTTTTTT

127.0.0.1:4553
49 43 56 4B 32 30 48 48 | ICVK20HH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 30 30 31 48 48 48 48 | H001HHHH
48 48 41 37 31 30 19 54 | HHA710T
54 54 54 54 54 54 54 54 | TTTTTTTT
54 54 54 54 54 54 54 54 | TTTTTTTT
54 54 54 54 54 54 54 54 | TTTTTTTT
54 54 54 54 54 54 54    | TTTTTTT

 

Feb 13, 2011 at 1:12 PM

Hi again,

The second request should have been adouble length reuest but
was actually was a singel length.
Below is the double length:

//Sorry

== My double length reguest to the simulator: ==
ICVK20HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH001HHHHHHA6402U26DA187ADCF2AFFE30F18176AF8411CCXF19AD0FC127170E75E89730C9A4F7051UTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT


== Application Events box: ==

Request: ICVK20HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH001HHHHHHA6402U26DA187ADCF2AFFE30F18176AF8411CCXF19AD0FC127170E75E89730C9A4F7051UTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT
Parsing header and code of message ICVK20HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH001HHHHHHA6402U26DA187ADCF2AFFE30F18176AF8411CCXF19AD0FC127170E75E89730C9A4F7051UTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT...
Searching for implementor of A6...
Found implementor ThalesSim.Core.HostCommands.BuildIn.ImportKey_A6, instantiating...
Calling AcceptMessage()...
Calling ConstructResponse()...
Calling ConstructResponseAfterOperationComplete()...
Attaching header/response code to response...
Sending: ICVK20HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH001HHHHHHA710TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT
Calling Terminate()...
Implementor to Nothing


== Command events box: ==

=== [A6], starts 14:07:30.359 =======
[Key,Value]=[Key,F19AD0FC127170E75E89730C9A4F7051]
[Key,Value]=[Key Scheme,X]
[Key,Value]=[Key Scheme LMK,U]
[Key,Value]=[Key Type,402]
[Key,Value]=[ZMK,26DA187ADCF2AFFE30F18176AF8411CC]
[Key,Value]=[ZMK Scheme,U]

=== [A6],   ends 14:07:30.375 =======


== Data receive box: ==

127.0.0.1:4553
49 43 56 4B 32 30 48 48 | ICVK20HH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 30 30 31 48 48 48 48 | H001HHHH
48 48 41 36 34 30 32 55 | HHA6402U
32 36 44 41 31 38 37 41 | 26DA187A
44 43 46 32 41 46 46 45 | DCF2AFFE
33 30 46 31 38 31 37 36 | 30F18176
41 46 38 34 31 31 43 43 | AF8411CC
58 46 31 39 41 44 30 46 | XF19AD0F
43 31 32 37 31 37 30 45 | C127170E
37 35 45 38 39 37 33 30 | 75E89730
43 39 41 34 46 37 30 35 | C9A4F705
31 55 19 54 54 54 54 54 | 1UTTTTT
54 54 54 54 54 54 54 54 | TTTTTTTT
54 54 54 54 54 54 54 54 | TTTTTTTT
54 54 54 54 54 54 54 54 | TTTTTTTT
54 54 54                | TTT


== Data sent box: ==

127.0.0.1:4553
49 43 56 4B 32 30 48 48 | ICVK20HH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 48 48 48 48 48 48 48 | HHHHHHHH
48 30 30 31 48 48 48 48 | H001HHHH
48 48 41 37 31 30 19 54 | HHA710T
54 54 54 54 54 54 54 54 | TTTTTTTT
54 54 54 54 54 54 54 54 | TTTTTTTT
54 54 54 54 54 54 54 54 | TTTTTTTT
54 54 54 54 54 54 54    | TTTTTTT

 

Coordinator
Feb 15, 2011 at 8:10 PM

Apologies for taking so long to respond Jajjeboj, difficult week. I promise to give it a shot during the weekend.

Coordinator
Feb 19, 2011 at 8:36 PM

Sorry for the long wait. There was an error in the A6 command which incorrectly used the target key variant when decrypting the encrypted ZMK, instead of using the correct variant for the ZMK.

I've uploaded a fix for this, you can download it here. Please let me know if this solves your problem.

Feb 20, 2011 at 12:56 AM

Hi,

Thanks for the fix. Now it works as it sould. 

//Thanks