"M2" comand returns error 35

Nov 23, 2014 at 3:18 PM
Edited Nov 23, 2014 at 3:19 PM
I am working on data decryption with Thales HSM. For data decryption command "m2" is used.
But I am getting error: '35' : Illegal Message Format
Commands are bellow. That is wrong with my requests?
Request :
M2011100AU099AF4F0F998CE9D3720B9B23095E1B200000000000000000030C79B16C02A5208D916B954A414A66B2600E1976808376906
Response:
M335

I have tried to decrypt data by 8 bytes blocks, but then last block decryption fails:
Request:
M2011100AU099AF4F0F998CE9D3720B9B23095E1B216B954A414A66B26001000E1976808376906
Response:
M335

Thanks, Andrzej
Editor
Nov 24, 2014 at 9:31 AM
Hi!

Send us pls QS console command outut. Probebly there is an issue with ZEK parameters.

Regards,
Juris
Nov 24, 2014 at 9:38 AM
Hello,
Which settings are you interested in?
BR,
Andrzej
Editor
Nov 24, 2014 at 1:16 PM
Hi,

On different firmwares of HSM these settings was different, but the name of parameter(s) will be like that:
Enable ZEK/TEK encryption of ASCII data or Binary data or None
Regards,
Juris
Nov 24, 2014 at 1:44 PM
Edited Nov 24, 2014 at 1:45 PM
Hi,
"Enable ZEK encryption of “Hex-only” ASCII chars" - property Enabled.

I want to notice that when I try to decrypt data (24 bytes) by 8 byte blocks, decryption of last block fails, while 2 previous blocks are decrypted successfully.
BR,
Andrzej
Editor
Nov 26, 2014 at 9:41 AM
Hi,

And what values are assigne to the other "ZEK" parameters?

Regards,
Juris
Nov 26, 2014 at 10:08 AM
Hi,
All ZEK - properties Enabled.
BR,
Andrzej
Editor
Nov 28, 2014 at 8:55 AM
Hi,

Where are you receiving encrypted data from? Are you sure the 3rd party encrypts data the same way you are decrypting? You are decrypting in CBC mode.

Regards,
Juris