EncryptionLayer
SSPProtocolManualGA138_2_2_223A
<<backtoindex
PACKETFORMAT
Encryptionismandatoryforallpayoutdevicesandoptionalforpayindevices.Encrypteddataandcommands
aretransportedbetweenthehostandtheslave(s)usingthetransportmechanismdescribedabove,the
encryptedinformationisstoredinthedatafieldintheformatshownbelow:
STX SEQ/SLAVEID LENGTH DATA CRCL CRCH
DATA
STEX EncryptedData
EncryptedData
eLENGTH eCOUNT eDATA ePACKING eCRCL eCRCH
STEX Singlebyteindicatingthestartofanencrypteddatablock0x7E
eLENGTH
ThelengthofthedataincludedinthepacketthisdoesnotincludeSTEX,COUNT,
the
packingortheCRC
eCOUNT
Afourbyteunsignedinteger.Thisisasequencecountofencryptedpackets,itis
incrementedeachtimeapacketisencryptedandsent,andeachtimeanencrypted
packet
isreceivedanddecrypted.
eDATA Commandsordatatobetransferred
ePACKING
Randomdatatomakethelengthofthelength+count+data+packing+CRCL+
CRCH
tobeamultipleof16bytes
eCRCL/eCRCH
LowandhighbyteofaforwardCRC16algorithmusingthepolynomial(X16+X15
+X2
+1)calculatedonallbytesexceptSTEX.Itisinitialisedusingtheseed0xFFFF
Afterpowerupandresettheslavewillstaydisabledandwillrespondtoallcommandswiththegeneric
responseKEY_NOT_SET(0xFA),withoutexecutingthecommand,untilthekeyhasbeennegotiated.There
aretwoclassesofcommandandresponse,generalcommandsandcommandsinvolvedincredittransfer.
Generalcommandsmaybesentwithorwithoutusingtheencryptionlayer.Theslavewillreplyusingthe
samemethod,unlesstheresponsecontainscreditinformation,inthiscasethereplywillalwaysbeencrypted.
Credit
transfercommands,ahopperpayoutforexample,willonlybeacceptedbytheslaveifreceivedencrypted.
Commandsthatmustbeencryptedonanencryptionenabledproductareindicatedonthecommand
descriptionsforeachcommand.TheSTEXbyteisusedtodeterminethepackettype.Ideallyall
communicationswillbeencrypted.
AfterthedatahasbeendecryptedtheCRCalgorithmisperformedonallbytesincludingtheCRC.Theresult
ofthiscalculationwillbezeroifthedatahasbeendecryptedwiththecorrectkey.Iftheresultofthis
calculationisnonzerothentheperipheralshouldassumethatthehostdidnotencryptthedata(transmission
errorsaredetectedbythetransportlayer).Theslaveshouldgooutofserviceuntilitis
reset.
Thepacketsaresequencedusingthesequencecount;thisisresetto0afterapowercycleandeachtimethe
encryptionkeysaresuccessfullynegotiated.Thecountisincrementedbythehostandslaveeachtimethey
successfullyencryptandtransmita
packet.AfterapacketissuccessfullydecryptedtheCOUNTinthepacketshouldbecomparedwiththe
internalCOUNT,iftheydonotmatchthenthepacketisdiscarded.