Get TZPK for set PIN

This operation retrieves temporary PIN enryption key used for setting PIN. Returned tzpk is encrypted with the provided RSA public key.

Example flow

Step 1, executed on the CARD-HOLDER DEVICE, generating an RSA key pair

// generate RSA key pair var kpg = KeyPairGenerator.getInstance(“RSA”); kpg.initialize(1024); var keyPair = kpg.generateKeyPair(); var publicKey = Base64.getEncoder().encodeToString(keyPair.getPublic().getEncoded());

Step 2, executed on the CLIENT BACK-END, requesting the encrypted TZPK from the API

// controlId received from pincontrol API var controlId = “83fa5f55-3dd7-453a-8233-4242a6bad179”;

// public RSA key, generated by the card-holder device in Step 1 var publicKey = // fetched from the device

// make request var tzpkResponse = pinApiClient.post() .uri(“/pin/v2/set/tzpk?auditUser=”, “test”) .bodyValue(Map.of( “controlId”, controlId, “publicKey”, publicKey )) .retrieve() .bodyToMono(TzpkResponse.class) .block();

Step 3, executed on the CARD-HOLDER DEVICE, decrypting the TZPK (temporary key for PIN encryption)

// response from the API call done in Step 2, given by the backend var tzpkResponse = // given by the backend

// decrypt tzpk with private key var rsa = Cipher.getInstance(“RSA/ECB/NoPadding”); rsa.init(Cipher.DECRYPT_MODE, keyPair.getPrivate()); var decryptedTzpk = rsa.doFinal(Base64.getDecoder().decode(tzpkResponse.getTzpk())); // convert double-length key to triple-length - used if the library support only triple-length 3DES var tzpk = new byte[24]; System.arraycopy(decryptedTzpk, 0, tzpk, 0, 16); System.arraycopy(decryptedTzpk, 0, tzpk, 16, 8);

POST

set

tzpk

Get TZPK for set PIN

curl --request POST \
  --url 'https://integration-api-cat1.{{environment}}.ext.{{realm}}.cia.enfuce.com/pin/v2/set/tzpk' \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "controlId": "83fa5f55-3dd7-453a-8233-4242a6bad179",
  "publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDP7yu/kPSEPHjqsUYIfarstoX4mx9PeJPZl/2zYFbN3dOAk0YnJYYC5udW+fkfNoaj2cf20XMrXGAatK/N30P9YoksJg8SINss+zn+/suDL/cRDXnVvYUn8fHwMcNNFYx7RbpYGaZHqshp5D96yfTTESu90nP8wrnjXH8iY4JIewIDAQAB"
}
'

{
  "tzpk": "i6IWYm4FzTTBrtGF0FFdcHjEEQh8X3qCUcKkNgIXs2R4jLhECfoUHULWoyUu8T9R90MFZnPOuY5tel1Pww4iyKpRG2ChAwPWaHO2g0j9/xKYDBQHY57HklwBdazp03qU9vJIbmwpEOkrJIW1AW7FpypY4amoO565bCg2WfyG69U="
}

Deprecated: This API endpoint is no longer supported.

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Query Parameters

auditUser

string

required

The audit user to log the request

Body

application/json

The related PIN control request data

controlId

string

required

Control ID received from PIN control API.

Example:

"83fa5f55-3dd7-453a-8233-4242a6bad179"

publicKey

string

required

RSA public key under which the received temporary PIN encryption key (tzpk) will be encrypted. Key should be base64-encoded, without any begin or end markers.

Example:

"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDP7yu/kPSEPHjqsUYIfarstoX4mx9PeJPZl/2zYFbN3dOAk0YnJYYC5udW+fkfNoaj2cf20XMrXGAatK/N30P9YoksJg8SINss+zn+/suDL/cRDXnVvYUn8fHwMcNNFYx7RbpYGaZHqshp5D96yfTTESu90nP8wrnjXH8iY4JIewIDAQAB"

Response

tzpk

string

required

Temporary PIN encryption key, encrypted using the RSA public key provided. Base64 encoded.

Example:

"i6IWYm4FzTTBrtGF0FFdcHjEEQh8X3qCUcKkNgIXs2R4jLhECfoUHULWoyUu8T9R90MFZnPOuY5tel1Pww4iyKpRG2ChAwPWaHO2g0j9/xKYDBQHY57HklwBdazp03qU9vJIbmwpEOkrJIW1AW7FpypY4amoO565bCg2WfyG69U="

⌘I

Get TZPK for set PIN

curl --request POST \
  --url 'https://integration-api-cat1.{{environment}}.ext.{{realm}}.cia.enfuce.com/pin/v2/set/tzpk' \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "controlId": "83fa5f55-3dd7-453a-8233-4242a6bad179",
  "publicKey": "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDP7yu/kPSEPHjqsUYIfarstoX4mx9PeJPZl/2zYFbN3dOAk0YnJYYC5udW+fkfNoaj2cf20XMrXGAatK/N30P9YoksJg8SINss+zn+/suDL/cRDXnVvYUn8fHwMcNNFYx7RbpYGaZHqshp5D96yfTTESu90nP8wrnjXH8iY4JIewIDAQAB"
}
'

{
  "tzpk": "i6IWYm4FzTTBrtGF0FFdcHjEEQh8X3qCUcKkNgIXs2R4jLhECfoUHULWoyUu8T9R90MFZnPOuY5tel1Pww4iyKpRG2ChAwPWaHO2g0j9/xKYDBQHY57HklwBdazp03qU9vJIbmwpEOkrJIW1AW7FpypY4amoO565bCg2WfyG69U="
}