# Voltage Encryption SDI Plugin PSDK This document provides information on the Voltage Encryption SDI Plugin. It is an addendum and is recommended to be read with the PSDK SDI Integration Guide available at: ## Architecture Overview The following diagram depicts all the software layers in the solution. ## Programming API The SDI plugin provides a sequential command/response interface per the specification below. These functions are called by a PSDK SDI client application. ### PSDK API Applications should use the following APIs to communicate with the SDI plugin: * SDIManager.sendMessage(int\_ cmd\_, Integer\_ p1p2\_, byte\[]\_ data\_) * SdiReceivedMessage SDIManager.receiveMessage() ### Sending Commands A plugin command is defined as follows: | CLA | INS | P1 | P2 | DATA | Comment | | --- | ---------- | -- | ------- | ------------------------ | ---------------------------------------------------------------------------------------------------- | | 26 | PLUGIN\_ID | 00 | CMD\_ID | Constructed BER-TLV data | POS application using PSDK SDI is expected to construct this data according to normal BER-TLV rules. | Notes: * A unique class 26 (hex) is reserved for all plugins and plugin commands. * PLUGIN\_ID = 0x53 (83 decimal) is reserved for the Voltage Encryption SDI plugin. * For CMD\_ID values, see the Plugin Command APIs and Predefined Tags below. Predefined Tags (common across all plugins): | Tag Name | Tag Value | | ------------------------------------- | --------- | | TAG\_PLUGIN\_VERSION | 0xDF01 | | TAG\_PCI\_VERSION | 0xDF02 | | TAG\_SPONSOR\_ENABLING\_FILE\_PRESENT | 0xDF03 | | TAG\_SPONSOR\_ENABLED | 0xDF04 | | TAG\_PLATFORM\_SUPPORTED | 0xDF05 | | TAG\_MODEL\_SUPPORTED | 0xDF06 | ### Plugin Command APIs List of commands provided by the plugin: | Command | CMD\_ID | Data In | SW | Data Out (SW: 9000) | Description | | ------------------- | ------: | ------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | CMD\_GET\_VERSION | 0 | | 9000 = success | DF01 = semantic version string. DF02 = PCI POI FW version string. NOTE: The version should follow the PCI-compatible scheme allowing wildcards, example: VOLTENC\_aa.bb.cc (aa: security number; bb: non-security enhancement; cc: maintenance). Example: VOLTENC\_01.00.00 | Returns the plugin version string. NOTE: This is different from the PCI version of the plugin. | | CMD\_INIT | 1 | |

9000 = success, plugin initialized
6400 = execution error
6F00 = unit tampered
6500 = sponsor enabling file missing
6501 = platform not supported
6502 = model not supported
6503 = sponsor not enabled
6504 = Invalid or missing VOL\_TEP value
6505 = Missing VOL\_IDSTRING value
6506 = Missing VOL\_BBPARAM value
6507 = Missing VOL\_BBPARAM file

|

DataOut (9000): returns ETB and related items. Required input TLVs (constructed BER-TLV):
- 0xDF31 - VOL\_TEP: mandatory. Value must be one of:
- TEP1 (VSEC\_TEP1\_TRACK\_ENCRYPTION)
- TEP2 (VSEC\_TEP2\_STRUCT\_PRESERVING)
- TEP1X (VSEC\_TEP1X\_TRACK\_ENCRYPTION, needs 3072-bit key)
- TEP2X (VSEC\_TEP2X\_STRUCT\_PRESERVING, needs 3072-bit key)
- TEP4 (VSEC\_TEP4, needs 3072-bit key)
- 0xDF32 - VOL\_IDSTRING: Identity string provided by the host (e.g., "")
- 0xDF33 - VOL\_BBPARAM: name of the bbParameter filename provided by the host; file must be present on the filesystem (e.g., "bbparams.3072.skyblue.voltage.com.data")

| Loads and prepares keys and returns the ETB (Encryption Transmission Block). Input includes the Boneh-Boyen parameters file supplied by the Payment Host Processor; used to create the asymmetric key for IBE to encrypt the FPE key. | | CMD\_ROTATE\_KEY | 2 | N/A |

9000 = success
6600 = Plugin not initialized
6601 = Unable to rotate the key
others - TBD

|

DF34 - ETB\_DATE
DF35 - ETB\_AGE
DF36 - ETB\_VALUE (new key)

| Rotates the key and returns new ETB | | CMD\_GET\_ETB\_INFO | 3 | N/A |

9000 = success
6600 = Plugin not initialized
6601 = Unable to get ETB details
others - TBD

|

DF34 - ETB\_DATE
DF35 - ETB\_AGE
DF36 - ETB\_VALUE (current key)

| Returns the current ETB. | Example: CMD\_GET\_VERSION * IN -> cmd=0x2653, p1p2=0x0000, data="" * OUT -> "F01EDF0105312E302E30DF0213564F4C54454E435F30312E30302E30302E3030" Parsed BER-TLV: * F0 1E => constructed tag * DF01 05 31 2E 30 2E 30 => semantic version: "1.0.0" * DF02 13 56 4F 4C 54 45 4E 43 5F 30 31 2E 30 30 2E 30 30 2E 30 30 => PCI POI FW version: "VOLTENC\_01.00.00.00" ### Voltage Configuration File There is a configuration load file supplying the system with the Voltage configuration data and file(s) required for Voltage encryption, such as the bbParams file, Identity String and other required information. The exact structure of this installation load file will be detailed in a subsequent revision; typical formats per terminal type may include: * .tgz for VOS2 terminals * .tar for VOS3 terminals * .img for Android terminals When installed on the system, the configuration files will be placed in their proper locations. | ![](/files/d3d17dc50854cbd22ea5e91899a217502a11f21c) | Thank you! We are the payments architects who truly understand commerce. As payment architects we shape ecosystems for online and in-person commerce experiences, including all the tools you need… from gateways and acquiring to fraud management, tokenization and reporting. As commerce experts, we are here for you and your business. With our payment devices, our systems & solutions and our support. Everywhere. Anytime. So that your customers feel enabled, recognized and well taken care of, even beyond their expectations. Verifone. Creating omni-commerce solutions that simply shape powerful customer experiences. | | ---------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.verifone.com/sca/tbd-documentation/voltage-encryption-sdi-plugin-psdk.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.