EMVKeyMgr Class

Properties Methods Events Config Settings Errors

The EMVKeyMgr class simplifies the process of downloading EMV public keys for FDMS Rapid Connect and Paymentech.

Syntax

class dpaymentssdk.EMVKeyMgr

Remarks

This class connects with either FDMS Rapid Connect or Paymentech to check the status of, and download EMV public key information.

To begin set platform to specify FDMS Rapid Connect or Paymentech. Next set the appropriate merchant properties for the selected platform.

FDMS Rapid Connect

After calling get_key_info the key_file_crc, key_file_size, and key_file_date should all be saved for use when calling check_for_update at a later time.

To check whether an update is available set key_file_crc, key_file_size, and key_file_date to the values from the current key. If no values are known simply leave these empty. Call check_for_update to determine if an update is applicable. The update_available property will be populated and can be queried to determine if an update is available. If an update is available simply call get_key_info to obtain the new public key information.

After calling get_key_info the KeyDetail* properties will hold details about each of the keys returned.

The applicable properties and methods for FDMS Rapid Connect are:

Properties:

application_id
datawire_id
group_id
key_details
key_file_crc
key_file_date
key_file_size
merchant_id
merchant_terminal_number
platform
stan
tppid
transaction_number
update_available
url

Methods:

check_for_update
get_key_info

EMVKeyMgr for FDMS Rapid Connect Code Example emvkeymgr.TPPID = "AAA000"; emvkeymgr.MerchantTerminalNumber = "00000001"; emvkeymgr.MerchantId = "1234"; emvkeymgr.GroupId = "20001"; emvkeymgr.DatawireId = "00011122233344455566"; emvkeymgr.ApplicationId = "RAPIDCONNECTVXN"; emvkeymgr.URL = "https://stg.dw.us.fdcnet.biz/rc"; emvkeymgr.STAN = "112"; emvkeymgr.TransactionNumber = "120013"; emvkeymgr.KeyFileDate = "03262014120000"; emvkeymgr.KeyFileSize = 123; emvkeymgr.KeyFileCRC = "0000"; //Check if an update is available emvkeymgr.CheckForUpdate(); if (emvkeymgr.UpdateAvailable) { emvkeymgr.GetKeyInfo(); //Save these values to provide in the next CheckForUpdate call string origKeyCRC = emvkeymgr.KeyFileCRC; int origKeySize = emvkeymgr.KeyFileSize; string origKeyDate = emvkeymgr.KeyFileDate; //Iterate over the key details for (int i = 0; i < emvkeymgr.KeyDetails.Count; i++) { Console.WriteLine("RID: " + emvkeymgr.KeyDetails[i].RID); Console.WriteLine("ExpDate: " + emvkeymgr.KeyDetails[i].ExpDate); Console.WriteLine("IndexStr: " + emvkeymgr.KeyDetails[i].IndexStr); Console.WriteLine("Checksum: " + emvkeymgr.KeyDetails[i].CheckSum); Console.WriteLine("Modulus: " + emvkeymgr.KeyDetails[i].Modulus); Console.WriteLine("Exponent: " + emvkeymgr.KeyDetails[i].Exponent); Console.WriteLine("********************************"); } }

Paymentech

Call the get_key_info method to retrieve available public key information. After calling get_key_info the KeyDetail* properties will hold details about each of the keys returned.

The applicable properties and methods for Paymentech are:

Properties:

client_number
key_details
merchant_id
merchant_terminal_number
password
platform
sequence_number
url
user_id

Methods:

get_key_info

Events:

on_data_packet_in
on_data_packet_out

EMVKeyMgr for Paymentech Code Example

emvkeymgr.Platform = EmvkeymgrPlatforms.kpPaymentech;
emvkeymgr.URL = "https://netconnectvar1.chasepaymentech.com/NetConnect/controller";
emvkeymgr.UserId = "userid";
emvkeymgr.Password = "password";
emvkeymgr.MerchantId = "700000000125";
emvkeymgr.MerchantTerminalNumber = "001";
emvkeymgr.ClientNumber = "0002";    

emvkeymgr.GetKeyInfo();

//Iterate over the key details
for (int i = 0; i < emvkeymgr.KeyDetails.Count; i++)
{
  Console.WriteLine("RID: " + emvkeymgr.KeyDetails[i].RID);
  Console.WriteLine("IndexStr: " + emvkeymgr.KeyDetails[i].IndexStr);
  Console.WriteLine("Checksum: " + emvkeymgr.KeyDetails[i].CheckSum);
  Console.WriteLine("Modulus: " + emvkeymgr.KeyDetails[i].Modulus);
  Console.WriteLine("Exponent: " + emvkeymgr.KeyDetails[i].Exponent);
  Console.WriteLine("Fallback Allowed: " + emvkeymgr.KeyDetails[i].FallbackAllowed);
  Console.WriteLine("********************************");
}

Property List

The following is the full list of the properties of the class with short descriptions. Click on the links for further details.


application_id	Identifies the merchant application to the Datawire System.
client_number	Merchant configuration property, assigned by Paymentech.
datawire_id	Identifies the merchant to the Datawire System.
group_id	The Id assigned by FDMS to identify the merchant or group of merchants.
key_detail_count	The number of records in the KeyDetail arrays.
key_detail_check_sum	The checksum of the public key values.
key_detail_exp_date	The expiration date of the public key.
key_detail_exponent	The exponent of the public key.
key_detail_fallback_allowed	Whether the terminal is allowed to fall back to magnetic stripe when there is a problem reading the chip.
key_detail_index_str	This property identifies the public key in conjunction with RID .
key_detail_modulus	The modulus of the public key.
key_detail_rid	The registered application provider identifier (RID) for which the public key applies.
key_file_crc	The CRC-16 checksum of the EMV public key.
key_file_date	The creation date of the EMV public key.
key_file_size	The total size of the EMV public key file in bytes.
merchant_id	A unique Id used to identify the merchant.
merchant_terminal_number	Used to identify a unique terminal within a merchant location.
password	Password for authentication with the NetConnect Server .
platform	The processing platform.
proxy_auth_scheme	This property is used to tell the class which type of authorization to perform when connecting to the proxy.
proxy_auto_detect	This property tells the class whether or not to automatically detect and use proxy system settings, if available.
proxy_password	This property contains a password if authentication is to be used for the proxy.
proxy_port	This property contains the Transmission Control Protocol (TCP) port for the proxy Server (default 80).
proxy_server	If a proxy Server is given, then the HTTP request is sent to the proxy instead of the server otherwise specified.
proxy_ssl	This property determines when to use a Secure Sockets Layer (SSL) for the connection to the proxy.
proxy_user	This property contains a username if authentication is to be used for the proxy.
sequence_number	Sequence number of the transaction.
ssl_accept_server_cert_encoded	This is the certificate (PEM/Base64 encoded).
ssl_cert_encoded	This is the certificate (PEM/Base64 encoded).
ssl_cert_store	This is the name of the certificate store for the client certificate.
ssl_cert_store_password	If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.
ssl_cert_store_type	This is the type of certificate store for this certificate.
ssl_cert_subject	This is the subject of the certificate used for client authentication.
ssl_provider	This specifies the SSL/TLS implementation to use.
ssl_server_cert_encoded	This is the certificate (PEM/Base64 encoded).
stan	The merchant assigned System Trace Audit Number(STAN).
timeout	A timeout for the class.
tppid	Third Party Processor Identifier assigned by FDMS.
transaction_number	Uniquely identifies the transaction.
update_available	Whether updated public key information is available.
url	Location of the server to which requests are sent.
user_id	UserId for authentication with the NetConnect Server .

Method List

The following is the full list of the methods of the class with short descriptions. Click on the links for further details.


check_for_update	Checks the key status to see if an update is required.
config	Sets or retrieves a configuration setting.
get_key_info	This method retrieves the EMV public key information.

Event List

The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.


on_connected	This event is fired immediately after a connection completes (or fails).
on_data_packet_in	Fired when receiving a data packet from the transaction server.
on_data_packet_out	Fired when sending a data packet to the transaction server.
on_disconnected	This event is fired when a connection is closed.
on_error	Fired when information is available about errors during data delivery.
on_ssl_server_authentication	Fired after the server presents its certificate to the client.
on_ssl_status	Fired when secure connection progress messages are available.
on_status	Shows the progress of the FDMS/Datawire connection.

Config Settings

The following is a list of config settings for the class with short descriptions. Click on the links for further details.


KeyBlockSize	The maximum block size when downloading the EMV public key.
KeyData	The EMV public key data.
RawRequest	Returns the request sent to the server for debugging purposes.
RawResponse	Returns the response received from the server for debugging purposes.
AcceptEncoding	Used to tell the server which types of content encodings the client supports.
AllowHTTPCompression	This property enables HTTP compression for receiving data.
AllowHTTPFallback	Whether HTTP/2 connections are permitted to fallback to HTTP/1.1.
Append	Whether to append data to LocalFile.
Authorization	The Authorization string to be sent to the server.
BytesTransferred	Contains the number of bytes transferred in the response data.
ChunkSize	Specifies the chunk size in bytes when using chunked encoding.
CompressHTTPRequest	Set to true to compress the body of a PUT or POST request.
EncodeURL	If set to True the URL will be encoded by the class.
FollowRedirects	Determines what happens when the server issues a redirect.
GetOn302Redirect	If set to True the class will perform a GET on the new location.
HTTP2HeadersWithoutIndexing	HTTP2 headers that should not update the dynamic header table with incremental indexing.
HTTPVersion	The version of HTTP used by the class.
IfModifiedSince	A date determining the maximum age of the desired document.
KeepAlive	Determines whether the HTTP connection is closed after completion of the request.
KerberosSPN	The Service Principal Name for the Kerberos Domain Controller.
LogLevel	The level of detail that is logged.
MaxRedirectAttempts	Limits the number of redirects that are followed in a request.
NegotiatedHTTPVersion	The negotiated HTTP version.
OtherHeaders	Other headers as determined by the user (optional).
ProxyAuthorization	The authorization string to be sent to the proxy server.
ProxyAuthScheme	The authorization scheme to be used for the proxy.
ProxyPassword	A password if authentication is to be used for the proxy.
ProxyPort	Port for the proxy server (default 80).
ProxyServer	Name or IP address of a proxy server (optional).
ProxyUser	A user name if authentication is to be used for the proxy.
SentHeaders	The full set of headers as sent by the client.
StatusCode	The status code of the last response from the server.
StatusLine	The first line of the last response from the server.
TransferredData	The contents of the last response from the server.
TransferredDataLimit	The maximum number of incoming bytes to be stored by the class.
TransferredHeaders	The full set of headers as received from the server.
TransferredRequest	The full request as sent by the client.
UseChunkedEncoding	Enables or Disables HTTP chunked encoding for transfers.
UseIDNs	Whether to encode hostnames to internationalized domain names.
UsePlatformHTTPClient	Whether or not to use the platform HTTP client.
UseProxyAutoConfigURL	Whether to use a Proxy auto-config file when attempting a connection.
UserAgent	Information about the user agent (browser).
ConnectionTimeout	Sets a separate timeout value for establishing a connection.
ConnectionTimeout	Sets a separate timeout value for establishing a connection.
FirewallAutoDetect	Tells the class whether or not to automatically detect and use firewall system settings, if available.
FirewallAutoDetect	Tells the class whether or not to automatically detect and use firewall system settings, if available.
FirewallHost	Name or IP address of firewall (optional).
FirewallHost	Name or IP address of firewall (optional).
FirewallPassword	Password to be used if authentication is to be used when connecting through the firewall.
FirewallPassword	Password to be used if authentication is to be used when connecting through the firewall.
FirewallPort	The TCP port for the FirewallHost;.
FirewallPort	The TCP port for the FirewallHost;.
FirewallType	Determines the type of firewall to connect through.
FirewallType	Determines the type of firewall to connect through.
FirewallUser	A user name if authentication is to be used connecting through a firewall.
FirewallUser	A user name if authentication is to be used connecting through a firewall.
KeepAliveInterval	The retry interval, in milliseconds, to be used when a TCP keep-alive packet is sent and no response is received.
KeepAliveInterval	The retry interval, in milliseconds, to be used when a TCP keep-alive packet is sent and no response is received.
KeepAliveTime	The inactivity time in milliseconds before a TCP keep-alive packet is sent.
KeepAliveTime	The inactivity time in milliseconds before a TCP keep-alive packet is sent.
Linger	When set to True, connections are terminated gracefully.
Linger	When set to True, connections are terminated gracefully.
LingerTime	Time in seconds to have the connection linger.
LingerTime	Time in seconds to have the connection linger.
LocalHost	The name of the local host through which connections are initiated or accepted.
LocalHost	The name of the local host through which connections are initiated or accepted.
LocalPort	The port in the local host where the class binds.
LocalPort	The port in the local host where the class binds.
MaxLineLength	The maximum amount of data to accumulate when no EOL is found.
MaxLineLength	The maximum amount of data to accumulate when no EOL is found.
MaxTransferRate	The transfer rate limit in bytes per second.
MaxTransferRate	The transfer rate limit in bytes per second.
ProxyExceptionsList	A semicolon separated list of hosts and IPs to bypass when using a proxy.
ProxyExceptionsList	A semicolon separated list of hosts and IPs to bypass when using a proxy.
TCPKeepAlive	Determines whether or not the keep alive socket option is enabled.
TCPKeepAlive	Determines whether or not the keep alive socket option is enabled.
TcpNoDelay	Whether or not to delay when sending packets.
TcpNoDelay	Whether or not to delay when sending packets.
UseIPv6	Whether to use IPv6.
UseIPv6	Whether to use IPv6.
LogSSLPackets	Controls whether SSL packets are logged when using the internal security API.
LogSSLPackets	Controls whether SSL packets are logged when using the internal security API.
OpenSSLCADir	The path to a directory containing CA certificates.
OpenSSLCADir	The path to a directory containing CA certificates.
OpenSSLCAFile	Name of the file containing the list of CA's trusted by your application.
OpenSSLCAFile	Name of the file containing the list of CA's trusted by your application.
OpenSSLCipherList	A string that controls the ciphers to be used by SSL.
OpenSSLCipherList	A string that controls the ciphers to be used by SSL.
OpenSSLPrngSeedData	The data to seed the pseudo random number generator (PRNG).
OpenSSLPrngSeedData	The data to seed the pseudo random number generator (PRNG).
ReuseSSLSession	Determines if the SSL session is reused.
ReuseSSLSession	Determines if the SSL session is reused.
SSLCACertFilePaths	The paths to CA certificate files on Unix/Linux.
SSLCACertFilePaths	The paths to CA certificate files on Unix/Linux.
SSLCACerts	A newline separated list of CA certificate to use during SSL client authentication.
SSLCACerts	A newline separated list of CA certificate to use during SSL client authentication.
SSLCheckCRL	Whether to check the Certificate Revocation List for the server certificate.
SSLCheckCRL	Whether to check the Certificate Revocation List for the server certificate.
SSLCheckOCSP	Whether to use OCSP to check the status of the server certificate.
SSLCheckOCSP	Whether to use OCSP to check the status of the server certificate.
SSLCipherStrength	The minimum cipher strength used for bulk encryption.
SSLCipherStrength	The minimum cipher strength used for bulk encryption.
SSLEnabledCipherSuites	The cipher suite to be used in an SSL negotiation.
SSLEnabledCipherSuites	The cipher suite to be used in an SSL negotiation.
SSLEnabledProtocols	Used to enable/disable the supported security protocols.
SSLEnabledProtocols	Used to enable/disable the supported security protocols.
SSLEnableRenegotiation	Whether the renegotiation_info SSL extension is supported.
SSLEnableRenegotiation	Whether the renegotiation_info SSL extension is supported.
SSLIncludeCertChain	Whether the entire certificate chain is included in the SSLServerAuthentication event.
SSLIncludeCertChain	Whether the entire certificate chain is included in the SSLServerAuthentication event.
SSLKeyLogFile	The location of a file where per-session secrets are written for debugging purposes.
SSLKeyLogFile	The location of a file where per-session secrets are written for debugging purposes.
SSLNegotiatedCipher	Returns the negotiated cipher suite.
SSLNegotiatedCipher	Returns the negotiated cipher suite.
SSLNegotiatedCipherStrength	Returns the negotiated cipher suite strength.
SSLNegotiatedCipherStrength	Returns the negotiated cipher suite strength.
SSLNegotiatedCipherSuite	Returns the negotiated cipher suite.
SSLNegotiatedCipherSuite	Returns the negotiated cipher suite.
SSLNegotiatedKeyExchange	Returns the negotiated key exchange algorithm.
SSLNegotiatedKeyExchange	Returns the negotiated key exchange algorithm.
SSLNegotiatedKeyExchangeStrength	Returns the negotiated key exchange algorithm strength.
SSLNegotiatedKeyExchangeStrength	Returns the negotiated key exchange algorithm strength.
SSLNegotiatedVersion	Returns the negotiated protocol version.
SSLNegotiatedVersion	Returns the negotiated protocol version.
SSLSecurityFlags	Flags that control certificate verification.
SSLSecurityFlags	Flags that control certificate verification.
SSLServerCACerts	A newline separated list of CA certificate to use during SSL server certificate validation.
SSLServerCACerts	A newline separated list of CA certificate to use during SSL server certificate validation.
TLS12SignatureAlgorithms	Defines the allowed TLS 1.2 signature algorithms when SSLProvider is set to Internal.
TLS12SignatureAlgorithms	Defines the allowed TLS 1.2 signature algorithms when SSLProvider is set to Internal.
TLS12SupportedGroups	The supported groups for ECC.
TLS12SupportedGroups	The supported groups for ECC.
TLS13KeyShareGroups	The groups for which to pregenerate key shares.
TLS13KeyShareGroups	The groups for which to pregenerate key shares.
TLS13SignatureAlgorithms	The allowed certificate signature algorithms.
TLS13SignatureAlgorithms	The allowed certificate signature algorithms.
TLS13SupportedGroups	The supported groups for (EC)DHE key exchange.
TLS13SupportedGroups	The supported groups for (EC)DHE key exchange.
AbsoluteTimeout	Determines whether timeouts are inactivity timeouts or absolute timeouts.
AbsoluteTimeout	Determines whether timeouts are inactivity timeouts or absolute timeouts.
FirewallData	Used to send extra data to the firewall.
FirewallData	Used to send extra data to the firewall.
InBufferSize	The size in bytes of the incoming queue of the socket.
InBufferSize	The size in bytes of the incoming queue of the socket.
OutBufferSize	The size in bytes of the outgoing queue of the socket.
OutBufferSize	The size in bytes of the outgoing queue of the socket.
BuildInfo	Information about the product's build.
CodePage	The system code page used for Unicode to Multibyte translations.
LicenseInfo	Information about the current license.
MaskSensitive	Whether sensitive data is masked in log messages.
ProcessIdleEvents	Whether the class uses its internal event loop to process events when the main thread is idle.
SelectWaitMillis	The length of time in milliseconds the class will wait when DoEvents is called if there are no events to process.
UseInternalSecurityAPI	Whether or not to use the system security libraries or an internal implementation.

application_id Property

Identifies the merchant application to the Datawire System.

Syntax

def get_application_id() -> str: ...
def set_application_id(value: str) -> None: ...

application_id = property(get_application_id, set_application_id)

Default Value

"NSOFTDIRECTPXML"

Remarks

The Application Id identifies the application that has generated and is sending the transaction. This is a 15 character alphanumeric code that identifies each application and is provided by the Datawire Secure Transport Vendor Integration Team

This property may be validated along with the datawire_id as connection credentials.

The default value of this property is a value used for testing with Rapid Connect. You may be required to have a new application_id assigned for the software you create with this class.

This property is only applicable when platform is set to FDMS Rapid Connect.

client_number Property

Merchant configuration property, assigned by Paymentech.

Syntax

def get_client_number() -> str: ...
def set_client_number(value: str) -> None: ...

client_number = property(get_client_number, set_client_number)

Default Value

Remarks

The client_number will be supplied to you by Paymentech.

This property is only applicable when platform is set to Paymentech.

datawire_id Property

Identifies the merchant to the Datawire System.

Syntax

def get_datawire_id() -> str: ...
def set_datawire_id(value: str) -> None: ...

datawire_id = property(get_datawire_id, set_datawire_id)

Default Value

Remarks

The Datawire Id is a unique customer identifier generated by Datawire and returned to the client after successfully registering the merchant (using the FDMSRegister class). This Id (which is sent in all subsequent transactions) allows a transaction, to pass through the Datawire system and be correctly routed to the FDMS Payment processor.

The maximum length for this property is 32 characters.

This property is only applicable when platform is set to FDMS Rapid Connect.

group_id Property

The Id assigned by FDMS to identify the merchant or group of merchants.

Syntax

def get_group_id() -> str: ...
def set_group_id(value: str) -> None: ...

group_id = property(get_group_id, set_group_id)

Default Value

Remarks

This property specifies the FDMS assigned group Id. This Id identifies the merchant or group of merchants. This property is required.

This property is only applicable when platform is set to FDMS Rapid Connect.

key_detail_count Property

The number of records in the KeyDetail arrays.

Syntax

def get_key_detail_count() -> int: ...
def set_key_detail_count(value: int) -> None: ...

key_detail_count = property(get_key_detail_count, set_key_detail_count)

Default Value

Remarks

This property controls the size of the following arrays:

key_detail_check_sum
key_detail_exp_date
key_detail_exponent
key_detail_fallback_allowed
key_detail_index_str
key_detail_modulus
key_detail_rid

The array indices start at 0 and end at key_detail_count - 1.

key_detail_check_sum Property

The checksum of the public key values.

Syntax

def get_key_detail_check_sum(key_index: int) -> str: ...

Default Value

Remarks

The checksum of the public key values.

The key_index parameter specifies the index of the item in the array. The size of the array is controlled by the key_detail_count property.

This property is read-only.

key_detail_exp_date Property

The expiration date of the public key.

Syntax

def get_key_detail_exp_date(key_index: int) -> str: ...

Default Value

Remarks

The expiration date of the public key. The format is MMDDYYYY. For instance "06312014".

This property is only applicable when platform is set to FDMS Rapid Connect.

The key_index parameter specifies the index of the item in the array. The size of the array is controlled by the key_detail_count property.

This property is read-only.

key_detail_exponent Property

The exponent of the public key.

Syntax

def get_key_detail_exponent(key_index: int) -> str: ...

Default Value

Remarks

The exponent of the public key.

The key_index parameter specifies the index of the item in the array. The size of the array is controlled by the key_detail_count property.

This property is read-only.

key_detail_fallback_allowed Property

Whether the terminal is allowed to fall back to magnetic stripe when there is a problem reading the chip.

Syntax

def get_key_detail_fallback_allowed(key_index: int) -> bool: ...

Default Value

FALSE

Remarks

Whether the terminal is allowed to fall back to magnetic stripe when there is a problem reading the chip.

This property is only applicable when platform is set to Paymentech.

The key_index parameter specifies the index of the item in the array. The size of the array is controlled by the key_detail_count property.

This property is read-only.

key_detail_index_str Property

This property identifies the public key in conjunction with RID .

Syntax

def get_key_detail_index_str(key_index: int) -> str: ...

Default Value

"0"

Remarks

This property identifies the public key in conjunction with key_detail_rid.

The key_index parameter specifies the index of the item in the array. The size of the array is controlled by the key_detail_count property.

This property is read-only.

key_detail_modulus Property

The modulus of the public key.

Syntax

def get_key_detail_modulus(key_index: int) -> str: ...

Default Value

Remarks

The modulus of the public key.

The key_index parameter specifies the index of the item in the array. The size of the array is controlled by the key_detail_count property.

This property is read-only.

key_detail_rid Property

The registered application provider identifier (RID) for which the public key applies.

Syntax

def get_key_detail_rid(key_index: int) -> str: ...

Default Value

Remarks

The registered application provider identifier (RID) for which the public key applies. For instance "A000000003".

The key_index parameter specifies the index of the item in the array. The size of the array is controlled by the key_detail_count property.

This property is read-only.

key_file_crc Property

The CRC-16 checksum of the EMV public key.

Syntax

def get_key_file_crc() -> str: ...
def set_key_file_crc(value: str) -> None: ...

key_file_crc = property(get_key_file_crc, set_key_file_crc)

Default Value

Remarks

This property specifies the 4 character CRC-16 checksum of the EMV public key. This is a hexadecimal value representation of two bytes, for instance "AA02".

This property should be set to the checksum of the current public key before calling check_for_update. If no previous key has been downloaded leave this setting empty.

This property will be populated with values returned by the server after calling check_for_update or get_key_info.

This property is only applicable when platform is set to FDMS Rapid Connect.

key_file_date Property

The creation date of the EMV public key.

Syntax

def get_key_file_date() -> str: ...
def set_key_file_date(value: str) -> None: ...

key_file_date = property(get_key_file_date, set_key_file_date)

Default Value

Remarks

This setting specifies the creation date of the EMV public key file. The format for this value is "MMddyyyyHHmmss".

This property should be set to the date of the current public key before calling check_for_update. If no previous key has been downloaded leave this setting empty.

This property will be populated with values returned by the server after calling check_for_update or get_key_info.

This property is only applicable when platform is set to FDMS Rapid Connect.

key_file_size Property

The total size of the EMV public key file in bytes.

Syntax

def get_key_file_size() -> int: ...
def set_key_file_size(value: int) -> None: ...

key_file_size = property(get_key_file_size, set_key_file_size)

Default Value

Remarks

This property specifies the total size of the file in bytes. This may be up to 5 digits in length.

This property should be set to the size of the current public key before calling check_for_update. If no previous key has been downloaded set this to 0.

This property will be populated with values returned by the server after calling check_for_update or get_key_info.

This property is only applicable when platform is set to FDMS Rapid Connect.

merchant_id Property

A unique Id used to identify the merchant.

Syntax

def get_merchant_id() -> str: ...
def set_merchant_id(value: str) -> None: ...

merchant_id = property(get_merchant_id, set_merchant_id)

Default Value

Remarks

This property holds the assigned Merchant Id assigned.

FDMS Rapid Connect

The value is an alphanumeric value up to 16 characters in length.

Paymentech

The value is 12 digits in length.

merchant_terminal_number Property

Used to identify a unique terminal within a merchant location.

Syntax

def get_merchant_terminal_number() -> str: ...
def set_merchant_terminal_number(value: str) -> None: ...

merchant_terminal_number = property(get_merchant_terminal_number, set_merchant_terminal_number)

Default Value

Remarks

This property contains the assigned merchant terminal number.

FDMS Rapid Connect

This value is a number assigned by FDMS to uniquely identify a terminal within a merchant location. The value is numeric and may be up to 8 digits in length.

Paymentech

This value is a 3-digit field assigned by Paymentech.

password Property

Password for authentication with the NetConnect Server .

Syntax

def get_password() -> str: ...
def set_password(value: str) -> None: ...

password = property(get_password, set_password)

Default Value

Remarks

The password will be supplied to you by Paymentech.

This property is only applicable when platform is set to Paymentech.

platform Property

The processing platform.

Syntax

def get_platform() -> int: ...
def set_platform(value: int) -> None: ...

platform = property(get_platform, set_platform)

Default Value

Remarks

This property specifies the processing platform to which requests are made. Possible values are:


0 (kpFDMSRapidConnect - default)	FDMS Rapid Connect
1 (kpPaymentech)	Paymentech

proxy_auth_scheme Property

This property is used to tell the class which type of authorization to perform when connecting to the proxy.

Syntax

def get_proxy_auth_scheme() -> int: ...
def set_proxy_auth_scheme(value: int) -> None: ...

proxy_auth_scheme = property(get_proxy_auth_scheme, set_proxy_auth_scheme)

Default Value

Remarks

This property is used to tell the class which type of authorization to perform when connecting to the proxy. This is used only when the proxy_user and proxy_password properties are set.

proxy_auth_scheme should be set to authNone (3) when no authentication is expected.

By default, proxy_auth_scheme is authBasic (0), and if the proxy_user and proxy_password properties are set, the component will attempt basic authentication.

If proxy_auth_scheme is set to authDigest (1), digest authentication will be attempted instead.

If proxy_auth_scheme is set to authProprietary (2), then the authorization token will not be generated by the class. Look at the configuration file for the class being used to find more information about manually setting this token.

If proxy_auth_scheme is set to authNtlm (4), NTLM authentication will be used.

For security reasons, setting this property will clear the values of proxy_user and proxy_password.

proxy_auto_detect Property

This property tells the class whether or not to automatically detect and use proxy system settings, if available.

Syntax

def get_proxy_auto_detect() -> bool: ...
def set_proxy_auto_detect(value: bool) -> None: ...

proxy_auto_detect = property(get_proxy_auto_detect, set_proxy_auto_detect)

Default Value

FALSE

Remarks

This property tells the class whether or not to automatically detect and use proxy system settings, if available. The default value is False.

proxy_password Property

This property contains a password if authentication is to be used for the proxy.

Syntax

def get_proxy_password() -> str: ...
def set_proxy_password(value: str) -> None: ...

proxy_password = property(get_proxy_password, set_proxy_password)

Default Value

Remarks

This property contains a password if authentication is to be used for the proxy.

If proxy_auth_scheme is set to Basic Authentication, the proxy_user and proxy_password are Base64 encoded and the proxy authentication token will be generated in the form Basic [encoded-user-password].

If proxy_auth_scheme is set to Digest Authentication, the proxy_user and proxy_password properties are used to respond to the Digest Authentication challenge from the server.

If proxy_auth_scheme is set to NTLM Authentication, the proxy_user and proxy_password properties are used to authenticate through NTLM negotiation.

proxy_port Property

This property contains the Transmission Control Protocol (TCP) port for the proxy Server (default 80).

Syntax

def get_proxy_port() -> int: ...
def set_proxy_port(value: int) -> None: ...

proxy_port = property(get_proxy_port, set_proxy_port)

Default Value

Remarks

This property contains the Transmission Control Protocol (TCP) port for the proxy proxy_server (default 80). See the description of the proxy_server property for details.

proxy_server Property

If a proxy Server is given, then the HTTP request is sent to the proxy instead of the server otherwise specified.

Syntax

def get_proxy_server() -> str: ...
def set_proxy_server(value: str) -> None: ...

proxy_server = property(get_proxy_server, set_proxy_server)

Default Value

Remarks

If a proxy proxy_server is given, then the HTTP request is sent to the proxy instead of the server otherwise specified.

If the proxy_server property is set to a domain name, a DNS request is initiated. Upon successful termination of the request, the proxy_server property is set to the corresponding address. If the search is not successful, an error is returned.

proxy_ssl Property

This property determines when to use a Secure Sockets Layer (SSL) for the connection to the proxy.

Syntax

def get_proxy_ssl() -> int: ...
def set_proxy_ssl(value: int) -> None: ...

proxy_ssl = property(get_proxy_ssl, set_proxy_ssl)

Default Value

Remarks

This property determines when to use a Secure Sockets Layer (SSL) for the connection to the proxy. The applicable values are as follows:


psAutomatic (0)	Default setting. If the url is an `https` URL, the class will use the `psTunnel` option. If the url is an `http` URL, the class will use the `psNever` option.
psAlways (1)	The connection is always SSL enabled.
psNever (2)	The connection is not SSL enabled.
psTunnel (3)	The connection is made through a tunneling (HTTP) proxy.

proxy_user Property

This property contains a username if authentication is to be used for the proxy.

Syntax

def get_proxy_user() -> str: ...
def set_proxy_user(value: str) -> None: ...

proxy_user = property(get_proxy_user, set_proxy_user)

Default Value

Remarks

This property contains a username if authentication is to be used for the proxy.

If proxy_auth_scheme is set to Basic Authentication, the proxy_user and proxy_password properties are Base64 encoded and the proxy authentication token will be generated in the form Basic [encoded-user-password].

If proxy_auth_scheme is set to Digest Authentication, the proxy_user and proxy_password properties are used to respond to the Digest Authentication challenge from the server.

If proxy_auth_scheme is set to NTLM Authentication, the proxy_user and proxy_password properties are used to authenticate through NTLM negotiation.

sequence_number Property

Sequence number of the transaction.

Syntax

def get_sequence_number() -> int: ...
def set_sequence_number(value: int) -> None: ...

sequence_number = property(get_sequence_number, set_sequence_number)

Default Value

Remarks

This field is user definable and can be used at the users discretion. The sequence number may be any numeric value 0 to 2400. This is an optional field and you may choose to send a unique number or simply send every transaction with zeros.

If set this value should be incremented for each transaction. When the sequence number reaches 2400, the sequence_number should then start over at 1 again.

This property is only applicable when platform is set to Paymentech.

ssl_accept_server_cert_encoded Property

This is the certificate (PEM/Base64 encoded).

Syntax

def get_ssl_accept_server_cert_encoded() -> bytes: ...
def set_ssl_accept_server_cert_encoded(value: bytes) -> None: ...

ssl_accept_server_cert_encoded = property(get_ssl_accept_server_cert_encoded, set_ssl_accept_server_cert_encoded)

Default Value

Remarks

This is the certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The ssl_accept_server_cert_store and ssl_accept_server_cert_subject properties also may be used to specify a certificate.

When ssl_accept_server_cert_encoded is set, a search is initiated in the current ssl_accept_server_cert_store for the private key of the certificate. If the key is found, ssl_accept_server_cert_subject is updated to reflect the full subject of the selected certificate; otherwise, ssl_accept_server_cert_subject is set to an empty string.

ssl_cert_encoded Property

This is the certificate (PEM/Base64 encoded).

Syntax

def get_ssl_cert_encoded() -> bytes: ...
def set_ssl_cert_encoded(value: bytes) -> None: ...

ssl_cert_encoded = property(get_ssl_cert_encoded, set_ssl_cert_encoded)

Default Value

Remarks

This is the certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The ssl_cert_store and ssl_cert_subject properties also may be used to specify a certificate.

When ssl_cert_encoded is set, a search is initiated in the current ssl_cert_store for the private key of the certificate. If the key is found, ssl_cert_subject is updated to reflect the full subject of the selected certificate; otherwise, ssl_cert_subject is set to an empty string.

ssl_cert_store Property

This is the name of the certificate store for the client certificate.

Syntax

def get_ssl_cert_store() -> bytes: ...
def set_ssl_cert_store(value: bytes) -> None: ...

ssl_cert_store = property(get_ssl_cert_store, set_ssl_cert_store)

Default Value

"MY"

Remarks

This is the name of the certificate store for the client certificate.

The ssl_cert_store_type property denotes the type of the certificate store specified by ssl_cert_store. If the store is password protected, specify the password in ssl_cert_store_password.

ssl_cert_store is used in conjunction with the ssl_cert_subject property to specify client certificates. If ssl_cert_store has a value, and ssl_cert_subject or ssl_cert_encoded is set, a search for a certificate is initiated. Please see the ssl_cert_subject property for details.

Designations of certificate stores are platform dependent.

The following designations are the most common User and Machine certificate stores in Windows:


MY	A certificate store holding personal certificates with their associated private keys.
CA	Certifying authority certificates.
ROOT	Root certificates.

When the certificate store type is PFXFile, this property must be set to the name of the file. When the type is PFXBlob, the property must be set to the binary contents of a PFX file (i.e., PKCS#12 certificate store).

ssl_cert_store_password Property

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

Syntax

def get_ssl_cert_store_password() -> str: ...
def set_ssl_cert_store_password(value: str) -> None: ...

ssl_cert_store_password = property(get_ssl_cert_store_password, set_ssl_cert_store_password)

Default Value

Remarks

If the type of certificate store requires a password, this property is used to specify the password needed to open the certificate store.

ssl_cert_store_type Property

This is the type of certificate store for this certificate.

Syntax

def get_ssl_cert_store_type() -> int: ...
def set_ssl_cert_store_type(value: int) -> None: ...

ssl_cert_store_type = property(get_ssl_cert_store_type, set_ssl_cert_store_type)

Default Value

Remarks

This is the type of certificate store for this certificate.

The class supports both public and private keys in a variety of formats. When the cstAuto value is used, the class will automatically determine the type. This property can take one of the following values:


0 (cstUser - default)	For Windows, this specifies that the certificate store is a certificate store owned by the current user. Note: This store type is not available in Java.
1 (cstMachine)	For Windows, this specifies that the certificate store is a machine store. Note: This store type is not available in Java.
2 (cstPFXFile)	The certificate store is the name of a PFX (PKCS#12) file containing certificates.
3 (cstPFXBlob)	The certificate store is a string (binary or Base64-encoded) representing a certificate store in PFX (PKCS#12) format.
4 (cstJKSFile)	The certificate store is the name of a Java Key Store (JKS) file containing certificates. Note: This store type is only available in Java.
5 (cstJKSBlob)	The certificate store is a string (binary or Base64-encoded) representing a certificate store in Java Key Store (JKS) format. Note: this store type is only available in Java.
6 (cstPEMKeyFile)	The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate.
7 (cstPEMKeyBlob)	The certificate store is a string (binary or Base64-encoded) that contains a private key and an optional certificate.
8 (cstPublicKeyFile)	The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate.
9 (cstPublicKeyBlob)	The certificate store is a string (binary or Base64-encoded) that contains a PEM- or DER-encoded public key certificate.
10 (cstSSHPublicKeyBlob)	The certificate store is a string (binary or Base64-encoded) that contains an SSH-style public key.
11 (cstP7BFile)	The certificate store is the name of a PKCS#7 file containing certificates.
12 (cstP7BBlob)	The certificate store is a string (binary) representing a certificate store in PKCS#7 format.
13 (cstSSHPublicKeyFile)	The certificate store is the name of a file that contains an SSH-style public key.
14 (cstPPKFile)	The certificate store is the name of a file that contains a PPK (PuTTY Private Key).
15 (cstPPKBlob)	The certificate store is a string (binary) that contains a PPK (PuTTY Private Key).
16 (cstXMLFile)	The certificate store is the name of a file that contains a certificate in XML format.
17 (cstXMLBlob)	The certificate store is a string that contains a certificate in XML format.
18 (cstJWKFile)	The certificate store is the name of a file that contains a JWK (JSON Web Key).
19 (cstJWKBlob)	The certificate store is a string that contains a JWK (JSON Web Key).
21 (cstBCFKSFile)	The certificate store is the name of a file that contains a BCFKS (Bouncy Castle FIPS Key Store). Note: This store type is only available in Java and .NET.
22 (cstBCFKSBlob)	The certificate store is a string (binary or Base64-encoded) representing a certificate store in BCFKS (Bouncy Castle FIPS Key Store) format. Note: This store type is only available in Java and .NET.
23 (cstPKCS11)	The certificate is present on a physical security key accessible via a PKCS#11 interface. To use a security key, the necessary data must first be collected using the CertMgr class. The list_store_certificates method may be called after setting cert_store_type to `cstPKCS11`, cert_store_password to the PIN, and cert_store to the full path of the PKCS#11 DLL. The certificate information returned in the on_cert_list event's `CertEncoded` parameter may be saved for later use. When using a certificate, pass the previously saved security key information as the ssl_cert_store and set ssl_cert_store_password to the PIN. Code Example. SSH Authentication with Security Key: `certmgr.CertStoreType = CertStoreTypes.cstPKCS11; certmgr.OnCertList += (s, e) => { secKeyBlob = e.CertEncoded; }; certmgr.CertStore = @"C:\Program Files\OpenSC Project\OpenSC\pkcs11\opensc-pkcs11.dll"; certmgr.CertStorePassword = "123456"; //PIN certmgr.ListStoreCertificates(); sftp.SSHCert = new Certificate(CertStoreTypes.cstPKCS11, secKeyBlob, "123456", "*"); sftp.SSHUser = "test"; sftp.SSHLogon("myhost", 22);`
99 (cstAuto)	The store type is automatically detected from the input data. This setting may be used with both public and private keys and can detect any of the supported formats automatically.

ssl_cert_subject Property

This is the subject of the certificate used for client authentication.

Syntax

def get_ssl_cert_subject() -> str: ...
def set_ssl_cert_subject(value: str) -> None: ...

ssl_cert_subject = property(get_ssl_cert_subject, set_ssl_cert_subject)

Default Value

Remarks

This is the subject of the certificate used for client authentication.

This property must be set after all other certificate properties are set. When this property is set, a search is performed in the current certificate store to locate a certificate with a matching subject.

If a matching certificate is found, the property is set to the full subject of the matching certificate.

If an exact match is not found, the store is searched for subjects containing the value of the property.

If a match is still not found, the property is set to an empty string, and no certificate is selected.

The special value "*" picks a random certificate in the certificate store.

The certificate subject is a comma-separated list of distinguished name fields and values. For instance, "CN=www.server.com, OU=test, C=US, E=support@nsoftware.com". Common fields and their meanings are as follows:


Field	Meaning
CN	Common Name. This is commonly a hostname like www.server.com.
O	Organization
OU	Organizational Unit
L	Locality
S	State
C	Country
E	Email Address

If a field value contains a comma, it must be quoted.

ssl_provider Property

This specifies the SSL/TLS implementation to use.

Syntax

def get_ssl_provider() -> int: ...
def set_ssl_provider(value: int) -> None: ...

ssl_provider = property(get_ssl_provider, set_ssl_provider)

Default Value

Remarks

This property specifies the SSL/TLS implementation to use. In most cases the default value of 0 (Automatic) is recommended and should not be changed. When set to 0 (Automatic) the class will select whether to use the platform implementation or the internal implementation depending on the operating system as well as the TLS version being used.

Possible values are:


0 (sslpAutomatic - default)	Automatically selects the appropriate implementation.
1 (sslpPlatform)	Uses the platform/system implementation.
2 (sslpInternal)	Uses the internal implementation.

Additional Notes

In most cases using the default value (Automatic) is recommended. The class will select a provider depending on the current platform.

When Automatic is selected, on Windows the class will use the platform implementation. On Linux/macOS the class will use the internal implementation. When TLS 1.3 is enabled via SSLEnabledProtocols the internal implementation is used on all platforms.

ssl_server_cert_encoded Property

This is the certificate (PEM/Base64 encoded).

Syntax

def get_ssl_server_cert_encoded() -> bytes: ...

ssl_server_cert_encoded = property(get_ssl_server_cert_encoded, None)

Default Value

Remarks

This is the certificate (PEM/Base64 encoded). This property is used to assign a specific certificate. The ssl_server_cert_store and ssl_server_cert_subject properties also may be used to specify a certificate.

When ssl_server_cert_encoded is set, a search is initiated in the current ssl_server_cert_store for the private key of the certificate. If the key is found, ssl_server_cert_subject is updated to reflect the full subject of the selected certificate; otherwise, ssl_server_cert_subject is set to an empty string.

This property is read-only.

stan Property

The merchant assigned System Trace Audit Number(STAN).

Syntax

def get_stan() -> str: ...
def set_stan(value: str) -> None: ...

stan = property(get_stan, set_stan)

Default Value

Remarks

This property represents a six digit number assigned by the merchant to uniquely reference the transaction. This number must be unique within a day per Merchant ID and Terminal ID.

Valid values are from 000001 to 999999 inclusive.

This property is only applicable when platform is set to FDMS Rapid Connect.

timeout Property

A timeout for the class.

Syntax

def get_timeout() -> int: ...
def set_timeout(value: int) -> None: ...

timeout = property(get_timeout, set_timeout)

Default Value

Remarks

If timeout is set to a positive value, and an operation cannot be completed immediately, the class will return with an error after timeout seconds.

The default value for timeout is 30 (seconds).

tppid Property

Third Party Processor Identifier assigned by FDMS.

Syntax

def get_tppid() -> str: ...
def set_tppid(value: str) -> None: ...

tppid = property(get_tppid, set_tppid)

Default Value

Remarks

The Third Party Processor Identifier (TPPID. Also sometimes referred to as a "Vendor Id") is assigned by FDMS to each third party who is processing transactions. Each merchant will receive a TPPID from FDMS.

The default value is "" (empty string). This should be set to the FDMS assigned TPPID.

A visa_identifier is also required for Visa transactions.

This property is only applicable when platform is set to FDMS Rapid Connect.

transaction_number Property

Uniquely identifies the transaction.

Syntax

def get_transaction_number() -> str: ...
def set_transaction_number(value: str) -> None: ...

transaction_number = property(get_transaction_number, set_transaction_number)

Default Value

Remarks

The TransactionNumber (otherwise known as the Client Reference Number, or ClientRef) uniquely identifies the packet sent by the application to the Datawire system. This parameter stores some unique token of information, and is used to match the response to the initial request sent. For example, the client application could use a static counter that is increased with the each executed request.

For all classs except FDMSGiftCard the maximum length of this property is 14 alphanumeric characters.

The FDMS recommended format is "tttttttVnnnnrrr" where ttttttt is a 7 digit transaction id, V is a constant, and nnn is a 3 digit version number and rrr is a 3 digit revision number. The 6 digit version number is typically static but unique for an application (Example: Version 2.5 = tttttttV002500).

For the Rapid Connect platform, the 6 character version number should be your Project/TPPID value. The entire TransactionNumber must be unique within a 24 hour time period.

The FDMSGiftCard also passes this value to the FDMS Closed Loop Gift Card system as a transaction id, and therefore the following restrictions are enforced: The maximum length is 7 characters. If the first character is an 'X', the remaining characters must be in the range '0' through 'F', indicating a hexadecimal number. Otherwise the FDMS Closed Loop Gift Card system only allows digits in this property.

This property is only applicable when platform is set to FDMS Rapid Connect.

update_available Property

Whether updated public key information is available.

Syntax

def get_update_available() -> bool: ...

update_available = property(get_update_available, None)

Default Value

FALSE

Remarks

This property may be queried after calling check_for_update to determine if new public key information is available from FDMS.

This property is only applicable when platform is set to FDMS Rapid Connect.

This property is read-only.

url Property

Location of the server to which requests are sent.

Syntax

def get_url() -> str: ...
def set_url(value: str) -> None: ...

url = property(get_url, set_url)

Default Value

"https://staging1.datawire.net/sd/"

Remarks

This is the URL to which all requests are sent. The default value is "https://staging1.datawire.net/sd/".

FDMS Rapid Connect

This URL is acquired by using the FDMSRegister class. Once you Register and Activate the merchant using the FDMSRegister class, you may then do a Service Discovery. After sending a Service Discovery transaction, the Datawire system will return a list of transaction URLs. The URL from this list with the shortest round-trip transit time from a ping is the URL you should use here.

Paymentech

The URL is provided by Paymentech. The test server URL is "https://netconnectvar1.chasepaymentech.com/NetConnect/controller".

user_id Property

UserId for authentication with the NetConnect Server .

Syntax

def get_user_id() -> str: ...
def set_user_id(value: str) -> None: ...

user_id = property(get_user_id, set_user_id)

Default Value

Remarks

The user_id will be supplied to you by PaymenTech.

This property is only applicable when platform is set to Paymentech.

check_for_update Method

Checks the key status to see if an update is required.

Syntax

def check_for_update() -> None: ...

Remarks

This method checks the status of the EMV public key to determine if an update is required. This method is only applicable when platform is set to FDMS Rapid Connect.

Before calling this method specify key_file_crc, key_file_size, and key_file_date with values for the current EMV public key. If no details are known leave these properties empty.

After calling this method check update_available to determine if an updated is required. If an update is required call get_key_info.

This method will populate key_file_crc, key_file_size, and key_file_date with the values returned by the server for the latest EMV public key.

This method is only applicable when platform is set to FDMS Rapid Connect.

config Method

Sets or retrieves a configuration setting.

Syntax

def config(configuration_string: str) -> str: ...

Remarks

config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.

These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the config method.

To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).

To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.

get_key_info Method

This method retrieves the EMV public key information.

Syntax

def get_key_info() -> None: ...

Remarks

This method retrieves the EMV public key information.

After calling this method check the KeyDetail* properties for information about each of the public keys returned.

Applicable KeyDetail properties for FDMS Rapid Connect:

key_detail_rid
key_detail_index_str
key_detail_exponent
key_detail_modulus
key_details_checksum
key_detail_exp_date

Applicable KeyDetail properties for Paymentech:

key_detail_rid
key_detail_index_str
key_detail_exponent
key_detail_modulus
key_details_checksum
key_detail_fallback_allowed

In addition to the key details the following properties will be populated when working with FDMS:

key_file_crc
key_file_date
key_file_size

These values should be saved for use when calling check_for_update at a later time.

on_connected Event

This event is fired immediately after a connection completes (or fails).

Syntax

class EMVKeyMgrConnectedEventParams(object):
  @property
  def status_code() -> int: ...

  @property
  def description() -> str: ...

# In class EMVKeyMgr:
@property
def on_connected() -> Callable[[EMVKeyMgrConnectedEventParams], None]: ...
@on_connected.setter
def on_connected(event_hook: Callable[[EMVKeyMgrConnectedEventParams], None]) -> None: ...

Remarks

If the connection is made normally, StatusCode is 0 and Description is "OK".

If the connection fails, StatusCode has the error code returned by the Transmission Control Protocol (TCP)/IP stack. Description contains a description of this code. The value of StatusCode is equal to the value of the error.

Please refer to the Error Codes section for more information.

on_data_packet_in Event

Fired when receiving a data packet from the transaction server.

Syntax

class EMVKeyMgrDataPacketInEventParams(object):
  @property
  def data_packet() -> bytes: ...

# In class EMVKeyMgr:
@property
def on_data_packet_in() -> Callable[[EMVKeyMgrDataPacketInEventParams], None]: ...
@on_data_packet_in.setter
def on_data_packet_in(event_hook: Callable[[EMVKeyMgrDataPacketInEventParams], None]) -> None: ...

Remarks

This event fires when a packet is received. The entire data packet (including all framing and error detection characters) is contained in the parameter "DataPacket". This parameter may be inspected for advanced troubleshooting, or to extract additional response properties beyond the scope of this class.

This event is only applicable when platform is set to Paymentech.

on_data_packet_out Event

Fired when sending a data packet to the transaction server.

Syntax

class EMVKeyMgrDataPacketOutEventParams(object):
  @property
  def data_packet() -> bytes: ...

# In class EMVKeyMgr:
@property
def on_data_packet_out() -> Callable[[EMVKeyMgrDataPacketOutEventParams], None]: ...
@on_data_packet_out.setter
def on_data_packet_out(event_hook: Callable[[EMVKeyMgrDataPacketOutEventParams], None]) -> None: ...

Remarks

This event fires right before each data packet is sent. The entire data packet (including all framing and error detection characters) is contained in the parameter "DataPacket". This parameter may be inspected for advanced troubleshooting, or may be modified to support additional features beyond the scope of this class.

This event is only applicable when platform is set to Paymentech.

on_disconnected Event

This event is fired when a connection is closed.

Syntax

class EMVKeyMgrDisconnectedEventParams(object):
  @property
  def status_code() -> int: ...

  @property
  def description() -> str: ...

# In class EMVKeyMgr:
@property
def on_disconnected() -> Callable[[EMVKeyMgrDisconnectedEventParams], None]: ...
@on_disconnected.setter
def on_disconnected(event_hook: Callable[[EMVKeyMgrDisconnectedEventParams], None]) -> None: ...

Remarks

If the connection is broken normally, StatusCode is 0 and Description is "OK".

If the connection is broken for any other reason, StatusCode has the error code returned by the Transmission Control Protocol (TCP/IP) subsystem. Description contains a description of this code. The value of StatusCode is equal to the value of the TCP/IP error.

Please refer to the Error Codes section for more information.

on_error Event

Fired when information is available about errors during data delivery.

Syntax

class EMVKeyMgrErrorEventParams(object):
  @property
  def error_code() -> int: ...

  @property
  def description() -> str: ...

# In class EMVKeyMgr:
@property
def on_error() -> Callable[[EMVKeyMgrErrorEventParams], None]: ...
@on_error.setter
def on_error(event_hook: Callable[[EMVKeyMgrErrorEventParams], None]) -> None: ...

Remarks

The on_error event is fired in case of exceptional conditions during message processing. Normally the class fails with an error.

The ErrorCode parameter contains an error code, and the Description parameter contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.

on_ssl_server_authentication Event

Fired after the server presents its certificate to the client.

Syntax

class EMVKeyMgrSSLServerAuthenticationEventParams(object):
  @property
  def cert_encoded() -> bytes: ...

  @property
  def cert_subject() -> str: ...

  @property
  def cert_issuer() -> str: ...

  @property
  def status() -> str: ...

  @property
  def accept() -> bool: ...
  @accept.setter
  def accept(value) -> None: ...

# In class EMVKeyMgr:
@property
def on_ssl_server_authentication() -> Callable[[EMVKeyMgrSSLServerAuthenticationEventParams], None]: ...
@on_ssl_server_authentication.setter
def on_ssl_server_authentication(event_hook: Callable[[EMVKeyMgrSSLServerAuthenticationEventParams], None]) -> None: ...

Remarks

During this event, the client can decide whether or not to continue with the connection process. The Accept parameter is a recommendation on whether to continue or close the connection. This is just a suggestion: application software must use its own logic to determine whether or not to continue.

When Accept is False, Status shows why the verification failed (otherwise, Status contains the string OK). If it is decided to continue, you can override and accept the certificate by setting the Accept parameter to True.

on_ssl_status Event

Fired when secure connection progress messages are available.

Syntax

class EMVKeyMgrSSLStatusEventParams(object):
  @property
  def message() -> str: ...

# In class EMVKeyMgr:
@property
def on_ssl_status() -> Callable[[EMVKeyMgrSSLStatusEventParams], None]: ...
@on_ssl_status.setter
def on_ssl_status(event_hook: Callable[[EMVKeyMgrSSLStatusEventParams], None]) -> None: ...

Remarks

The event is fired for informational and logging purposes only. This event tracks the progress of the connection.

on_status Event

Shows the progress of the FDMS/Datawire connection.

Syntax

class EMVKeyMgrStatusEventParams(object):
  @property
  def message() -> str: ...

# In class EMVKeyMgr:
@property
def on_status() -> Callable[[EMVKeyMgrStatusEventParams], None]: ...
@on_status.setter
def on_status(event_hook: Callable[[EMVKeyMgrStatusEventParams], None]) -> None: ...

Remarks

The event is fired for informational and logging purposes only. Used to track the progress of the connection.

EMVKeyMgr Config Settings

The class accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the config method.

EMVKeyMgr Config Settings

KeyBlockSize: The maximum block size when downloading the EMV public key.

This setting species the maximum block size used when downloading the EMV public key from FDMS. If the key exceeds this size multiple requests will be made by the class to download the key. Valid values are from 100 to 999. The default value is 999. This is only applicable when platform is set to FDMS.

KeyData: The EMV public key data.

The EMV public key data returned after calling get_key_info.

RawRequest: Returns the request sent to the server for debugging purposes.

After an operation this setting may be queried to return the request as it was sent to the server. This is useful for debugging purposes.

RawResponse: Returns the response received from the server for debugging purposes.

After an operation this setting may be queried to return the response as it was received from the server. This is useful for debugging purposes.

HTTP Config Settings

AcceptEncoding: Used to tell the server which types of content encodings the client supports.

When AllowHTTPCompression is True, the class adds an Accept-Encoding header to the request being sent to the server. By default, this header's value is "gzip, deflate". This configuration setting allows you to change the value of the Accept-Encoding header. Note: The class only supports gzip and deflate decompression algorithms.

AllowHTTPCompression: This property enables HTTP compression for receiving data.

This configuration setting enables HTTP compression for receiving data. When set to True (default), the class will accept compressed data. It then will uncompress the data it has received. The class will handle data compressed by both gzip and deflate compression algorithms.

When True, the class adds an Accept-Encoding header to the outgoing request. The value for this header can be controlled by the AcceptEncoding configuration setting. The default value for this header is "gzip, deflate".

The default value is True.

AllowHTTPFallback: Whether HTTP/2 connections are permitted to fallback to HTTP/1.1.

This configuration setting controls whether HTTP/2 connections are permitted to fall back to HTTP/1.1 when the server does not support HTTP/2. This setting is applicable only when http_version is set to "2.0".

If set to True (default), the class will automatically use HTTP/1.1 if the server does not support HTTP/2. If set to False, the class fails with an error if the server does not support HTTP/2.

The default value is True.

Append: Whether to append data to LocalFile.

This configuration setting determines whether data will be appended when writing to local_file. When set to True, downloaded data will be appended to local_file. This may be used in conjunction with range to resume a failed download. This is applicable only when local_file is set. The default value is False.

Authorization: The Authorization string to be sent to the server.

If the Authorization property contains a nonempty string, an Authorization HTTP request header is added to the request. This header conveys Authorization information to the server.

This property is provided so that the HTTP class can be extended with other security schemes in addition to the authorization schemes already implemented by the class.

The auth_scheme property defines the authentication scheme used. In the case of HTTP Basic Authentication (default), every time user and password are set, they are Base64 encoded, and the result is put in the authorization property in the form "Basic [encoded-user-password]".

BytesTransferred: Contains the number of bytes transferred in the response data.

This configuration setting returns the raw number of bytes from the HTTP response data, before the component processes the data, whether it is chunked or compressed. This returns the same value as the on_transfer event, by BytesTransferred.

ChunkSize: Specifies the chunk size in bytes when using chunked encoding.

This is applicable only when UseChunkedEncoding is True. This setting specifies the chunk size in bytes to be used when posting data. The default value is 16384.

CompressHTTPRequest: Set to true to compress the body of a PUT or POST request.

If set to True, the body of a PUT or POST request will be compressed into gzip format before sending the request. The "Content-Encoding" header is also added to the outgoing request.

The default value is False.

EncodeURL: If set to True the URL will be encoded by the class.

If set to True, the URL passed to the class will be URL encoded. The default value is False.

FollowRedirects: Determines what happens when the server issues a redirect.

This option determines what happens when the server issues a redirect. Normally, the class returns an error if the server responds with an "Object Moved" message. If this property is set to 1 (always), the new url for the object is retrieved automatically every time.

If this property is set to 2 (Same Scheme), the new url is retrieved automatically only if the URL Scheme is the same; otherwise, the class fails with an error.

Note: Following the HTTP specification, unless this option is set to 1 (Always), automatic redirects will be performed only for GET or HEAD requests. Other methods potentially could change the conditions of the initial request and create security vulnerabilities.

Furthermore, if either the new URL server or port are different from the existing one, user and password are also reset to empty, unless this property is set to 1 (Always), in which case the same credentials are used to connect to the new server.

A on_redirect event is fired for every URL the product is redirected to. In the case of automatic redirections, the on_redirect event is a good place to set properties related to the new connection (e.g., new authentication parameters).

The default value is 0 (Never). In this case, redirects are never followed, and the class fails with an error instead.

Following are the valid options:

0 - Never
1 - Always
2 - Same Scheme

GetOn302Redirect: If set to True the class will perform a GET on the new location.

The default value is False. If set to True, the class will perform a GET on the new location. Otherwise, it will use the same HTTP method again.

HTTP2HeadersWithoutIndexing: HTTP2 headers that should not update the dynamic header table with incremental indexing.

HTTP/2 servers maintain a dynamic table of headers and values seen over the course of a connection. Typically, these headers are inserted into the table through incremental indexing (also known as HPACK, defined in RFC 7541). To tell the component not to use incremental indexing for certain headers, and thus not update the dynamic table, set this configuration option to a comma-delimited list of the header names.

HTTPVersion: The version of HTTP used by the class.

This property specifies the HTTP version used by the class. Possible values are as follows:

"1.0"
"1.1" (default)
"2.0"
"3.0"

When using HTTP/2 ("2.0"), additional restrictions apply. Please see the following notes for details.

HTTP/2 Notes

When using HTTP/2, a secure Secure Sockets Layer/Transport Layer Security (TLS/SSL) connection is required. Attempting to use a plaintext URL with HTTP/2 will result in an error.

If the server does not support HTTP/2, the class will automatically use HTTP/1.1 instead. This is done to provide compatibility without the need for any additional settings. To see which version was used, check NegotiatedHTTPVersion after calling a method. The AllowHTTPFallback setting controls whether this behavior is allowed (default) or disallowed.

HTTP/3 Notes

HTTP/3 is supported only in .NET and Java.

When using HTTP/3, a secure (TLS/SSL) connection is required. Attempting to use a plaintext URL with HTTP/3 will result in an error.

IfModifiedSince: A date determining the maximum age of the desired document.

If this setting contains a nonempty string, an If-Modified-Since HTTP header is added to the request. The value of this header is used to make the HTTP request conditional: if the requested documented has not been modified since the time specified in the field, a copy of the document will not be returned from the server; instead, a 304 (not modified) response will be returned by the server and the component throws an exception

The format of the date value for IfModifiedSince is detailed in the HTTP specs. For example: Sat, 29 Oct 2017 19:43:31 GMT.

KeepAlive: Determines whether the HTTP connection is closed after completion of the request.

If True, the component will not send the Connection: Close header. The absence of the Connection header indicates to the server that HTTP persistent connections should be used if supported. Note: Not all servers support persistent connections. If False, the connection will be closed immediately after the server response is received.

The default value for KeepAlive is False.

KerberosSPN: The Service Principal Name for the Kerberos Domain Controller.

If the Service Principal Name on the Kerberos Domain Controller is not the same as the URL that you are authenticating to, the Service Principal Name should be set here.

LogLevel: The level of detail that is logged.

This configuration setting controls the level of detail that is logged through the on_log event. Possible values are as follows:


0 (None)	No events are logged.
1 (Info - default)	Informational events are logged.
2 (Verbose)	Detailed data are logged.
3 (Debug)	Debug data are logged.

The value 1 (Info) logs basic information, including the URL, HTTP version, and status details.

The value 2 (Verbose) logs additional information about the request and response.

The value 3 (Debug) logs the headers and body for both the request and response, as well as additional debug information (if any).

MaxRedirectAttempts: Limits the number of redirects that are followed in a request.

When follow_redirects is set to any value other than frNever, the class will follow redirects until this maximum number of redirect attempts are made. The default value is 20.

NegotiatedHTTPVersion: The negotiated HTTP version.

This configuration setting may be queried after the request is complete to indicate the HTTP version used. When http_version is set to "2.0" (if the server does not support "2.0"), then the class will fall back to using "1.1" automatically. This setting will indicate which version was used.

OtherHeaders: Other headers as determined by the user (optional).

This configuration setting can be set to a string of headers to be appended to the HTTP request headers.

The headers must follow the format "header: value" as described in the HTTP specifications. Header lines should be separated by CRLF ("\r\n") .

Use this configuration setting with caution. If this configuration setting contains invalid headers, HTTP requests may fail.

This configuration setting is useful for extending the functionality of the class beyond what is provided.

ProxyAuthorization: The authorization string to be sent to the proxy server.

This is similar to the Authorization configuration setting, but is used for proxy authorization. If this configuration setting contains a nonempty string, a Proxy-Authorization HTTP request header is added to the request. This header conveys proxy Authorization information to the server. If proxy_user and proxy_password are specified, this value is calculated using the algorithm specified by proxy_auth_scheme.

ProxyAuthScheme: The authorization scheme to be used for the proxy.

This configuration setting is provided for use by classs that do not directly expose Proxy properties.

ProxyPassword: A password if authentication is to be used for the proxy.

This configuration setting is provided for use by classs that do not directly expose Proxy properties.

ProxyPort: Port for the proxy server (default 80).

This configuration setting is provided for use by classs that do not directly expose Proxy properties.

ProxyServer: Name or IP address of a proxy server (optional).

This configuration setting is provided for use by classs that do not directly expose Proxy properties.

ProxyUser: A user name if authentication is to be used for the proxy.

This configuration setting is provided for use by classs that do not directly expose Proxy properties.

SentHeaders: The full set of headers as sent by the client.

This configuration setting returns the complete set of raw headers as sent by the client.

StatusCode: The status code of the last response from the server.

This configuration setting contains the result code of the last response from the server.

StatusLine: The first line of the last response from the server.

This setting contains the first line of the last response from the server. The format of the line will be [HTTP version] [Result Code] [Description].

TransferredData: The contents of the last response from the server.

This configuration setting contains the contents of the last response from the server.

TransferredDataLimit: The maximum number of incoming bytes to be stored by the class.

If TransferredDataLimit is set to 0 (default), no limits are imposed. Otherwise, this reflects the maximum number of incoming bytes that can be stored by the class.

TransferredHeaders: The full set of headers as received from the server.

This configuration setting returns the complete set of raw headers as received from the server.

TransferredRequest: The full request as sent by the client.

This configuration setting returns the full request as sent by the client. For performance reasons, the request is not normally saved. Set this configuration setting to ON before making a request to enable it. Following are examples of this request:

.NET Http http = new Http(); http.Config("TransferredRequest=on"); http.PostData = "body"; http.Post("http://someserver.com"); Console.WriteLine(http.Config("TransferredRequest")); C++ HTTP http; http.Config("TransferredRequest=on"); http.SetPostData("body", 5); http.Post("http://someserver.com"); printf("%s\r\n", http.Config("TransferredRequest"));

UseChunkedEncoding: Enables or Disables HTTP chunked encoding for transfers.

If UseChunkedEncoding is set to True, the class will use HTTP-chunked encoding when posting, if possible. HTTP-chunked encoding allows large files to be sent in chunks instead of all at once. If set to False, the class will not use HTTP-chunked encoding. The default value is False.

Note: Some servers (such as the ASP.NET Development Server) may not support chunked encoding.

UseIDNs: Whether to encode hostnames to internationalized domain names.

This configuration setting specifies whether hostnames containing non-ASCII characters are encoded to internationalized domain names. When set to True, if a hostname contains non-ASCII characters, it is encoded using Punycode to an IDN (internationalized domain name).

The default value is False and the hostname will always be used exactly as specified. Note: The CodePage setting must be set to a value capable of interpreting the specified host name. For instance, to specify UTF-8, set CodePage to 65001. In the C++ Edition for Windows, the *W version of the class must be used. For instance, DNSW or HTTPW.

UsePlatformHTTPClient: Whether or not to use the platform HTTP client.

When using this configuration setting, if True, the component will use the default HTTP client for the platform (URLConnection in Java, WebRequest in .NET, or CFHTTPMessage in Mac/iOS) instead of the internal HTTP implementation. This is important for environments in which direct access to sockets is limited or not allowed (e.g., in the Google AppEngine).

Note: This setting is applicable only to Mac/iOS editions.

UseProxyAutoConfigURL: Whether to use a Proxy auto-config file when attempting a connection.

This configuration specifies whether the class will attempt to use the Proxy auto-config URL when establishing a connection and proxy_auto_detect is set to True.

When True (default), the class will check for the existence of a Proxy auto-config URL, and if found, will determine the appropriate proxy to use.

UserAgent: Information about the user agent (browser).

This is the value supplied in the HTTP User-Agent header. The default setting is "IPWorks HTTP Component - www.nsoftware.com".

Override the default with the name and version of your software.

TCPClient Config Settings

ConnectionTimeout: Sets a separate timeout value for establishing a connection.

When set, this configuration setting allows you to specify a different timeout value for establishing a connection. Otherwise, the class will use timeout for establishing a connection and transmitting/receiving data. Sets a separate timeout value for establishing a connection.

ConnectionTimeout: Sets a separate timeout value for establishing a connection.

FirewallAutoDetect: Tells the class whether or not to automatically detect and use firewall system settings, if available.

This configuration setting is provided for use by classs that do not directly expose Firewall properties. Tells the class whether or not to automatically detect and use firewall system settings, if available.

This configuration setting is provided for use by classs that do not directly expose Firewall properties.

FirewallAutoDetect: Tells the class whether or not to automatically detect and use firewall system settings, if available.

This configuration setting is provided for use by classs that do not directly expose Firewall properties.

FirewallHost: Name or IP address of firewall (optional).

If a FirewallHost is given, requested connections will be authenticated through the specified firewall when connecting.

If the FirewallHost setting is set to a Domain Name, a DNS request is initiated. Upon successful termination of the request, the FirewallHost setting is set to the corresponding address. If the search is not successful, an error is returned.

Note: This setting is provided for use by classs that do not directly expose Firewall properties.

Name or IP address of firewall (optional).

If a FirewallHost is given, requested connections will be authenticated through the specified firewall when connecting.

Note: This setting is provided for use by classs that do not directly expose Firewall properties.

FirewallHost: Name or IP address of firewall (optional).

If a FirewallHost is given, requested connections will be authenticated through the specified firewall when connecting.

Note: This setting is provided for use by classs that do not directly expose Firewall properties.

Name or IP address of firewall (optional).

If a FirewallHost is given, requested connections will be authenticated through the specified firewall when connecting.

Note: This setting is provided for use by classs that do not directly expose Firewall properties.

FirewallPassword: Password to be used if authentication is to be used when connecting through the firewall.

If FirewallHost is specified, the FirewallUser and FirewallPassword settings are used to connect and authenticate to the given firewall. If the authentication fails, the class fails with an error.

Note: This setting is provided for use by classs that do not directly expose Firewall properties.

Password to be used if authentication is to be used when connecting through the firewall.