Skip to content

TransactilityInc/jmeter-iso8583

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

75 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

jmeter-iso8583 travis

Overview

Apache JMeter plugin for load testing of payment gateways and switches via ISO 8583 messaging, based on the excellent jPOS framework. Includes the following components:

Prerequisites

A so-called Packager is required to transform ("pack") the message into its binary representation for sending it over the wire. This plugin uses a jPOS Generic Packager that needs to be configured with an XML file.

Often one of the jPOS packager configuration files may be used as-is or with few customisations.

Sample Message

Message

In JMeter's View Results Tree and JTL files, request and response messages are represented as XML, so Extractors and Assertions can easily be used. A hex dump of the raw (binary) message is included for troubleshooting purposes.

Usage

ISO8583 Config

ISO8583 Config

This Configuration Element must be included to use the ISO8583 Sampler.

Mandatory settings:

  • Channel Class: Encapsulates the wire protocol details. The dropdown contains classes included in jPOS (refer Channels documentation). If none of those are suitable, a custom channel class may be supplied (enter fully qualified class name).
  • Packager Configuration: XML configuration file that defines the packaging format of each message field (as per Prerequisites above).
  • Hostname:
    • Client mode (JMeter connects to switch socket): Name or IP address of the switch to connect to.
    • Server mode (switch connects to JMeter socket): Leave blank. JMeter will wait for incoming connection from the switch before starting threads (timeout configurable via JMeter property jmeter.iso8583.incomingConnectionTimeout).
  • Port: Port number to connect to (outgoing from JMeter in client mode; incoming to JMeter in server mode).
  • Reuse Connection (only for client mode; since v1.1): Whether to reuse a persistent connection or reconnect for every request (default: true).
  • Maximum Connections (since v1.1):
    • Client mode (only for non-persistent connections): Maximum number of concurrent connections to the remote host.
    • Server mode: Ignored.

Optional settings:

  • Channel Header: A static header string for all messages (sent and received). Note that some Channels use dynamic headers instead (e.g. VAPChannel).
  • Advanced Configuration: Channel-dependent properties can be specified via Name/Value pairs. For example, srcid and dstid for VAPChannel's Base1Header.
  • SSL Settings: For SSL/TLS connections, the Keystore File (protected with Keystore Password for the file and Key Password for a private key) should contain:
    • Client mode: the server's public certificate to trust and, optionally, the client certificate to send for authentication (mutual SSL).
    • Server mode: the server certificate (with public and private key).
  • Mux Settings (since v1.1): Control how the Mux finds matches between outgoing requests and incoming response messages. See QMUX documentation for further details.
    • MTI Mapping: 3 ten-digit numbers representing how the first 3 MTI digits are mapped between request and response. Example (default): "0123456789 0123456789 0022446789" maps response MTI 0110 to request MTI 0100.

    • Mux Key Configuration: Each row contains the key fields for a message type as per the MTI column, or for all messages if the MTI column is empty.

      Example: Override default key to use fields 42, 41, 11 for all messages, except 0800 messages for which field 41 is used.

      MTI Key Fields
      42 41 11
      0800 41
Implementation Details

This component encapsulates a jPOS Q2 container and QBeans services. It manages either set of 3 components (depending on client or server mode):

  • ChannelAdaptor, Channel and QMUX
  • QServer, Channel and QMUX

While normally those would be configured by placing corresponding XML files into a deploy folder, here it is done dynamically via transforming configuration properties from the JMeter Test Plan into in-memory deployment descriptor objects. These descriptors are then used to create and deploy QBeans at the test start and destroy them at the end.

For even more advanced use cases, above XML files may still be used and copied to the Q2 deploy folder. Its location is configurable via JMeter property jmeter.iso8583.q2DeployDir.

ISO8583 Sampler

ISO8583 Sampler

Each row of the Message Fields table represents one data element of the message. The columns have the following meaning:

  • Field: Field number (decimal), with 0 being the Message Type Indicator (MTI).
  • Content: A string representation of the field's data content. This may be a text, numeric, or binary value. Note that the Packager configuration determines how this is interpreted. For example, a binary field will expect a string of hexadecimal digits (without 0x prefix). A text field's character encoding depends on the Packager configuration too (e.g. ASCII, EBCDIC).
  • Tag (hexadecimal): Used for tagged fields (e.g. ICC/EMV data fields), otherwise empty.
  • Comment: For documentation purposes.

Note that Bitmaps will be generated automatically.

Optional message header and trailers may be specified as hex digits.

Binary Field Content

If the field's class attribute in the Packager configuration file is a subclass of ISOBinaryFieldPackager the field's Content is treated as binary and interpreted as hex digits (replacing incorrect digits with F).

If the Packager's field class is not binary or cannot be determined (e.g. if there are no subfields, as for BERTLVBinaryPackager, the Content will be taken as-is and not be interpreted as hex digits. JMeter's function ${__char()} can be used to enter binary values in that case.

For tagged fields, the tag value is also used to distinguish binary fields. This works for well-known, standard EMV tags, but needs to be configured for proprietary tags. The JMeter property jmeter.iso8583.binaryFieldTags can be used to define a comma-separated list of hexadecimal tag numbers. Note this will cause all fields with one of those tags to be interpreted as binary.

Response Validation

The response code can be used to distinguish failed and successful samples (similar to JMeter's HTTP Request marking 4xx and 5xx responses as failures).

  • Timeout (ms): A response timeout in milliseconds can be defined individually for each sampler. The value 0 can be used to send requests without expecting any response message ("fire and forget"; since v1.1).
  • Response Code Field (usually 39): Field number that is used to determine a sample success or failure.
  • Success Response Codes (usually 00): Expected value for successful responses. This can be a comma-delimited list of valid values (since v1.1).

If either of the Response Code entries are empty, no validation will be performed.

Subfields

For example, field 43 "Card Acceptor Location" contains 3 subfields that can be defined as follows:

Field Content Tag Comment
43.1 JMeter Name
43.2 Nowhere City
43.3 NZ Country

This has to be matched by a packager configuration like the below:

    <isofieldpackager id="43"
            name="CARD ACCEPTOR LOCATION"
            length="40"
            class="org.jpos.iso.IFB_BINARY"
            packager="org.jpos.iso.packager.GenericSubFieldPackager"
            emitBitmap="false"
            firstField="1"
            maxValidField="3">
        <isofield id="1" name="NAME"    length="25" pad="false" class="org.jpos.iso.IF_CHAR"/>
        <isofield id="2" name="CITY"    length="13" pad="false" class="org.jpos.iso.IF_CHAR"/>
        <isofield id="3" name="COUNTRY" length="2"  pad="false" class="org.jpos.iso.IF_CHAR"/>
    </isofieldpackager>	

Tagged Fields

For example, field 55 with ICC/EMV data in BER-TLV format can be defined as in the following example:

Field Content Tag Comment
55.1 000000000199 9F02 Amount, Authorised
55.2 000000000000 9F03 Amount, Other
55.3 0554 9F1A Terminal Country Code
55.4 0000000000 95 Terminal Verification Results
55.5 0554 5F2A Transaction Currency Code
55.6 ${__time(yyMMdd,)} 9A Transaction Date
55.7 01 9C Transaction Type
55.8 ${__RandomString(8,0123456789ABCDEF,)} 9F37 Unpredictable Number
55.9 5C00 82 Application Interchange Profile
55.10 ${ATC} 9F36 Application Transaction Counter
55.11 ${IAD} 9F10 Issuer Application Data

Provided a matching packager configuration like this:

      <isofieldpackager
          id="55"
          length="255"
          name="Integrated Circuit Card Related Data"
          class="org.jpos.iso.IFB_LLLHBINARY"
          packager="org.jpos.tlv.packager.bertlv.BERTLVBinaryPackager"
          emitBitmap="false"/>

ISO8583 Message Component

ISO8583 Message Component

This (optional) Configuration element may be used to define fields in the same way as for the ISO8583 Sampler. However, its fields will be applied to all samplers in scope, so it can be used for common data elements like dates and times.

Field Content Tag Comment
7 ${__time(MMddHHmmss,)} Transmission date & time
12 ${__time(HHmmss,)} Local transaction time
13 ${__time(MMdd,)} Local transaction date
15 ${__time(MMdd,)} Settlement date
16 ${__time(MMdd,)} Currency conversion date
17 ${__time(MMdd,)} Capture date

If any particular field number is present in the sampler as well as the Component, the one in the sampler takes precedence.

If a sampler has more than one Component in its scope, their fields will all be merged into the sampler, unless a field is already present in the sampler or a Component in a scope closer to the sampler.

In other words, inner fields take precedence over outer ones, with the sampler's fields themselves being the innermost ones.

ISO8583 Crypto PreProcessor

ISO8583 Crypto

This (optional) Preprocessor modifies a message, based on cryptographic calculations, before it is packaged and sent by the sampler.

This is necessary for some fields that can only be determined during runtime of the JMeter test, rather than being generated before the test, as they may depend on dynamic session keys or other, dynamic message fields.

Currently supported are the following operations:

  • PIN Block Encryption: Encrypts a clear PIN Block given a zone PIN key (ZPK) or base derivation key (BDK).
  • MAC Generation: Calculates the MAC (Message Authentication Code), given a session MAC key.
  • ARQC Generation: Calculates the Authorization Request Cryptogram (ARQC), given the ICC Master Key (IMKAC).

All keys need to be provided as clear (unencrypted) hex digits.

Any subset of these operations may be performed by leaving some or all of the other ones' inputs blank. For example, if no key is present for one of the operations, it will be skipped.

As the MAC depends on the entire message content, its calculation is the last to be done.

PIN Block Encryption

  • PIN Field Number (usually 52): A clear PIN Block in this field will be replaced with the encrypted one.
  • PIN Key (hex): Clear DES key to use as ZPK for zone PIN encryption (16, 32 or 48 hex digits), or Triple-DES key to use as BDK for DUKPT (32 hex digits).
  • KSN Field Number (usually 53): Empty for zone PIN encryption. Otherwise, for DUKPT encryption, the 16 hex digits in this field will be interpreted as the Key Serial Number (KSN).

The KSN scheme can be configured by changing the JMeter property jmeter.iso8583.ksnDescriptor. For example, its default "6-5-5" means bbbbbbdddddccccc will be partitioned into BDK ID bbbbbb, device ID ddddd, and transaction counter ccccc.

MAC Generation

  • MAC Algorithm: Cipher algorithm name for EDE or CBC MAC calculation (refer BouncyCastle specification)
  • MAC Key (hex): Clear Triple-DES key (32 or 48 hex digits), usually from a key exchange.
  • MAC Field Number: Can be used to force the MAC in a specific field. If left blank,
    the MAC field will be the next multiple of 64 from the last field in the message (e.g. 64, 128, 192).

ARQC Generation

  • EMV/ICC Data Field Number (usually 55): The ARQC input fields will be taken from subfields of this field (unless Transaction Data is specified below), and the calculated ARQC value will be added as an additional subfield (tag 9F26).

  • IMKAC (hex): Clear ICC Master Key for Application Cryptogram calculation.

  • Session Key Derivation Method: How to derive the UDK from the Master Key.

  • Primary Account Number (PAN): Input parameter for session key derivation.

  • Account Sequence Number: Input parameter for session key derivation (2 digits).

  • Transaction Data (hex): Input data for ARQC calculation (as byte sequence). If left blank, relevant fields will be automatically extracted from the ICC Data field.

    Which ICC subfields are to be included in the ARQC calculation can be configured (globally) by specifying the tags in the JMeter property jmeter.iso8583.arqcInputTags (default: 9F02,9F03,9F1A,95,5F2A,9A,9C,9F37,82,9F36,9F10). Missing ARQC input tags will be ignored, i.e. no validation is performed that all mandatory tags are present.

    Note: Changed behaviour! For v1.0 the data in this field is appended to the automatically extracted fields, whereas as of v1.1 data in this field overrides the extraction.

  • Padding (hex) (since v1.1): Padding bytes to append to transaction data before ARQC calculation (leave blank for zero-padding, 80 for ISO9797-1 Method 2).

Crypto Functions (since v1.1)

__calculateCVV

Example: ${__calculateCVV(${CVK}, ${PAN}, ${EXP}, 999, iCVV)}

Arguments:

  1. Combined CVV Keys (hex digits)
  2. Primary Account Number (PAN)
  3. Expiry date (yyMM)
  4. Service Code (3 digits)
  5. Name of variable in which to store the result (optional)

__calculateDESKeyCheckValue

Example: ${__calculateDESKeyCheckValue(${ZPK}, KCV)}

Arguments:

  1. Clear DES key for which to calculate the key check value (hex digits)
  2. Name of variable in which to store the result (optional)

__calculatePINBlock

Example: ${__calculatePINBlock(1234, 34, ${PAN}, PINBLOCK)}

Arguments:

  1. PIN

  2. PIN Block Format (as per jPOS API docs):

    Format Description
    1 adopted by ANSI (ANSI X9.8) and is one of two formats supported by the ISO (ISO 95641 - format 0).
    2 supports Douctel ATMs.
    3 Diebold Pin Block format.
    4 PIN block format adopted by the PLUS network.
    5 ISO 9564-1 Format 1 PIN Block.
    34 standard EMV PIN block format.
    35 required by Europay/MasterCard for their Pay Now & Pay Later products.
    41 Visa format for PIN change without using the current PIN.
    42 Visa format for PIN change using the current (old) PIN.
  3. Primary Account Number (PAN)

  4. Name of variable in which to store the result (optional)

__encryptDESKey

Example: ${__encryptDESKey(${ZPK}, ${KEK}, ZPK_under_KEK)}

Arguments:

  1. Clear DES key to be encrypted (hex digits)
  2. DES key for encrypting the clear key (hex digits)
  3. Name of variable in which to store the encrypted key (optional)

__generateDESKey

Example: ${__generateDESKey(192, ZPK)}

Arguments:

  1. Key length in bits (64, 128 or 192)
  2. Name of variable in which to store the result (optional)

Installation

Under tab "Available Plugins", select "ISO8583 Sampler", then click "Apply Changes and Restart JMeter".

Via Package from JMeter-Plugins.org

Extract the zip package into JMeter's lib directory, then restart JMeter.

Via Manual Download

  1. Copy the jmeter-iso8583 jar file into JMeter's lib/ext directory.
  2. Copy the following dependencies into JMeter's lib directory (and optionally remove older versions of any of those jar files):
  3. Restart JMeter.

Configuration

JMeter Properties

The following properties control the plugin behaviour:

  • jmeter.iso8583.q2DeployDir: Directory where Q2 looks for deployment files. Will be created if not there yet. (default: deploy subfolder from where JMeter was started).
  • jmeter.iso8583.q2StartupTimeout (ms): How long to wait until the Q2 component starts up (default: 2 seconds).
  • jmeter.iso8583.q2PackagerLogging (true/false; since v1.1): Whether to include Packager log information to the JMeter log output. This may be useful in DEBUG mode to troubleshoot Packager issues. (default: false).
  • jmeter.iso8583.incomingConnectionTimeout (ms): How long to wait for incoming connections when running in server-mode (default: 1 minute).
  • jmeter.iso8583.channelReconnectDelay (ms): May be used to override the Q2 Channel Adaptor default of 10 seconds.
  • jmeter.iso8583.arqcInputTags: Comma-separated list of hexadecimal EMV tag numbers that will be included in the ARQC calculation. This may be used to include additional (or exclude standard) tags (default: 9F02,9F03,9F1A,95,5F2A,9A,9C,9F37,82,9F36,9F10).
  • jmeter.iso8583.binaryFieldTags: Comma-separated list of hexadecimal tag numbers that will be interpreted as binary fields, in addition to binary EMV tags (default: none).
  • jmeter.iso8583.ksnDescriptor: Defines the Key Serial Number Scheme, i.e. the length (in hex digits) of the KSN parts: BDK ID (or KSI), Device ID (or TRSM ID), transaction counter (default: "6-5-5").

Limitations

  • Minimum JMeter version 4.0

Troubleshooting

Inspect the JMeter log, after increasing the log level to DEBUG, e.g. jmeter -Lnz.co.breakpoint.jmeter.iso8583=DEBUG.

About

ISO8583 Plugin for JMeter

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Java 100.0%