Need help on understanding parsing message from wire

Hi Guys,

I have this hex message

0040ef00880300049634804408004500
0090aad240003f069c5aOa8028f2cO00
00c9877fObdecd26478dOa67436c5018
cle8le61000030313030303830303832
32323030303030303031303030303034
30303030303030303030303030303037
31353133313032333133313032333030
30303033383030303030303030303030
30303030303030303030303030303030
3030303030303030303030333031


To understand this, I would normally check TCP header, TPDU size.
remove those 2 and find the MTI, followed with primary bitmap and
start copying the message from MTI till the end
and do something like this:

ISOMsg m1 = new ISOMsg();
m1.setPackager(new GenericPackager("iso87binary.xml"));
m1.unpack(ISOUtil.hex2byte(s1));
m1.dump(System.out, "");

problem is after removing the said TCP header and TPDU, the value
following is not MTI yet (was expecting to see 0800)

So how do I parse this kind of message.

Also on the printable ASCII side, The value seems more understandable
(can see the MTI, primary bitmap, etc). The value is something like
this

ASCII
.S1... .-4€D. .E.
• O.?.ceZ.C(ôA.
.: .!&G .gCIP.
Aè.a. .0100080082
2200000001000004
0000000000000007
1513102313102300
0003800000000000
0000000000000000
00000000000301


Btw, theres no TPDU header and 4 bytes TCP header
So guys, please advice.. how to parse this kind of hex message?

Thank you...



--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "jPOS Users" group.
To post to this group, send email to jpos-users@...
To unsubscribe from this group, send email to jpos-users-unsubscribe@...
For more options, visit this group at http://groups.google.com/group/jpos-users?hl=en
-~----------~----~----~----~------~----~------~--~---

JPractitioner wrote:
> I have this hex message
>  
Who did it come from? Rather than just ask the person owning the system that produced it for
their message specification?
> So how do I parse this kind of message.
>  
Ask the person or system that produced this message and sent it to you
how they built it and what you are meant to take from it and in what format.
> Also on the printable ASCII side, The value seems more understandable
> (can see the MTI, primary bitmap, etc). The value is something like
> this
>  
I'm not sure you know that the MTI and bitmap are there for sure, but if
you know it is an 0800 an ISO8583 format message, you are probably correct.

It looks like your have a length followed by a rather long header -
which seems to be fixed length (I can't see an obvious header length
field or terminator) - followed by a message.

If you have not interpreted the top set of bytes in presenting them
here, it looks like hexadecimal character (2 bytes per byte)
representing an ascii message.

Why have let a system connect to your system and send you a message
without agreeing what the messages sent in look like?  I don't
understand why you have arrived at this position?

Thinking about my comment about header termination and message start...

A stab in the dark...
you seem to have a two byte 'binary' '0040' length of message,
followed by a null ('0000') terminated header,
followed by a character length of message (30313030) = c'0100',
followed by the c'0800' ('30383030') message itself - including the 0800
to the end is 100 bytes.

But why guess?  Get the message specification from the message generator.

--
Mark


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "jPOS Users" group.
To post to this group, send email to jpos-users@...
To unsubscribe from this group, send email to jpos-users-unsubscribe@...
For more options, visit this group at http://groups.google.com/group/jpos-users?hl=en
-~----------~----~----~----~------~----~------~--~---

Thanks for the reply Mark.

There is a spec provided but the spec is describing the message it
self not the packaged value.


> > I have this hex message
>
> Who did it come from?
A party that provides networking for debit systems.

> Rather than just ask the person owning the system that produced it for
> their message specification?>
There is a spec provided but the spec is describing the message it
self not the packaged value.


> Ask the person or system that produced this message and sent it to you
> how they built it and what you are meant to take from it and in what format.>
How they bult it hmm..., I assume they use some software that they
have no control to know how the software writes the message on wire.
I am suppose to get a clear 0800 message

>
> I'm not sure you know that the MTI and bitmap are there for sure, but if
> you know it is an 0800 an ISO8583 format message, you are probably correct.
>

Yeah, i don't know neither... but they say it's a 0800

>I don't understand why you have arrived at this position?
hehe.. well it's like this, i am suppose to connect to them.. so in
order to pack the message, i need to understand how to unpack their
message.. so that's why

Anyway, I've learned from them that, I should only focus on the
printable ASCII. And also, if still wan't to read the hex, remove all
the 3s
So, I coppied the message from where all the 3s started (from 3031) ..
opened dreamweaver and replace all 3 with empty space.
I get this

01000800822200000001000004000000000000000715110211020000080000000000000000000000000000000000000001

That was more understandable.... but why do they have the 3-pading and
how do i come out with the long header (will ask them),
Hmm.. but any chance, you guys would answer first?

Thanks..
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "jPOS Users" group.
To post to this group, send email to jpos-users@...
To unsubscribe from this group, send email to jpos-users-unsubscribe@...
For more options, visit this group at http://groups.google.com/group/jpos-users?hl=en
-~----------~----~----~----~------~----~------~--~---

JPractitioner wrote: In my world...

As the owner of the interface into your system, you either need to:-

1. Define how you want the message to arrive from them
2. Ask them to define how they want to talk to you.

Both these options involve defining what the message will look like over
the wire, what ports and ip addresses and security will be used,
including lengths (format and size), headers (format, size content and
rules of reply), message body (format and structure and content).

>> Ask the person or system that produced this message and sent it to you
>> how they built it and what you are meant to take from it and in what format.>
> How they bult it hmm..., I assume they use some software that they
> have no control to know how the software writes the message on wire.
> I am suppose to get a clear 0800 message

I meant structurally built (content) than with what.
Neither you or I care if they hand build the messages using a team of
educated crickets instead of using code, as long as the follow or define
a structural specification we can work with them.

>
>> I'm not sure you know that the MTI and bitmap are there for sure, but if
>> you know it is an 0800 an ISO8583 format message, you are probably correct.
>>
>
> Yeah, i don't know neither... but they say it's a 0800
So someone working for them must also know what wrappers surround the
message and also what they expect you to send back to them and what is
echoed along with the 0810.

>
>> I don't understand why you have arrived at this position?
> hehe.. well it's like this, i am suppose to connect to them.. so in
> order to pack the message, i need to understand how to unpack their
> message.. so that's why
But why without any control around how?

>
> Anyway, I've learned from them that, I should only focus on the
> printable ASCII. And also, if still wan't to read the hex, remove all
> the 3s
The message is likely ASCII, the 3's are not added for fun, the are part
of the ASCII representation.
In this instance you are seeing (or describing) the hexadecimal detail
of the content.

c'30' is used to represent x'30' with is the byte value of an ASCII c'3'
c'31' is used to represent x'31' with is the byte value of an ASCII c'1'
.
. (indicates time passing)
.
c'39' is used to represent x'39' with is the byte value of an ASCII c'9'
c'61' is used to represent x'61' with is the byte value of an ASCII c'a'

Here I have used "c" to indicate character (ASCII here but it could be
other things) and "x" to indicate hexadecimal, fairly standard stuff.

So if I say the following is character encoded hexadecimal ASCII data:-
 
c'4869204A5072616374696f6e65722c20676c616420796f7520636f756c6420726561642074686873212121'

first convert to binary and then just read it.


> So, I coppied the message from where all the 3s started (from 3031) ..
> opened dreamweaver and replace all 3 with empty space.
> I get this
>
> 01000800822200000001000004000000000000000715110211020000080000000000000000000000000000000000000001
>
> That was more understandable.... but why do they have the 3-pading and
> how do i come out with the long header (will ask them),
> Hmm.. but any chance, you guys would answer first?
As above, the 3's are not padding, they are a fundamental part of the
data and not something to strip out!

I hope I beat them to it, it would be interesting to compare answers.


--
For the more observant amongst you - who read signatures - 'encrypted'
message reads:-

Hi JPractioner, glad you could read this!!!

Mark

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "jPOS Users" group.
To post to this group, send email to jpos-users@...
To unsubscribe from this group, send email to jpos-users-unsubscribe@...
For more options, visit this group at http://groups.google.com/group/jpos-users?hl=en
-~----------~----~----~----~------~----~------~--~---