|
Command: |
Generate a MAC on an uncertified public key, using LMK pair 36-37. |
|
Notes: |
The function can be used, for example, to protect a certification authority public key. The HSM must be in the Authorised state. |
Field |
Length & Type |
Details | |
|
COMMAND MESSAGE |
|||
|
Message header |
m A |
(Subsequently returned to the Host unchanged). |
|
|
Command code |
2 A |
Value EO. |
|
|
Public key encoding |
2 N |
Encoding rules for the supplied public key (must allow the public key length to be inferred). 01: DER encoding for ASN.1 Public Key. INTEGER uses unsigned representation. 02: DER encoding for ASN.1 Public Key. INTEGER uses 2’s complement representation. |
|
|
Public key |
n B |
Public key. |
|
|
Authentication data |
n A |
Optional. Additional data to be included in the MAC calculation (must not include “;”). |
|
|
End message delimiter |
1 C |
Optional. Must be present if a message trailer is present. Value X’19. |
|
|
Message trailer |
n A |
Optional. Maximum length 32 characters. |
|
|
RESPONSE MESSAGE |
|||
|
Message header |
n A |
Returned to the Host unchanged. |
|
|
Response code |
2 A |
Value EP. |
|
|
Error code |
2 N |
00 : No error 03 : Invalid public key encoding type 04 : Public key does not conform to encoding rules 13 : LMK error; report to supervisor 15 : Error in input data 17 : Not in Authorized state |
|
|
MAC |
4 B |
MAC on the public key and authentication data, calculated using LMK pair 36-37. |
|
|
Public key |
n B |
Public key, DER encoded in ASN. 1 format (sequence of modulus, exponent). |
|
|
End message delimiter |
1 C |
Present only if present in the command message. Value X’19. |
|
|
Message trailer |
n A |
Present only if present in the command message. Maximum length 32 characters. |
|
|
|
|
|
|