|
Command: |
Load a secret key (encrypted using LMK pair 34-35) into the HSM's tamper- protected memory. |
|
Notes: |
It is the responsibility of the Host application to ensure that a previously-loaded secret key is not accidentally overwritten by this command. |
|
Field |
Length & Type |
Details | |
|
COMMAND MESSAGE |
|||
|
Message header |
m A |
(Subsequently returned to the Host unchanged). |
|
|
Command code |
2 A |
Value EK. |
|
|
Key index |
2 N |
Index number for secret key to be stored (used if multiple storage of keys is required). Standard HSM: must be set to 00. High-Speed HSM: can be 00 to 20. |
|
|
Secret key length |
4 N |
Length (in bytes) of the next field. |
|
|
Secret key |
n B |
Secret key, encrypted under LMK pair 34-35. |
|
|
End message delimiter |
1 C |
Optional. Must be present if a message trailer is present. Value X’19. |
|
|
Message trailer |
n A |
Optional. Maximum length 32 characters. |
|
|
RESPONSE MESSAGE |
|||
|
Message header |
n A |
Returned to the Host unchanged. |
|
|
Response code |
2 A |
Value EL. |
|
|
Error code |
2 N |
00 : No error 03 : Invalid key index 04 : Insufficient memory for secret key storage 13 : LMK error; report to supervisor 15 : Error in input data 49 : Secret key error; report to supervisor 78 : Secret key length error |
|
|
End message delimiter |
1 C |
Present only if present in the command message. Value X’19. |
|
|
Message trailer |
n A |
Present only if present in the command message. Maximum length 32 characters. |
|
|
|
|
|
|