|
Command: |
Verify a MAC. If the key is single length use ANSI X9.9 MAC generation or if the key is double length use ANSI X9.19 MAC generation. |
|
Notes: |
The value n given for Data is the recommended maximum value; it can be increased toward 2047 (1023 for SNA-SDLC systems) with consideration for the overall buffer size compared to the size of the complete HSM command message. |
|
Field |
Length & Type |
Details |
|
COMMAND MESSAGE |
||
|
Message header |
m A |
(Subsequently returned to the Host unchanged). |
|
Command code |
2 A |
Value MC. |
|
TAK |
16H or 1A+32H or 1A+48H |
TAK encrypted under LMK pair 16-17. |
|
MAC |
8 H |
The MAC to be verified. |
|
Data |
0 - n |
The data on which the MAC to be verified was calculated, n = 1024 (512 for SNA-SDLC systems). |
|
End message delimiter |
1 C |
Optional. Must be present if a message trailer is present. Value X’19. |
|
Message trailer |
n A |
Optional. Maximum length 32 characters. |
|
RESPONSE MESSAGE |
||
|
Message header |
m A |
Returned to the Host unchanged. |
|
Response code |
2 A |
Value MD. |
|
Error code |
2 N |
00 : No errors 01 : MAC verification failure 10 : TAK parity error 12 : No keys loaded in user storage 13 : LMK error; report to supervisor 15 : Error in input data 21 : Invalid user storage index 27 : TAK not single length |
|
End message delimiter |
1 C |
Present only if present in the command message. Value X’19. |
|
Message trailer |
n A |
Present only if present in the command message. Maximum length 32 characters. |