Translate a HMAC Key from Old LMK to New LMK

Command:

Translate an HMAC Key from encryption under the old LMK pair 34-35 variant 1, held in key change storage, to encryption under a new LMK pair 34-35 variant 1.

Notes:

Use of this command requires the optional User Authentication licence. Error code 67 will be returned if the command is not licenced.

This command can also be used to change the format of the stored HMAC Key block. Currently, only format 00 is supported.

Field	Length & Type	Details
COMMAND MESSAGE
Message header	m A	(Subsequently returned to the Host unchanged)
Command Code	2 A	Value "LY"
Input HMAC Key Block Format	2 N	Defines the format of the input key block. Currently only format 00 is supported · 00 = format
Output HMAC Key Block Format	2 N	Defines the format of the output key block. Currently only format 00 is supported · 00 = format
HMAC Key Block Length	4 N	Length (in bytes) of the next field.
HMAC Key Block	n B	The HMAC Key, encrypted under the old LMK pair 34-35 variant 1, held in key change storage
End message delimiter	1 C	Optional. Must be present if a message trailer is present. Value X’19.
Message trailer	n A	Optional. Maximum length 32 characters.

Field	Length & Type	Details
RESPONSE MESSAGE
Message header	m A	Returned to the Host unchanged.
Response code	2 A	Value "LZ"
Error code	2 N	00 : No error 03 : Invalid Output Key Block Format 07 : Invalid Input Key Block Format 08 : HMAC Key Block error 12 : No keys loaded in user storage 13 : LMK error; report to supervisor 15 : Error in input data 21 : Invalid user storage index 47 : DSP error; report to supervisor 80 : HMAC Key Block Length error
HMAC Key Block Length	4 N	Length (in bytes) of the next field.
HMAC Key Block	n B	The HMAC Key, encrypted under the new LMK pair 34-35 variant 1
End message delimiter	1 C	Present only if supplied in the command message. Value X’19.
Message trailer	n A	Present only if present in the command message. Maximum length 32 characters.