Command: TD (Translate ED). Can be used in online, offline or secure state.
Function: To translate an encrypted decimalisation table from Encryption under old LMK to encryption under new LMK
Inputs: Encrypted Decimalisation table. This is the result of encrypting a decimalisation table using the ED command.
The HSM by default checks that the decimalisation table contains at least 8 different digits, with no digit repeated more than 4 times. This feature may be disabled using the Configure Security parameter “Enable decimalisation table check”. Disabling of this feature is not recommended.
Outputs: Encrypted decimalisation table (encrypted under the new LMK): 16 Hex characters.
Errors: NOT AUTHORISED. The HSM is not in the authorised state.
DECIMALISATION TABLE INVALID. Decimalisation table not all decimal or does not contain at least 8 different digits with no digit repeated more than 4 times.
MASTER KEY PARITY ERROR. The contents of the HSM storage have been corrupted or erased. Do not continue. Inform the security department.
NO LMK IN KEY CHANGE STORAGE. Key Change storage is empty.
Example:
Online – AUTH> TD <Return>
Enter decimalisation table encrypted under old LMK : AAAAAAAAAAAAAAAA <Return>
Decimalisation table encrypted under new LMK : BBBB BBBB BBBB BBBB