Scribd
Upload
5K views2 pages

HSM Commands

The document lists THALES HSM commands for generating and translating cryptographic keys, performing PIN operations, generating MACs, diagnostics, and other cryptographic functions. Commands include generating and translating keys like TMKs, TPKs, ZMKs, and PVKs; translating PIN blocks with different encryption schemes; generating check values, MACs, and random numbers; and loading/verifying data. The document provides a concise reference to the commands available in THALES HSM systems.

Uploaded by

Waqas Javed
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
5K views2 pages

HSM Commands

The document lists THALES HSM commands for generating and translating cryptographic keys, performing PIN operations, generating MACs, diagnostics, and other cryptographic functions. Commands include generating and translating keys like TMKs, TPKs, ZMKs, and PVKs; translating PIN blocks with different encryption schemes; generating check values, MACs, and random numbers; and loading/verifying data. The document provides a concise reference to the commands available in THALES HSM systems.

Uploaded by

Waqas Javed
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

THALes HSM COMMANDS

*A0 - Generate Key


*A2 - Generate and print a component
*A4 - Form key from encrypted components
*A6 - Import key
*A8 - Export key
*AE - Translate a TMK, TPK or PVK from LMK to TMP, TPK or PVK encryption
*AG - Translate a TAK from LMK to TMK encryption
*AS - Generate a VISA CVK pair
*AU - Translate a CVK pair from ZMK to LMK encryption
*AW - Translate a CVK pair from LMK to ZMK encryption
*B0 - Translate key scheme
*BQ - Translate a PIN from VISA to Racal encryption
*BU - Generate check value
*BY - Translate a ZMK from ZMK to LMK encryption
*CA - Translate a PIN block from TPK to ZPK encryption
*CC - Translate a PIN block from one ZPK to another
*CW - Generate a VISA CVV
*CY - Verify a VISA CVV
*DC - Verify a terminal PIN using the VISA algorithm
*DG - Generate a VISA PVV
*EC - Verify an interchange PIN using the VISA algorithm
*FA - Translate a ZPK from ZMK to LMK encryption
*FC - Translate a TMK, TPK or PVK from ZMK to LMK encryption
*FE - Translate a TMK, TPK or PVK from LMK to ZMK encryption
*FG - Generate a pair of random PVKs
*FI - Generate a ZEK or ZAK
*FK - Translate a ZEK or ZAK from ZMK to LMK encryption
*FM - Translate a ZEK or ZAK from LMK to ZMK encryption
*GC - Translate a ZPK from LMK to ZMK encryption
*GG - Form ZMK from three components
*GY - Form ZMK from two to nine components
*HA - Generate a TAK
*HC - Generate a TMK, TPK or PVK
*IA - Generate a ZPK
*JA - Generate a random PIN
*JC - Translate a PIN from TPK to LMK encryption
*JE - Translate a PIN from ZPK to LMK encryption
*JG - Translate a PIN from LMK to ZPK encryption
*KA - Generate check value
*LG - Set HSM delay (since this is a TCP simulator, this command has no effect)
*LI - Load PIN text string (the implementation performs no processing)

Waqas Javed javed.waqas@ubl.com.pk

Create PDF files without this message by purchasing novaPDF printer (http://www.novapdf.com)
*MA - Generate a MAC
*MC - Verify a MAC
*ME - Verify and translate a MAC
*MG - Translate a TAK from LMK to ZMK encryption
*MI - Translate a TAK from ZMK to LMK encryption
*MQ - Generate MAC/MAB for large message
*NC - Perform HSM diagnostics (return value of firmware number is configurable)
*NE - Generate and print split components
*NO - HSM status (I/O buffer size, type of Ethernet connection and DSP presence are fixed (hard
coded). Other values are configurable)
*OA - Print solicitation mailer (the implementation performs no processing)
*OC - Generate and print ZMK component
*OE - Generate and print a random TMK, TPK or PVK
*PA - Load formatting data (the implementation performs no processing)
*PC - Load additional formatting data (the implementation performs no processing)
*PE - Verify PIN solicitation data (the implementation performs no processing)
*PG - Verify PIN solicitation mailer cryptography (the implementation performs no processing)
*RA - Cancel the authorization state
*RC - Verify solicitation mailer cryptography (the implementation performs no processing)

Waqas Javed javed.waqas@ubl.com.pk

Create PDF files without this message by purchasing novaPDF printer (http://www.novapdf.com)

You might also like