payShield 10K Installation and User Guide
©Thales Group
Page 314
All Rights Reserved
Delete 'Old' or 'New' LMK from Key Change Storage (DO)
Variant
Key Block
Online
Offline
Secure
Authorization:
Not required
Command:
DO
Function:
To delete a selected LMK from key change storage. This command may only
be used if an LMK is loaded in the corresponding location in main LMK
memory.
Authorization:
The HSM must be in the secure state to run this command.
Inputs:
•
LMK Identifier: 2 numeric digits.
Outputs:
•
Display of relevant entry from the key change storage table.
Errors:
•
Invalid LMK identifier - no LMK loaded or entered identifier out of range.
Example:
Secure>
DO
<Return>
Enter LMK id:
01
<Return>
Key change storage table entry:
ID Scheme Algorithm Status Check Comments
01 Variant 3DES(2key) Test ZZZZZZ Old test LMK for
XYZ Bank
Confirm LMK deletion [Y/N]:
Y
<Return>
LMK deleted from key change storage
Secure>