Command: DG (Generate BDK). Can be used in online, offline or secure state.
Function: To generate a random *BDK, displaying it encrypted under the LMK pair and under a *ZMK, and a *BDK check value. Equivalent to Host BI command
Notes: The command also prompts for a variant. If the recipient requires a variant to the *ZMK, enter the appropriate variant number.
Inputs: *ZMK
encrypted under LMK pair 04-05 (generated by the DE command): 32 hexadecimal
characters.
*ZMK variant (or <Return> to ignore). (The command ignores the setting of
the Atalla ZMK variant support parameter entered in the CS (Configure Security)
command).
*ZMK key check value (generated by the DE command) or the value generated by
the Console CK command or Host BU command.
Outputs: *BDK
encrypted under the *ZMK: 32 hexadecimal characters.
*BDK encrypted under LMK pair 28-29: 32 hexadecimal characters.
*BDK check value.
Errors: Data invalid; please re-enter: - the encrypted *ZMK does not contain 32 hexadecimal characters or the key check value does not contain 8 hexadecimal characters. Re-enter the correct number of hexadecimal characters.
Key parity error; please re-enter: - the entered *ZMK does not have odd parity on each byte. Re-enter the encrypted *ZMK and check for typographic errors.
Check failed; re-enter check value or abort - the *ZMK check key value is not correct. Re-enter the correct check value.
Internal failure 12: function aborted - the contents of LMK storage have been corrupted or erased. Do not continue. Inform the Security Department.
Example:
Online> DG <Return>
Enter encrypted *ZMK: XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX <Return>
Enter *ZMK variant: X <Return>
Enter *ZMK check value: XXXX XXXX <Return>
*BDK encrypted for transmission: XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX
*BDK encrypted under LMK: XXXX XXXX XXXX XXXX XXXX XXXX XXXX XXXX
Key check value: XXXX XXXX