Command: CK (Generate KCV). Can be used in online, offline or secure state.
Function: To generate a key check value (KCV) for a key encrypted under a specified LMK pair.
Inputs: Encrypted key (under the relevant LMK pair):
· Single-length key: 16 hexadecimal characters.
· Double-length key: 32 hex characters or 1 alpha + 32 hex characters.
· Triple-length key: 1 alpha + 48 hex
Key-Type: a code indicating the type of key that is to be input, 3 decimal digits. See Key Type Table.
Outputs: The check value: 16 hexadecimal characters.
Errors: Data invalid; please re-enter: - incorrect number of characters.
Key parity error; re-enter key: - the entered key does not have odd parity on each byte. Re-enter the complete line (key and Key-Type code) and check for typographic errors.
Invalid key type; re-enter: - the key type is invalid. See Key Type Table.
Internal failure 12: function aborted - the contents of LMK storage have been corrupted or erased. Do not continue. Inform the Security Department.
Example:
Online> CK <Return>
Enter key type code: NNN <Return>
Enter key length flag [S/D/T]: S <Return>
or
D <Return>
or
T <Return>
Enter encrypted key: XXXX XXXX XXXX XXXX <Return>
or
YYYY YYYY YYYY YYYY YYYY YYYY YYYY YYYY <Return>
or
T YYYY YYYY YYYY YYYY YYYY YYYY YYYY YYYY YYYY YYYY YYYY YYYY
(as applicable)
Key check value: ZZZZ ZZZZ ZZZZ ZZZZ