Command: GC (Generate Component). Can be used in online, offline or secure state.
Function: To generate a key component
and display it in plain and encrypted forms.
Refer to Key Type Table for Key types and restrictions on Generate, Export
and Import. The HSM must be in the Authorised state for some key types.
Inputs: Key length:
(1 - Single length, 2 - Double Length, 3 -Triple Length).
Key Type: See Key Type Table
Key Scheme: Key scheme for encrypting key under LMK; see Key Scheme Table
(Defaults: Key Length 1, Key Scheme 0, Key Length
2, Key Scheme U,
Key Length 3, Key Scheme T)
Outputs: Clear text key component:
16 Hex or 32 or 48 hexadecimal characters.
Key component encrypted under an appropriate variant of LMK:
16 Hex or 1 Alpha + 32 Hex or 1 Alpha + 48 Hex. Component check value;
formed by encrypting 64 binary zeros with the component and returning
the left-most 24 bits: 6 hexadecimal characters.
Errors: Invalid key type; re-enter: - the key type is invalid. See Key Type Table.
Invalid key scheme for key length - the Key scheme is inappropriate for Key length.
Invalid key scheme - an invalid key scheme is entered. See Key Scheme Table.
Internal
failure 12: function aborted - the contents of LMK storage have
been corrupted or erased. Do not continue. Inform the Security Department.
Example:
Online> GC <Return>
Enter Key length [1,2,3]: 1 <Return>
Enter Key Type: 001 <Return>
Enter Key Scheme: U <Return>
Clear Component: XXXX XXXX XXXX XXXX
Encrypted Component: U XXXX XXXX XXXX XXXX
Key check value: XXXXXX
Note: If the FK command is used to create a ZMK then Key type 100 should be used in GC