Generate an RSA Key Set

Command:

Generate an RSA key set.

Notes:

Depending on key size, the function may take several minutes to execute.

The HSM must be in the Authorised state.

If a Public Exponent is supplied in the command message, it must be an odd value (i.e. the least-significant bit must be 1). If an even Public Exponent is supplied, an error code is returned.

Field	Length & Type	Details
COMMAND MESSAGE
Message Header	m A	(Subsequently returned to the Host unchanged).
Command Code	2 A	Value EI.
Key type	1 N	Key type indicator: 0 : Signature only 1 : Key management only 2 : Both signature and key management
Key length	4 N	Modulus length in bits. Minimum 0320, maximum 2048 for all key types.
Public key encoding	2 N	Encoding rules for public key (must allow public key length to be inferred).
Public exponent length	4 N	Optional. Must be present if a public exponent is supplied. Indicates the length (in bits) of the public exponent.
Public exponent	n B	Optional. Must be an odd value. If not supplied, a default exponent of 65537 is assumed.
End message delimiter	1 C	Optional. Must be present if a message trailer is present. Value X’19.
Message trailer	n A	Optional. Maximum length 32 characters.

Field	Length & Type	Details
RESPONSE MESSAGE
Message header	n A	Returned to the Host unchanged.
Response code	2 A	Value EJ.
Error code	2 N	00 : No errors 03 : Invalid public key encoding type 04 : Length error 05 : Invalid key type 06 : Public exponent length error 08 : Supplied public exponent is even 13 : LMK error; report to supervisor 15 : Error in input data 17 : Not in Authorized state 47 : DSP error; report to supervisor
Public key	n B	Public key, encoded appropriately.
Secret key length	4 N	Length (in bytes) of the next field.
Secret key	n B	Secret key, encrypted under LMK pair 34-35.
End message delimiter	1 C	Present only if present in the command message. Value X’19.
Message trailer	n A	Present only if present in the command message. Maximum length 32 characters.