payShield 10K Installation and User Guide
©Thales Group
Page 357
All Rights Reserved
Generate Key Component (GC)
Variant
Key Block
Online
Offline
Secure
Authorization:
Required
Activity:
component.{key}.console
Command:
GC
Function:
To generate a key component and display it in plain and encrypted forms.
Variant LMK
Key Block LMK
Authorization:
The HSM must be in the Authorized
State, or the activity
component.{key}.console
must be
authorized, where 'key' is the key
type code of the key component
being generated.
The HSM must be in the Authorized
State, or the activity
component.{key}.console
must be
authorized, where 'key' is the key
usage code of the key component
being generated.
Inputs:
•
LMK Identifier: 00-99.
•
Key Length: 1 (single), 2 (double),
3 (triple).
•
Key Type: See the Key Type
Table in the
Host Programmer's
Manual
.
•
Key Scheme:
•
LMK Identifier: 00-99.
•
Key Algorithm (if AES LMK): 3DES
or AES
•
Key Length: Single/Double/Triple
length DES key or (if AES LMK)
128/192/256-bit AES key.
•
Key Scheme:
•
Key Usage: See the Key Usage
Table in the
Host Programmer's
Manual
.
•
Mode of Use: See the Mode of Use
Table in the
Host Programmer's
Manual
.
•
Component Number: 1-9.
•
Exportability: See the Exportability
Table in the
Host Programmer's
Manual
.
•
Optional Block data.
Outputs:
•
Clear text key component.
•
Key component encrypted under
an appropriate variant of the
selected LMK.
•
Component check value.
•
Clear text key component.
•
Key Block containing the
component encrypted under the
selected LMK.
•
Component check value.